Text only | Text with Images

OPNsense Forum

Archive => 21.7 Legacy Series => Topic started by: schuc on November 08, 2021, 02:23:28 AM

Title: GEOIP Google Maps
Post by: schuc on November 08, 2021, 02:23:28 AM
This is on a Protectli FW4B running OpnSense 21.7.4 and Suricata 6.0.3_3.

I would like to see a Google map of connections between OpnSense systems and remote locations.  From what I have read, this cannot be done within OpnSense itself, but it can be done in the ntopng package added into OpnSense.  I have already created the Maxmind key and set that up as an alias in OpnSense in case that comes into play.

I have installed the ntopng package and it appears to be working fine except for showing any kind of a google map for connections.  In ntopng if igb1(LAN) is selected, then a 'Maps' menu appears and the only item in it is 'Hosts'.  If System is selected, there is no Maps menu on the left.

Shouldn't Maps->Hosts show a Google Map with connection lines so I can see which countries there are connections with?

Thanks for any guidance on how to get Google Maps setup to show connection maps.

(https://i.postimg.cc/8fFJrLxz/trash7.jpg) (https://postimg.cc/8fFJrLxz)
Title: Re: GEOIP Google Maps
Post by: benyamin on November 08, 2021, 10:14:09 AM
Does this (https://forum.opnsense.org/index.php?topic=17077.msg103873#msg103873) help...?
Title: Re: GEOIP Google Maps
Post by: schuc on November 08, 2021, 07:25:27 PM
Quote from: benyamin on November 08, 2021, 10:14:09 AM
Does this (https://forum.opnsense.org/index.php?topic=17077.msg103873#msg103873) help...?

Thanks for your reply @benyamin.  Looking at that thread, there is a link to https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md and the first step says:
QuoteInstall package ntopng-data which pulls in MaxMind downloader geoipupdate as dependency

I do not have 'ntopng-data' in my package list in OpnSense.  Do you see that as an available package in your list?

Even though the package is missing from my OpnSense list, I tried to bring the files over manually.  I am not able to curl the files in for some reason.  I am logged into a local admin account and using sudo says I'm not in the sudo list. 
Title: Re: GEOIP Google Maps
Post by: benyamin on November 08, 2021, 11:12:10 PM
If you look at this part (https://github.com/ntop/ntopng/blob/dev/doc/README.geolocation.md#using-geolocation-when-ntopng-data-is-not-available) of the readme, it says to manually download the files from your MaxMind account page.

It says to grab ASN and City, but I note the OPNsense post says to grab Country too.

Just do that on a PC then use SFTP, SCP, or similar to copy them to OPNsense.

If you cannot sudo then check Sudo settings at System: Settings: Administration > Authentication or maybe consider adding your user to the wheel group.
Text only | Text with Images