flow-capture daemonizes itself by default. Check your process table
for the flow-capture process:
xenith:~ alexs$ sudo flow-capture -w flows 0/0/2056
xenith:~ alexs$ ps -ax |grep flow
19580 ?? Ss 0:00.00 flow-capture -w flows 0/0/2056
Use the -D flag if you want flow-capture to run in the foreground
(this is not very well documented, sorry).
That setsocketopt message is a red herring, it's just a report of
some housekeeping data about the UDP socket it received from the
operating system.
You could then run the flow-* utilities on the flow files that were
captured and saved to your working directory (look for files starting
with ft-v*, dumped every 15 minutes, or on intervals specified with
the -n flag).
HTH,
alex
On Apr 3, 2006, at 10:37 PM, Matthew Heineke wrote:
I checked /var/log/messages
Apr 4 00:30:34 cumbia flow-capture[25701]: setsockopt(size=4194304)
I changed the port number to something random and not 80, that got rid
of a binding error (duh).
any ideas on the setsockopt problem?
On Tue, 2006-04-04 at 00:08 -0500, Matthew Heineke wrote:
Hi I'm a student doing research with Netflow data exported from
one of
Vanderbilt Universities subnets.
I installed flow-tools from yum, on FC4.
I've read the man pages and I'm getting started with capturing data.
I want to capture data from any of the various routers we have
configured to export to my server.
I run this simple command :
bash-3.00# flow-capture -w /home/heinekms/flows 0/0/80
bash-3.00#
As you can see it went back to the bash prompt immediately.
flow-capture will complain if I don't provide a working directory
or the
localip/remoteip/port. But it exits with amiable parameters. I'm not
sure what my problem is.
_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools
_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools
_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools
