Re: [Nfsen-discuss] nfdump not showing correct time

Wed, 16 Dec 2009 12:14:46 -0800 

Hi,

Thank you for the reply Peter.

I got 1.5.7-nsel to build, but no change, still see bad dates from
nfdump. The build does use "gcc -DNSEL_FEATURE_FLAG ...". I have
verified multiple times that the 1.5 versions have replaced the 1.6
versions everywhere. I have completely removed nfsen and reinstalled to
erase all data (did not rebuild nfsen).

What is this NSELTracker plug-in you mention in your original post? I
can't find it anywhere to build it. Is it required?

> Is your ASA box set to the correct time?

Yes. The ASA and nfsen machine all have the correct date, time, and
timezone. nfdump always reports a date of 2009-10-29 03:28:57. Only the
fraction of a second seems to change. 

I have made a capture file available, maybe you can use it to see where
the problem is. Does your nfdump get the correct date from the file? Is
it a 1.5.7 file or a 1.6 file?
        http://download.nemetschek.net/mis/daveb/nfcapd.zip

I really do appreciate your help.

The ASA is running 8.2.1. Here is a sample line and some proof that it's
your 1.5.7:

Date first seen          Duration Proto          IP Addr    Flows
Packets    Bytes      pps      bps   bpp
2009-10-29 03:28:57.786     0.964 any        192.168.0.5      374
5696    38374     5908   318456     6

nfdump: Version: 1.5.7 $LastChangedDate: 2008-02-21 10:50:02 +0100 (Thu,
21 Feb 2008) $
$Id: nfdump.c 98 2008-02-22 09:13:12Z peter $

nfcapd: Version: 1.5.7 $LastChangedDate: 2008-02-21 10:50:02 +0100 (Thu,
21 Feb 2008) $
$Id: nfcapd.c 97 2008-02-21 09:50:02Z peter $

nfprofile: Version: 1.5.7 $LastChangedDate: 2008-02-21 10:50:02 +0100
(Thu, 21 Feb 2008) $
$Id: nfprofile.c 98 2008-02-22 09:13:12Z peter $

David Bowman | MIS Director | Nemetschek North America


------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
Nfsen-discuss mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss

Reply via email to