OK, I'm ready to take my mailing list beating... I looked through the old list postings and found similar questions and some answers, but could not spot the information I was looking for.
In my implementation of NTOP, I am watching all traffic going out of our corporate firewall. NTOP seems to capture most DNS requests that traverse the firewall. That is working fine. What I'm having a problem with is that I have hundreds of internal machines that generate traffic to the external world, but have no cause to have their own IP address resolved by any traffic I can sniff. I am starting NTOP with the following: ntop -d -u ntop -i eth0,eth1 -M -o -m 10.0.0.0/8 -p /etc/protocols.ntop -P /tmp and have all of my subnets broken down into 24 bit masks. i.e 10.12.54.x, 10.12.44.x etc... I am using today's CVS pull, but have had this "problem" for a very long time. I there a way I can specify what address to aggressively do reverse name resolution on or simply to have NTOP actively resolve all IP addresses, thus more completely populating my internal machine addresses with names? -- J. Eric Josephson Director of Network and System Operations 978-720-2159 mailto:[EMAIL PROTECTED] _______________________________________________ Ntop-dev mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
