[Ntop-misc] probe mode and collector mode problem

심병렬 Tue, 06 Sep 2011 05:37:24 -0700

I try to collect a flow data on the collector server. But I couldn't.

I used this command.


<probe mode>
sudo ./nprobe -n 168.111.46.135:2055 -i eth0 -t 30 -d 15 -V 10 -T
"%IPV4_SRC_ADDR %IPV4_DST_ADDR %FLOW_ID %HTTP_URL"

<collector mode>
sudo ./nprobe --nf-collector-port 2055 -P ../flowdata/

when I have used this command, these flows saved in the folder. just saved
flow lable, no data.

IPV4_SRC_ADDR|IPV4_DST_ADDR|IPV4_NEXT_HOP|INPUT_SNMP|OUTPUT_SNMP|OUT_PKTS|OUT_BYTES
|FIRST_SWITCHED|LAST_SWITCHED|L4_SRC_PORT|L4_DST_PORT|TCP_FLAGS|PROTOCOL|SRC_TOS
|SRC_AS|DST_AS|SRC_MASK|DST_MASK



second, I try this command.
<collector mode>
sudo ./nprobe --nf-collector-port 2055 -P ../flowdata/ -V 10 -T
"%IPV4_SRC_ADDR %IPV4_DST_ADDR %FLOW_ID %HTTP_URL"

and, result is below.
IPV4_SRC_ADDR|IPV4_DST_ADDR|FLOW_ID|HTTP_URL
(no data, just flow lable saved)



So. I checked packet but I think that packet data has no problem.

......
......
Flow 8
    SrcAddr: 58.227.194.122 (58.227.194.122)
    DstAddr: 168.111.46.130 (168.188.46.130)
    (Navini Networks) Type 8382
    (Navini Networks) Type 8372  -->  /20110308_15/pezigogu_1299555827
(maybe HTTP_URL data..)
.......
.......



How can I get the flow data on the collector server.

Please let me know.

Thanks!

_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc

[Ntop-misc] probe mode and collector mode problem

Reply via email to