Hello, I am still fighting with nProbe in terms of exporting AS numbers of flows. If I use files from maxmind site I get no AS number for IPv6, because it complains that I am missing "GeoIP Organization Edition". I looked trough sources of nprobe and in util.c there is something that this edition is required.
So I tried different approach and created a files asn.dat: 15169:1.0.0.0/24 56203:1.0.4.0/24 56203:1.0.4.0/22 [...] and asnv6.dat: 25192:2001::/32 2500:2001:200::/32 7660:2001:200:900::/40 [...] Pulled from my BGP router and parsed with some python scripts. They are in format as described in nProbe documentation: -A: AS file Network probes are usually installed on systems where the routing information is available (e.g. via BGP) in order to specify the AS (Autonomous System) id of the flow peer. As nProbe has no access to BGP information unless you enable the BGP plugin, users need to provide this information by means of a static file whose format is <AS>:<network>. The file can be stored in both plain text and gzip format And nProbe shows: 08/Apr/2013 20:01:08 [util.c:298] GeoIP: loaded AS config file /usr/local/nprobe/asn.dat 08/Apr/2013 20:01:08 [util.c:307] GeoIP: loaded AS IPv6 config file /usr/local/nprobe/asnv6.dat So it seems fine. But now I get 0 as ASn both for IPv4 and IPv6. So what am I doing wrong? Is something missing in documentation? Or the only way is to use BGP plugin? :) Or maybe my libgeoip is too old - it is version 1.4.7~beta6+dfsg-1. Please help. Thanks -- Michał Margula, [email protected], http://alchemyx.uznam.net.pl/ "W życiu piękne są tylko chwile" [Ryszard Riedel] _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
