Ok that’s why you are not getting timestamps, you are not capturing from a device, in this case you should add -S <core> to zbalance_ipc in order to generate timestamps.
Alfredo > On 10 Mar 2015, at 15:51, Jim Hranicky <[email protected]> wrote: > > Signed PGP part > /opt/pf/bin/snort -D -i zc:44@0 --daq-dir=/opt/pf/lib/daq \ > --daq-var clusterid=44 --daq-var bindcpu=6 --daq pfring_zc \ > -c /etc/snort/snort.conf -l /var/log/snort1 -R 1 > > Jim > > On 03/10/2015 09:51 AM, Alfredo Cardigliano wrote: > > Can I see the command line you are using? > > > > Alfredo > > > >> On 10 Mar 2015, at 14:09, Jim Hranicky <[email protected]> wrote: > >> > >> Signed PGP part From what I can tell it's the latest version: > >> > >> % cd > >> /usr/local/src/pfring-svn-2015-03-08/PF_RING/userland/snort/pfring-daq-module-zc > >> > >> > % openssl md5 .libs/daq_pfring_zc.so /opt/pf/lib/daq/daq_pfring_zc.so > >> MD5(.libs/daq_pfring_zc.so)= 17d3cfda4654454298eb7a11839cd62d > >> MD5(/opt/pf/lib/daq/daq_pfring_zc.so)= > >> 17d3cfda4654454298eb7a11839cd62d > >> > >> % svn log > >> ------------------------------------------------------------------------ > >> > >> > r9059 | cardigliano | 2015-03-08 12:29:13 -0400 (Sun, 08 Mar 2015) | 1 line > >> > >> force sw timestamp > >> > >> Jim > >> > >> > >> On 03/10/2015 04:32 AM, Alfredo Cardigliano wrote: > >>> The daq does not depend on a specific pf_ring version, thus no > >>> log in case. > >>> > >>> Alfredo > >>> > >>>> On 10 Mar 2015, at 04:36, Jim Hranicky <[email protected]> wrote: > >>>> > >>>> Signed PGP part I did, or at least I think I did. It would be > >>>> griping at me in the logs if the versions were mismatched, > >>>> right? > >>>> > >>>> Jim > >>>> > >>>> On 03/09/2015 06:53 PM, Alfredo Cardigliano wrote: > >>>>> Hi Jim did you update, recompile, reinstall both libraries > >>>>> and daq-zc? > >> > >> _______________________________________________ Ntop-misc mailing > >> list [email protected] > >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > > > > > > > > _______________________________________________ Ntop-misc mailing > > list [email protected] > > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
