On 01/04/2015 20:21, Rahul Jain wrote:
Hi Arianna/all,
Hi Rahul,
I download the latest ntopng (v.1.99.150401). I can see active flows now. But still no top talkers and the active flow duration is reported incorrectly. Flow duration under active flows tab is 136 years 70 days 6h. I verified the export under Wireshark, and it decodes the duration correctly. Also, I see, few errors under ntopng, 01/Apr/2015 11:09:15 [Geolocation.cpp:59] WARNING: Unable to read GeoIP database /home/auto/ntop_sw/ntopng/httpdocs/geoip/GeoIPASNumv6.dat Error Opening file /home/auto/ntop_sw/ntopng/httpdocs/geoip/GeoLiteCity.dat 01/Apr/2015 11:09:15 [Geolocation.cpp:59] WARNING: Unable to read GeoIP database /home/auto/ntop_sw/ntopng/httpdocs/geoip/GeoLiteCity.dat Error Opening file /home/auto/ntop_sw/ntopng/httpdocs/geoip/GeoLiteCityv6.dat 01/Apr/2015 11:09:47 [Lua.cpp:4515] WARNING: Script failure [/home/auto/ntop_sw/ntopng/scripts/lua/iface_flows_sankey.lua][...e/auto/ntop_sw/ntopng/scripts/lua/iface_flows_sankey.lua:115: attempt to compare number with nil]
Thanks for trying the latest version. Have you used Biflow also for these tests as you mentioned in the other e-mail?
Could you please post your configuration? Thank you, Arianna
Thanks Rahul On Wed, Apr 1, 2015 at 1:39 AM, Arianna Avanzini <[email protected] <mailto:[email protected]>> wrote: On 01/04/2015 04:32, Rahul Jain wrote: Hi, Hi Rahul, I am evaluating nprobe + ntopng as IPFIX collector. I have a router exporting IPFIX flows and I don't see any active flows, or top talkers on the ntopng GUI. I am running nprobe and ntopng on my Ubuntu server and my configuration is, nprobe --zmq "tcp://*:5556" -i none -n none -b 2 -3 2055 ntopng -i tcp://127.0.0.1:5556 <http://127.0.0.1:5556> <http://127.0.0.1:5556/> -d /var/tmp I am using nprobe v.7.0.141208 and ntopng v.1.2.2 Issues, a) No active flows seen. Some times active flows is seen but the duration of the flow is reported incorrectly, ~46 yrs. b) No top talker c) Host first seen is reported incorrectly. First seen at @2106 yr These bugs look like some that were recently fixed. Could you please try the latest SVN or nightly and report back to tell us if they stil occur? Thank you, Arianna Template exported: flowStartSeconds flowEndSeconds IP_SRC_ADDR IP_DST_ADDR PROTOCOL L4_SRC_PORT L4_DST_PORT PACKETS_TOTAL BYTES_TOTAL Please let me know, if I am missing any configuration or its a bug/known issue. Thanks Rahul _________________________________________________ Ntop-misc mailing list [email protected] <mailto:[email protected]> http://listgateway.unipi.it/__mailman/listinfo/ntop-misc <http://listgateway.unipi.it/mailman/listinfo/ntop-misc> -- /* * Arianna Avanzini * [email protected] <mailto:[email protected]> * http://ava.webhop.me */ _________________________________________________ Ntop-misc mailing list [email protected] <mailto:[email protected]> http://listgateway.unipi.it/__mailman/listinfo/ntop-misc <http://listgateway.unipi.it/mailman/listinfo/ntop-misc>
-- /* * Arianna Avanzini * [email protected] * http://ava.webhop.me */ _______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
