> > Hi Yuri, > the ntopng and nprobe config files are below, respectively:
-n=3 -m="10.20.70.0/24" -G=/var/tmp/ntopng.pid -i=tcp://127.0.0.1:5556 -n=udp://127.0.0.1:2055 -i=none -t=60 -d=60 -a=0 -e=1 -B=10 -w=128000 -z=0 -S=1:1 -E=0:0 -m=15 -g=/var/run/nprobe-none.pid -3=2055 --zmq=tcp://*:5556 --vlanid-as-iface-idx=none -T=%IN_BYTES %IN_PKTS %PROTOCOL %SRC_TOS %TCP_FLAGS %L4_SRC_PORT %IPV4_SRC_ADDR %INPUT_SNMP %L4_DST_PORT %IPV4_DST_ADDR %OUTPUT_SNMP %LAST_SWITCHED %FIRST_SWI TCHED -V=9 --dump-stats=/var/log/nprobe/none-0_flows_stats.txt I have also tried changing the various IPs to the Eth0 address with no change. Regards, Matt ---------- Forwarded message ---------- > From: Francalacci Yuri <[email protected]> > To: "[email protected]" <[email protected]> > Cc: > Date: Sun, 31 May 2015 17:15:01 +0200 > Subject: Re: [Ntop-misc] Ntop-misc Digest, Vol 131, Issue 13 > Could you please post the nprobe and ntopng config file (in /etc/ntopng > and /etc/nprobe) > Yuri > > Sent from my iPhone > > Il giorno 31/mag/2015, alle ore 16:10, Matt Thompson < > [email protected]> ha scritto: > > Hi Yuri, > > I am starting and stopping it within the GUI. It all starts up OK, but it > only reports traffic directed at the server itself (my client connecting) > and broadcast traffic on its subnet. > > > Regards, > > Matt > > On 30 May 2015 at 11:00, <[email protected]> wrote: > >> Send Ntop-misc mailing list submissions to >> [email protected] >> >> To subscribe or unsubscribe via the World Wide Web, visit >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> or, via email, send a message with subject or body 'help' to >> [email protected] >> >> You can reach the person managing the list at >> [email protected] >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of Ntop-misc digest..." >> >> Today's Topics: >> >> 1. nProbe configuration (Matt Thompson) >> 2. Re: nProbe configuration (Yuri Francalacci) >> >> >> ---------- Forwarded message ---------- >> From: Matt Thompson <[email protected]> >> To: [email protected] >> Cc: >> Date: Fri, 29 May 2015 14:49:05 +0100 >> Subject: [Ntop-misc] nProbe configuration >> I'm hoping somebody can help what is probably a simple issue. >> >> I have installed the trial licence successfully but am struggling to >> configure ntop/nprobe to get useful data, despite following the >> documentation and some related YouTube videos. >> >> I have a simple setup: >> >> (Firewall 1) >> >> <> >> >> (Firewall 2) >> >> <> >> >> (Ntop/nprobe installation server) >> >> >> Firewall 1 is where I have Netflow exporting configured. The server has >> all the relevant roles installed on the one box. Firewall 2 has all >> relevant traffic allowed through it, but a packet capture on there shows >> the server is sending udp port 2055 unreachable ICMP messages back to >> firewall 1. >> >> I use the GUI to configure so should I be using the Eth0 or Proxy setup >> and what settings should I be tweaking? I can only see traffic destined for >> the server or broadcast traffic on that subnet. >> >> >> TIA >> >> Matt >> >> >> >> ---------- Forwarded message ---------- >> From: Yuri Francalacci <[email protected]> >> To: [email protected] >> Cc: >> Date: Fri, 29 May 2015 16:16:32 +0200 >> Subject: Re: [Ntop-misc] nProbe configuration >> Matt, >> could you post the way you are starting either ntopng and nprobe? >> Yuri >> ############################################### >> Yuri Francalacci - [email protected] - http://www.ntop.org >> "Simplicity is the ultimate sophistication" - Leonardo da Vinci >> ############################################### >> >> On 29 May 2015, at 15:49, Matt Thompson <[email protected]> wrote: >> >> I'm hoping somebody can help what is probably a simple issue. >> >> I have installed the trial licence successfully but am struggling to >> configure ntop/nprobe to get useful data, despite following the >> documentation and some related YouTube videos. >> >> I have a simple setup: >> >> (Firewall 1) >> >> <> >> >> (Firewall 2) >> >> <> >> >> (Ntop/nprobe installation server) >> >> >> Firewall 1 is where I have Netflow exporting configured. The server has >> all the relevant roles installed on the one box. Firewall 2 has all >> relevant traffic allowed through it, but a packet capture on there shows >> the server is sending udp port 2055 unreachable ICMP messages back to >> firewall 1. >> >> I use the GUI to configure so should I be using the Eth0 or Proxy setup >> and what settings should I be tweaking? I can only see traffic destined for >> the server or broadcast traffic on that subnet. >> >> >> TIA >> >> Matt >> >> _______________________________________________ >> Ntop-misc mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> >> >> >> _______________________________________________ >> Ntop-misc mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop-misc >> > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc > > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc >
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
