Hello,
Fresh install of ntopng and nprobe on CentOS, install from the CentOS repos.
Version details below. Per the documentation, I run:
ntopng -i tcp://127.0.0.1:5556
nprobe --collector-port 6343 --zmq "tcp://127.0.0.1:5556"
When I run nprobe in verbose mode, it reports receiving good flow data with
numerous messages like this one:
19/May/2016 11:26:17 [engine.c:2361] New Flow: [tcp] 10.x.x.x:7101 ->
10.y.y.y:49550 [00:00:00:00:00:00 -> 00:00:00:00:00:00][vlan 1234][tos
2][ifIdx: 1000001 -> 18][subflowId: 0/0x0000][idx=124586]
But when I stop the nprobe process, it reports that it is not processing any
flows, and there is no data in NTOP ("No packet has been received yet on
interface tcp://127.0.0.1:5556"):
19/May/2016 11:26:24 [nprobe.c:2457] Processed packets: 107 (max bucket search:
1)
19/May/2016 11:26:24 [nprobe.c:2440] Fragment queue length: 0
19/May/2016 11:26:24 [nprobe.c:2466] Flow export stats: [0 bytes/0 pkts][0
flows/0 pkts sent]
*****19/May/2016 11:26:24 [nprobe.c:2473] Flow collection: [collected pkts:
425][processed flows: 0]
19/May/2016 11:26:24 [nprobe.c:2476] Flow drop stats: [0 bytes/0 pkts][0
flows]
19/May/2016 11:26:24 [nprobe.c:2481] Total flow stats: [0 bytes/0 pkts][0
flows/0 pkts sent]
19/May/2016 11:26:24 [nprobe.c:4947] Cleaning globals
19/May/2016 11:26:24 [nprobe.c:4967] nProbe terminated.
What am I missing? I have tried to dump the inbound packets using -dump-pkts
capture.pcap, but Wireshark reports that the resulting file is corrupt.
Thanks in advance,
Dennis
user@ntop-test ~]$ ntopng -V
v.2.2.160512 [Professional Edition]
GIT rev: 2.2-stable:994c38c70c9f54ae72849b8500884250b0760fc0:20160512
Pro rev: r525
System Id: REDACTED
Built on: CentOS Linux release 7.1.1503 (Core)
user@ntop-test ~]$ nprobe -v
Welcome to nProbe v.7.2.160512 (r4478) for x86_64-unknown-linux-gnu
with native PF_RING acceleration.
Copyright 2002-15 ntop.org
Build OS: CentOS Linux release 7.1.1503 (Core)
SystemID: REDACTED
License: Invalid nProbe license (/etc/nprobe.license) [Missing license
file]
nProbe is subject to the terms and conditions defined in
the LICENSE and EULA files that are part of this package.
nProbe also contains third party code:
Radix tree code - (C) The Regents of the University of Michigan
("The Regents") and Merit Network, Inc.
sFlow collector - (C) InMon Inc.
________________________________
Pico Quantitative Trading LLC ("PQT"). This e-mail (including any attachments)
is intended only for use by the addressee(s) named above, and may contain
confidential, proprietary or legally privileged information. If you are not the
intended recipient of this e-mail, any review, use, disclosure, dissemination,
distribution, printing or copying of this e-mail or any attachment is strictly
prohibited. If you have received this e-mail in error, please notify PQT
immediately by return e-mail and permanently delete the original from your
system and any hard copy printout thereof. E-mails are not encrypted and cannot
be guaranteed to be secure or error-free and, as with all Internet
communications, information could be intercepted, corrupted, lost, destroyed,
arrive late or incomplete, or contain viruses. Accordingly, PQT accepts no
liability for any errors or omissions in the content contained herein. Unless
specifically indicated otherwise, this e-mail is not, and should not be
construed as a recommendation or offer to buy or sell a financial instrument,
any investment products or other financial product or service, an official
confirmation of any transaction, or an official statement of PQT. In compliance
with applicable laws, rules and regulations and/or at its discretion, PQT may
review and archive incoming and outgoing e-mail communications, copies of which
may be produced at the request of regulators.
_______________________________________________
Ntop-misc mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-misc
