Hi,
I have successfully compile and installed the ndpi-netfilter (xt_ndpi.ko)
kernel loadable module based on the work of ewildgoose. (
https://github.com/ewildgoose/ndpi-netfilter).
My question here
1) Does NDPI needs to see traffic in both direction?
2) I am bridging traffic through two NIC ports (transparent, NO IP on nic
or bridge). A third NIC is use to access the unit.
does it work with bridge?
3) I can see some http traffic with the iptables rules setup below but no
SSL or ICMP at all. I know that i have SSL and ICMP traffic as i have ssl
webpage and ping running in the LAN segment accessing the WAN.
What am i doing wrong ?
Commands I use
iptables -A FORWARD -m ndpi --http -j CONNMARK --set-mark 1
iptables -A FORWARD -m ndpi --ssl -j CONNMARK --set-mark 2
iptables -A FORWARD -m ndpi --icmp -j CONNMARK --set-mark 3
OS: OpenSuse 12.3 Linux 3.7.10 64bit 4Gb RAM with Intel i3 540 CPU.
LAN ----- My Bridge ------- WAN
Thanks.
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
