Hi Yuri, I enclosed the command in quotes like your example yet still no data in ntopng. I have also turned off iptables to test.
Here is the output when I start nprobe: nprobe --zmq "tcp://*:5556" -i none -n none -b 2 -3 2055 03/Dec/2014 08:00:00 [nprobe.c:6118] Valid nProbe license found 03/Dec/2014 08:00:00 [plugin.c:160] No plugins found in ./plugins 03/Dec/2014 08:00:00 [plugin.c:166] Loading plugins [.so] from /usr/local/lib/nprobe/plugins 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin RTP Plugin: missing license [/etc/nprobe.license.voippro] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin SMTP Protocol: missing license [/etc/nprobe.license.email] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin Radius Protocol: missing license [/etc/nprobe.license.radius] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin HTTP Protocol: missing license [/etc/nprobe.license.http] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin Netflow-Lite Plugin: missing license [/etc/nprobe.license.nflite] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin DNS Protocol: missing license [/etc/nprobe.license.dns] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin GTPv0 Signaling Protocol: missing license [/etc/nprobe.license.gtpv0] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin L7 Plugin: missing license [/etc/nprobe.license.l7] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin SIP Plugin: missing license [/etc/nprobe.license.voippro] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin GTPv2 Signaling Protocol: missing license [/etc/nprobe.license.gtpv2] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin GTPv1 Signaling Protocol: missing license [/etc/nprobe.license.gtpv1] 03/Dec/2014 08:00:00 [plugin.c:725] Unable to enable plugin System process information: missing license [/etc/nprobe.license.process] 03/Dec/2014 08:00:00 [nprobe.c:4172] WARNING: The output interfaceId is set to 0: did you forget to use -Q perhaps ? 03/Dec/2014 08:00:00 [nprobe.c:4175] WARNING: The input interfaceId is set to 0: did you forget to use -u perhaps ? 03/Dec/2014 08:00:00 [nprobe.c:4230] Welcome to nprobe v.7.0.141119 ($Revision: 4541 $) for x86_64-unknown-linux-gnu with native PF_RING acceleration 03/Dec/2014 08:00:00 [nprobe.c:4248] nProbe SystemId: xxxxxxxxxxxxxxxxxxxxx 03/Dec/2014 08:00:00 [nprobe.c:4260] nProbe License: xxxxxxxxxxxxxxxxxxxxx 03/Dec/2014 08:00:00 [nprobe.c:4263] Tracing enabled 03/Dec/2014 08:00:00 [mysqlPlugin.c:117] Initialized MySQL plugin 03/Dec/2014 08:00:00 [bgpPlugin.c:381] BGP plugin is disabled (--bgp-port has not been specified) 03/Dec/2014 08:00:00 [dbPlugin.c:78] Initializing DB plugin 03/Dec/2014 08:00:00 [plugin.c:241] 3 plugin(s) loaded [3 delete][2 packet]. 03/Dec/2014 08:00:00 [nprobe.c:6153] Welcome to nprobe v.7.0.141119 for x86_64-unknown-linux-gnu 03/Dec/2014 08:00:00 [nprobe.c:5385] Compiling flow templates... 03/Dec/2014 08:00:00 [plugin.c:834] Scanning plugin MySQL Plugin [mysql] 03/Dec/2014 08:00:00 [plugin.c:834] Scanning plugin BGP Update Listener [bgp] 03/Dec/2014 08:00:00 [plugin.c:834] Scanning plugin MySQL DB [db] 03/Dec/2014 08:00:00 [plugin.c:977] 0 plugin(s) enabled 03/Dec/2014 08:00:00 [util.c:298] GeoIP: loaded AS config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat 03/Dec/2014 08:00:00 [util.c:307] GeoIP: loaded AS IPv6 config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat 03/Dec/2014 08:00:00 [nprobe.c:4757] Using packet capture length 128 03/Dec/2014 08:00:00 [nprobe.c:6321] IPv6 traffic will NOT be exported/accounted by this probe 03/Dec/2014 08:00:00 [nprobe.c:6322] due to configuration options (e.g. use NetFlow v9) 03/Dec/2014 08:00:00 [nprobe.c:6325] The flows hash has 131072 buckets 03/Dec/2014 08:00:00 [nprobe.c:6327] Flows older than 120 seconds will be exported 03/Dec/2014 08:00:00 [nprobe.c:6330] Flows inactive for at least 30 seconds will be exported 03/Dec/2014 08:00:00 [nprobe.c:6333] Expired flows will not be queued for more than 30 seconds 03/Dec/2014 08:00:00 [nprobe.c:6340] Exported flows with engineType 0 and engineId 128 03/Dec/2014 08:00:00 [nprobe.c:6362] TCP TOS will be ignored and set to 0. 03/Dec/2014 08:00:00 [nprobe.c:6380] After 1 flow packets are sent, we'll delay at least 1 ms 03/Dec/2014 08:00:00 [nprobe.c:6400] Flows will be emitted in NetFlow 5 format 03/Dec/2014 08:00:00 [nprobe.c:6430] Flow input interface index is set to 0 03/Dec/2014 08:00:00 [nprobe.c:6436] Flow output interface index is set to 0 03/Dec/2014 08:00:00 [nprobe.c:6450] Not capturing packet from interface (collector mode) 03/Dec/2014 08:00:00 [util.c:3726] Succesfully created ZMQ endpoint tcp://*:5556 03/Dec/2014 08:00:00 [plugin.c:796] Disabling plugin MySQL Plugin (no template is using it) 03/Dec/2014 08:00:00 [plugin.c:796] Disabling plugin BGP Update Listener (no template is using it) 03/Dec/2014 08:00:00 [plugin.c:796] Disabling plugin MySQL DB (no template is using it) 03/Dec/2014 08:00:00 [collect.c:99] Created UDP sockets 03/Dec/2014 08:00:00 [collect.c:158] Flow collector listening on port 2055 (IPv4/v6) 03/Dec/2014 08:00:00 [nprobe.c:6570] Starting 1 packet fetch thread(s) 03/Dec/2014 08:00:00 [engine.c:3055] Starting bucket dequeue thread 03/Dec/2014 08:00:00 [nprobe.c:6658] nProbe started successfully When starting ntopng: ntopng -i tcp://127.0.0.1:5556 & [1] 2736 [root@newmail ~]# 03/Dec/2014 07:55:37 [Ntop.cpp:683] Setting local networks to 192.168.1.0/24,0.0.0.0/32,224.0.0.0/8,239.0.0.0/8,255.255.255.255/32,127.0.0.0/8 03/Dec/2014 07:55:37 [Redis.cpp:84] Successfully connected to Redis 127.0.0.1:6379 03/Dec/2014 07:55:37 [Ntop.cpp:807] Registered interface tcp:// 127.0.0.1:5556 [id: 0] 03/Dec/2014 07:55:37 [Utils.cpp:252] User changed to nobody 03/Dec/2014 07:55:37 [main.cpp:183] PID stored in file /var/tmp/ntopng.pid 03/Dec/2014 07:55:37 [HTTPserver.cpp:387] HTTPS Disabled: missing SSL certificate /usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem 03/Dec/2014 07:55:37 [HTTPserver.cpp:389] Please read https://svn.ntop.org/svn/ntop/trunk/ntopng/README.SSL if you want to enable SSL. 03/Dec/2014 07:55:37 [HTTPserver.cpp:434] Web server dirs [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts] 03/Dec/2014 07:55:37 [HTTPserver.cpp:437] HTTP server listening on port 3000 03/Dec/2014 07:55:37 [main.cpp:231] Working directory: /var/tmp/ntopng 03/Dec/2014 07:55:37 [main.cpp:233] Scripts/HTML pages directory: /usr/share/ntopng 03/Dec/2014 07:55:37 [Ntop.cpp:218] Welcome to ntopng x86_64 v.1.2.2 (r1.2.2) - (C) 1998-14 ntop.org 03/Dec/2014 07:55:37 [PeriodicActivities.cpp:53] Started periodic activities loop... 03/Dec/2014 07:55:37 [RuntimePrefs.cpp:32] Dump alerts into syslog 03/Dec/2014 07:55:37 [NetworkInterface.cpp:842] Started packet polling on interface tcp://127.0.0.1:5556 [id: 5]... 03/Dec/2014 07:55:37 [CollectorInterface.cpp:92] Collecting flows on tcp:// 127.0.0.1:5556 On Tue, Dec 2, 2014 at 11:27 PM, Yuri Francalacci <[email protected]> wrote: > Bob, > did you enclose the âzmq param in nprobe with â' > Otherwise the shell will expand the â*â sign > it should be something like > > nprobe --zmq "tcp://*:5556" -i none -n none -b 2 -3 2055 > > Yuri > ############################################### > Yuri Francalacci - [email protected] - http://www.ntop.org > "Simplicity is the ultimate sophistication" - Leonardo da Vinci > ############################################### > > On 03 Dec 2014, at 05:53, Bob Caddell <[email protected]> wrote: > > Luca, > Please excuse my inattention to this thread as I was out of the office the > past week. > > Here is the the line I start nprobe with: > > nprobe --zmq tcp://*:5556 -i none -n none -b 2 -3 2055 > > I am seeing traffic from my router on port 2055 using tcpdump. I've used > Solarwinds netflow scanner to verify the router is dumping flow packets. > > I am running ntopng with the following line: > > ntopng -i tcp://127.0.0.1:5556 > > I can access the web interface and it reports no talkers. > > I have run ntopng and captured packets from the ethernet interface but > cannot get the nprobe to work with it. > > I can see where this will be a really powerful tool once I can get it to > work. > > Thanks, > Bob > > > > > > On Tue, Dec 2, 2014 at 1:11 PM, Luca Deri <[email protected]> wrote: > >> Bob >> -b 2 will display if flows populate the nProbe cache: so you see some >> activity happening? >> >> Luca >> >> On 20 Nov 2014, at 23:30, Bob Caddell <[email protected]> wrote: >> >> Hi, >> I have installed ntopng, nprobe and all the other requirements. I have >> configured my Cisco router to export netflow data to the nprobe in >> collector mode on port 2055. >> I start the nProbe like this : nprobe --zmq "tcp://*:5556" -i none -n >> none -b 2 -3 2055 >> The ntopng with: ntopng -i tcp://127.0.0.1:5556 >> When I do a tcpdump on the nprobe/ntopng host I can see traffic from my >> Cisco router: >> >> tcpdump port 2055 >> >> 14:10:20.618537 IP 10.0.254.1.58944 > 198.189.xxx.3.iop: UDP, length 1464 >> >> 14:10:20.618616 IP 10.0.254.1.58944 > 198.189.xxx.3.iop: UDP, length 1464 >> >> 14:10:20.618664 IP 10.0.254.1.58944 > 198.189.xxx.3.iop: UDP, length 1464 >> >> 14:10:20.618705 IP 10.0.254.1.58944 > 198.189.xxx.3.iop: UDP, length 1464 >> >> 14:10:20.618750 IP 10.0.254.1.58944 > 198.189.xxx.3.iop: UDP, length 1464 >> >> 14:10:20.618804 IP 10.0.254.1.58944 > 198.189.xxx.3.iop: UDP, length 1464 >> >> My problem is that nothing shows up on the web interface after I log in. >> >> Does anyone see a problem? >> >> Thank you, >> Bob >> >> >> >> >> >> -- >> Bob Caddell, Supervisor of Technology, Maintenance & Operations >> Siskiyou County Office of Education >> 609 South Gold Street, Yreka CA 96097-3110 >> 530.842.8420 - 530.842.8436 Fax >> http://www.siskiyoucoe.net >> >> >> *Providing Educational Leadership, Resources and Services to Districts >> and Schools to Ensure Learning For All Students* >> CONFIDENTIALITY NOTICE: This communication with its contents may >> contain confidential and/or legally privileged information. It is solely >> for the use of the intended recipient(s). Unauthorized interception, >> review, use or disclosure is prohibited and may violate applicable laws >> including the Electronic Communications Privacy Act. If you are not the >> intended recipient, please contact the sender and destroy all copies of the >> communication. >> _______________________________________________ >> Ntop mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop >> >> >> >> _______________________________________________ >> Ntop mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop >> > > > > -- > Bob Caddell, Supervisor of Technology, Maintenance & Operations > Siskiyou County Office of Education > 609 South Gold Street, Yreka CA 96097-3110 > 530.842.8420 - 530.842.8436 Fax > http://www.siskiyoucoe.net > > > *Providing Educational Leadership, Resources and Services to Districts and > Schools to Ensure Learning For All Students* > CONFIDENTIALITY NOTICE: This communication with its contents may > contain confidential and/or legally privileged information. It is solely > for the use of the intended recipient(s). Unauthorized interception, > review, use or disclosure is prohibited and may violate applicable laws > including the Electronic Communications Privacy Act. If you are not the > intended recipient, please contact the sender and destroy all copies of the > communication. > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop > > > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop > -- Bob Caddell, Supervisor of Technology, Maintenance & Operations Siskiyou County Office of Education 609 South Gold Street, Yreka CA 96097-3110 530.842.8420 - 530.842.8436 Fax http://www.siskiyoucoe.net *Providing Educational Leadership, Resources and Services to Districts and Schools to Ensure Learning For All Students* CONFIDENTIALITY NOTICE: This communication with its contents may contain confidential and/or legally privileged information. It is solely for the use of the intended recipient(s). Unauthorized interception, review, use or disclosure is prohibited and may violate applicable laws including the Electronic Communications Privacy Act. If you are not the intended recipient, please contact the sender and destroy all copies of the communication.
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
