Oscar, in this scenario ntopng will connect to port 5556 of nprobe (note that nProbe acts as server instead of client in this case). So, you will not see any packet exported on port 2055 for sure, but if ntopng is configured in the right way, you will see traffic from ntopng to nprobe on port 5556. Yuri ############################################### Yuri Francalacci - [email protected] - http://www.ntop.org "Simplicity is the ultimate sophistication" - Leonardo da Vinci ###############################################
> On 18 Sep 2015, at 11:56, Oscar Carlstedt <[email protected]> wrote: > > Hi, > > I'm having trouble configuring nProbe as a NetFlow-collector and then > relaying to nTop. I'm using this command: > > [root@localhost ~]# nprobe --zmq "tcp://*:5556" --collector-port 2055 > > And getting these results: > > 18/Sep/2015 17:41:17 [nprobe.c:3130] Valid nProbe license found > 18/Sep/2015 17:41:17 [nprobe.c:4488] WARNING: The output interfaceId is > set to 0: did you forget to use -Q perhaps ? > 18/Sep/2015 17:41:17 [nprobe.c:4491] WARNING: The input interfaceId is set > to 0: did you forget to use -u perhaps ? > 18/Sep/2015 17:41:17 [nprobe.c:4552] Welcome to nProbe v.7.2.150914 > ($Revision: 4468 $) for x86_64-unknown-linux-gnu with native PF_RING > acceleration > 18/Sep/2015 17:41:17 [nprobe.c:4562] Running on CentOS Linux release > 7.1.1503 (Core) > 18/Sep/2015 17:41:17 [nprobe.c:4573] [LICENSE] nProbe SystemId: > 688C59C68206217E > 18/Sep/2015 17:41:17 [nprobe.c:4584] [LICENSE] nProbe License: > D7D37ED89D454B911767CA48AE0BF91014740557803F3D11BE > 18/Sep/2015 17:41:17 [nprobe.c:4587] [LICENSE] nProbe Edition: Standard > [without PF_RING Acceleration] > 18/Sep/2015 17:41:17 [nprobe.c:4614] [LICENSE] Maintenance is available > until Fri Sep 16 21:56:20 2016 [364 days left] > 18/Sep/2015 17:41:17 [nprobe.c:4658] WARNING: -n parameter is missing. > 127.0.0.1:2055 will be used. > 18/Sep/2015 17:41:17 [nprobe.c:6526] Welcome to nprobe v.7.2.150914 for > x86_64-unknown-linux-gnu > 18/Sep/2015 17:41:17 [plugin.c:1000] 0 plugin(s) enabled > 18/Sep/2015 17:41:17 [nprobe.c:6203] Non IPv4/v6 traffic is discarded > according to the template > 18/Sep/2015 17:41:17 [util.c:287] GeoIP: loaded AS config file > /usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat > 18/Sep/2015 17:41:17 [util.c:296] GeoIP: loaded AS IPv6 config file > /usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat > 18/Sep/2015 17:41:17 [nprobe.c:6698] IPv6 traffic will NOT be > exported/accounted by this probe > 18/Sep/2015 17:41:17 [nprobe.c:6699] due to configuration options (e.g. > use NetFlow v9) > 18/Sep/2015 17:41:17 [util.c:3840] Succesfully created ZMQ endpoint > tcp://*:5556 > 18/Sep/2015 17:41:17 [util.c:2892] WARNING: Don't dropping privileges > (required by NetFilter) > 18/Sep/2015 17:41:17 [collect.c:51] ERROR: Bad configuration: flows will > be sent to the collection port > 18/Sep/2015 17:41:17 [collect.c:52] ERROR: causing a waterfall effect: > flow collection will be disabled > 18/Sep/2015 17:41:17 [nprobe.c:7035] nProbe started successfully > > I can see packets coming in: > > [root@localhost ~]# tcpdump -i ens160 udp dst port 2055 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on ens160, link-type EN10MB (Ethernet), capture size 65535 bytes > 17:37:07.828907 IP a.b.c.d.63493 > localhost.localdomain.iop: UDP, length 72 > 17:37:07.937884 IP a.b.c.d.63493 > localhost.localdomain.iop: UDP, length 72 > 17:37:08.046399 IP a.b.c.d.63493 > localhost.localdomain.iop: UDP, length 72 > 17:37:08.156147 IP a.b.c.d.63493 > localhost.localdomain.iop: UDP, length 72 > 17:37:08.264936 IP a.b.c.d.63493 > localhost.localdomain.iop: UDP, length 72 > > But no flows are exported to nTop. Am I missing any parameters? > > Please advise. > > Best Regards, > Oscar Carlstedt > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
