Hi again, I apologize for my previous messages where not cicumstancized enough. I have been conducting more test, using different filters, and I cam to the conclusion it is UDP traffic that gets Ntop to become crazy about CPU usage: PID USERNAME PRI NICE SIZE RES STATE TIME WCPU CPU COMMAND 10674 nobody 64 0 10856K 5252K RUN 8:09 99.02% 99.02% ntop It is not a memory problem, as I have 128 MB ram on the machine. I run actually with a filter to get UDP traffic only (simply use the word 'udp' as traffic filter). On the first 10 or 15 seconds it will work, I can get results by the web interface, then the CPU usage reach 30 or 40 % and I cannot see anything anymore. On the firstfew seconds, I could infeer a UDP flow of 120 Kbps, most of it identified as "Other IP" protocol (most of it being games or media streaming). It DOES cause tcpdump to drop a lot of traffic too: 60846 packets received by filter 15491 packets dropped by kernel All this going on FreeBSD. Any help appreciated. Best regards, Olivier
