Burton, Thanks for the suggestion.
I found the area in initialize.c you suggested and tried changing the settings various whys. It didn't help much. The only thing I was able to change was the message on the web display. It used to indicated that the session information was not available due to the configuration flags. It now says there are no active sessions. There are no sessions displayed on the WEB display and there are no TCPsessions written to the mySQL database via the -b flag. (I haven't figured out the new -v option yet. There must be more to it than what is in the man page) To give a little more information why I am using this mode. A single Cisco or other brand for that matter does not need "border Sniffer Mode". When the switch is connected to other switches using "trunk" configurations then the "trunk" port MAC address shows up as the MAC address for all the IP address's coming across from the other switch via the "trunk" port. The reports are therefore very confused to say the least. My assumption was that the "border Sniffer Mode" makes Ntop only use IP address's for it's comparison instead of MAC address's. This assumption is obviously wrong. I am not a C programmer, by any stretch of the imagination. I can make minor changes if it is obivous enough, and I can follow the "make clean" "make" "make install" process, but that is about it. If you or anyone else has other suggestions let me know I will try them out. Gene -----Original Message----- From: Burton M. Strauss III [mailto:[EMAIL PROTECTED]] Sent: Wednesday, June 12, 2002 10:27 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: RE: [Ntop] Session Information when in border sniffer mode The menus are just html files. There is a set for regular mode and a j_xxx.html set for border sniffer mode. So the link just hasn't been deleted. As to whether/why sessions are disabled, suggest you grep in the code - look for myGlobals.borderSnifferMode and follow it into initialize.c where it sets the other flags. You'll have to figure out which is disabling the session reporting, enable that one and then see what you get. Sorry, but I really don't understand -j... -----Burton -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Eugene Spiker Sent: Wednesday, June 12, 2002 7:02 PM To: [EMAIL PROTECTED] Subject: [Ntop] Session Information when in border sniffer mode All, I am using Ntop to monitor traffic on Cisco switches and need to use border sniffer mode. When border sniffer mode was first introduced the session information was still available and by using the sql-host (-b) configuration I was able to save the sessions into a mySQL database and write reports based on the information. The session information is important to me in that I use it to identify who is talking to whom on my network. This helped me make recommendations on changing WAN routes and connections and also reposition various servers (mail, file and application) to more central locations. This information along with WAN bandwidth usage reports made a complete picture. Is there anyway to gather the session information using the latest version of Ntop, while using border sniffer mode? The fact that the session information is still a menu selection when in border sniffer mode, makes me think there might be a way. I assume if there was not that it would have been removed from the menu along with the other tabs and menu items. Any suggestions or recommendations would be appreciated. Thanks, Eugene (Gene) Spiker _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://lists.ntop.org/mailman/listinfo/ntop
