===============================================================================
This e-mail and its contents are subject to the Telkom SA Limited
e-mail legal notice which can be viewed at:
http://www.telkom.co.za/TelkomEMailLegalNotice.PDF
Should you be unable to access the link provided, a copy of the legal notice
will be e-mailed to you on sending a blank e-mail to [EMAIL PROTECTED]
===============================================================================
Hi
I have downloaded NTOP-3.0pre1 and installed.
Interface looks nice but 2 major problems so far
This error has re-appeared:
Error in log file
Fri Feb 20 15:17:35 2004 **WARNING** RRD:
rrd_update(/var/ntop/rrd/interfaces/NetFlow-device/hosts//pktSent.rrd)
error: illegal attempt to update using time 1077283052 when last
update time is 1077283052 (minimum one second step)
In Ntop 2.2.96 this was caused by using the -m option and declaring
some networks local. This is not the case now..
The BIG problem is NTOP-3.0pre1 runs for 10 minutes and crashes with
no log as to why
I was running on Linux 2.4.2 so I recompiled my kernel to 2.6.3 hoping
it was a memory issue but no luck. (2.2.96 ran fine with white list
filter)
I am running on a HP xw8000 workstation with 1.7 gig Xeon and 2 gigs
of RAM.
If I switch back to 2.2.96 - it's ok (so what's my point - I like the
looks of 3)
Ntop3 config:
Ntop config
ntop Configuration
ntop version.....3.0pre1
Configured on.....Feb 17 2004 7:15:06
Built on.....Feb 20 2004 14:33:37
OS.....i686-pc-linux-gnu
libpcap version.....libpcap version 0.8
Process Id.....32522
Command line
Started as....ntop --user root --db-file-path /var/ntop --domain
telkom.co.za -p /etc/protocol.list --trace-level 3 --http-server 3000
-b --no-fc --no-promiscuous --w3c --disable-schedyield
--skip-version-check
Resolved to....ntop
--user
root
--db-file-path
/var/ntop
--domain
##########.za
-p
/etc/protocol.list
--trace-level
3
--http-server
3000
-b
--no-fc
--no-promiscuous
--w3c
--disable-schedyield
--skip-version-check
Command line parameters are:
-a | --access-log-file.....(default) (nil)
-b | --disable-decoders.....Yes
-c | --sticky-hosts.....(default) No
-d | --daemon.....No
-e | --max-table-rows.....(default) 128
-f | --traffic-dump-file.....(default) (nil)
-g | --track-local-hosts.....(default) Track all hosts
-o | --no-mac.....(default) Trust MAC Addresses
-i | --interface (effective).....eth0
-j | --create-other-packets.....(default) Disabled
-k | --filter-expression-in-extra-frame.....(default) No
-l | --pcap-log.....(default) (nil)
-m | --local-subnets (effective).....(nil)
-n | --numeric-ip-addresses.....(default) No
-p | --protocols...../etc/protocol.list
-q | --create-suspicious-packets.....(default) Disabled
-r | --refresh-time.....(default) 120
-s | --no-promiscuous.....Yes
-t | --trace-level.....(default) 3
-u | --user.....root (uid=0, gid=0)
-w | --http-server.....(default) Active, all interfaces, port 3000
-z | --disable-sessions.....(default) No
-B | --filter-expression.....(default) none
-D | --domain.....telkom.co.za
-F | --flow-spec.....(default) none
-K | --enable-debug.....(default) No
-L | --use-syslog.....daemon
-M | --no-interface-merge (effective).....(parameter -M set,
Interfaces separate) No
-N | --wwn-map.....(default) (nil)
-O | --pcap-file-path.....(default) /usr/local/var/ntop
-P | --db-file-path...../var/ntop
-Q | --spool-file-path...../var/ntop
-U | --mapper.....(default) (nil)
-W | --https-server.....Uninitialized --disable-schedYield.....Yes
--disable-instantsessionpurge.....(default) No
--disable-mutexextrainfo.....(default) No
--disable-stopcap.....(default) No
--fc-only.....(default) No
--log-extra.....(default) 0
--no-fc.....Yes
--no-invalid-lun.....(default) No
--p3p-cp.....(default) none
--p3p-uri.....(default) none
--set-pcap-nonblocking.....(default) No
--ssl-watchdog.....(default) No
--w3c.....Yes
