Hi, i configured a freebsd router using ng_netflow to send netflows to my linux workstation running ntop + netflow plugin. ntop version is: 3.0rc1 which is actually the version present in today's debian unstable. The configuration is default too. What i did was to go to admin->plugins and activate netflow plugin clicking on the "NO" string. Then i got inside the Netflow configuration and changed the port to 2055 and set the virtuall address to 192.168.2.0/24 (actually the linux workstation isn't attached to that net, no interfaces have got an ip in that network). I went inside NIC Switch, clicked on the netflow and switched to it. Then i did an /etc/init.d/ntop restart. After it started freshly, the plugin's state was -disabled-. It said: Disabled - Unable to create listening socket, and the logs say:
Fri May 7 18:48:39 2004 NOTE: atfork() handler registered for mutexes, rc 0
Fri May 7 18:48:39 2004 THREADMGMT: Packet processor thread running...
Fri May 7 18:48:39 2004 THREADMGMT: Started thread (1086159792) for network packet
analyser
Fri May 7 18:48:39 2004 THREADMGMT: Fingerprint scan thread running...
Fri May 7 18:48:39 2004 THREADMGMT: Started thread (1121733552) for fingerprinting
Fri May 7 18:48:39 2004 THREADMGMT: Idle host scan thread running...
Fri May 7 18:48:39 2004 THREADMGMT: Started thread (1130122160) for idle hosts
detection
Fri May 7 18:48:39 2004 THREADMGMT: Address resolution thread running...
Fri May 7 18:48:39 2004 THREADMGMT: Started thread (1138510768) for DNS address
resolution
Fri May 7 18:48:39 2004 Calling plugin start functions (if any)
Fri May 7 18:48:39 2004 Sniffying...
Fri May 7 18:48:39 2004 INIT: Created pid file (/var/lib/ntop/ntop.pid)
Fri May 7 18:48:39 2004 CHKVER: Checking current ntop version at
version.ntop.org/version.xml
Fri May 7 18:48:39 2004 Listening on [eth0,eth0:0]
Fri May 7 18:48:39 2004 Now running as requested user 'ntop' (108:108)
Fri May 7 18:48:39 2004 Loading Plugins
Fri May 7 18:48:39 2004 Searching for plugins in /usr/lib/ntop/plugins
Fri May 7 18:48:39 2004 LASTSEEN: Welcome to LastSeenWatchPlugin. (C) 1999 by Andrea
Marangoni
Fri May 7 18:48:39 2004 ICMP: Welcome to icmpWatchPlugin. (C) 1999-2004 by Luca Deri
Fri May 7 18:48:39 2004 NETFLOW: Welcome to NetFlow.(C) 2002-04 by Luca Deri
Fri May 7 18:48:39 2004 NFS: Welcome to nfsWatchPlugin. (C) 1999-2004 by Luca Deri
Fri May 7 18:48:39 2004 PDA: Welcome to PDAPlugin. (C) 2001-2004 by L.Deri and
W.Brock
Fri May 7 18:48:39 2004 RRD: Welcome to rrdPlugin. (C) 2002-04 by Luca Deri.
Fri May 7 18:48:39 2004 SFLOW: Welcome to sFlowPlugin. (C) 2002-04 by Luca Deri
Fri May 7 18:48:39 2004 XML: Welcome to xmldump plugin. (C) 2003-2004 by Burton
Strauss
Fri May 7 18:48:39 2004 Calling plugin start functions (if any)
Fri May 7 18:48:39 2004 RRD: Welcome to the RRD plugin
Fri May 7 18:48:39 2004 RRD: Mask for new directories is 0700
Fri May 7 18:48:39 2004 RRD: Mask for new files is 0066
Fri May 7 18:48:39 2004 THREADMGMT: rrd thread (1155767216) started
Fri May 7 18:48:39 2004 RRD: Started thread (1155767216) for data collection.
Fri May 7 18:48:39 2004 NETFLOW: White list initialized to ''
Fri May 7 18:48:39 2004 NETFLOW: Black list initialized to ''
Fri May 7 18:48:39 2004 NETFLOW: Unable to create a socket - returned 0, error is
'Success'(0)
Fri May 7 18:48:39 2004 SSL is present but https is disabled: use -W for enabling it
Fri May 7 18:48:39 2004 Note: Reporting device initally set to 0 [eth0] (merged)
Fri May 7 18:48:39 2004 INITWEB: Initializing web server
Fri May 7 18:48:39 2004 INITWEB: Initializing tcp/ip socket connections for web
server
Fri May 7 18:48:39 2004 INITWEB: Initialized socket, port 3000, address (any)
Fri May 7 18:48:39 2004 INITWEB: Waiting for HTTP connections on port 3000
Fri May 7 18:48:39 2004 INITWEB: Starting web server
Fri May 7 18:48:39 2004 THREADMGMT: web connections thread (6702) started...
Fri May 7 18:48:39 2004 THREADMGMT: Started thread (1164159920) for web server
Fri May 7 18:48:39 2004 Note: SIGPIPE handler set (ignore)
Fri May 7 18:48:39 2004 WEB: ntop's web server is now processing requests
Fri May 7 18:48:39 2004 THREADMGMT: Started thread (1172548528) for network packet
sniffing on eth0
Fri May 7 18:48:39 2004 THREADMGMT: pcap dispatch thread running...
Fri May 7 18:48:40 2004 CHKVER: Version file is from 'version.ntop.org'
Fri May 7 18:48:40 2004 CHKVER: as of date is '2004-03-22T04:30:00'
Fri May 7 18:48:40 2004 CHKVER: This version of ntop is a minimally supported but
OLDER version - please upgrade
I don't know what the problem might be, i followed the steps in the doc.
TIA
--
Claudio "thefly" Martella
[EMAIL PROTECTED]
GNU/PG keyid: 0x8EA95625
signature.asc
Description: Digital signature
