[Ntop-misc] Compile PF_RING 6.4.1 from source to rpm

All, Any input or references on how to make an RPM from the source code? When I try to use the provided rpm and then install Suricata as well it fails as there isn't a libpfring.so file installed. Any wisdom and input is appreciated. Thanks. -- Josh

[Ntop] usage report

The main reason I use ntopng is to locate local hosts consuming large amounts of data. I can currently do this but it's very time consuming pulling up individual 'top hosts' and then select 'History', then over the last '30 days' etc. Can it be implemented, or is there currently a way to simply

Re: [Ntop] Excluding hosts or a subnet from being monitored

Therefore, there is no way to filter and remove an IP or host from the list if I use nprobe? Gerhard, On Jan 18, 2017, at 10:33 AM, Simone Mainardi > wrote: Gerhard, BPF filters are only available for packet interfaces, not for Netflow. Regards,

Re: [Ntop] Excluding hosts or a subnet from being monitored

Gerhard, BPF filters are only available for packet interfaces, not for Netflow. Regards, Simone On Wed, Jan 18, 2017 at 1:59 PM, Gerhard Mourani wrote: > Hi Simone, > > Here the configuration used: > > /usr/local/bin/nprobe -f "not host 192.168.2.227" -i none -n none

Re: [Ntop-misc] How to get separate traffic statistic by collector interface

> My netflow routers have many interfaces (physical, vlan and tunnel one) : How > many can ntopng actually manage ? Seems that the current max is 32 interfaces for ntopng. The problem is : even if I try to limit the number of interfaces to send flows about on my netflow routers to 6 each, I

Re: [Ntop] Excluding hosts or a subnet from being monitored

Hi Simone, Here the configuration used: /usr/local/bin/nprobe -f "not host 192.168.2.227" -i none -n none --zmq tcp://*:5556 -b 2 -3 6343 --as-list=/usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat --city-list=/usr/share/ntopng/httpdocs/geoip/GeoLiteCity.dat -G --pid-file

Re: [Ntop-misc] How to get separate traffic statistic by collector interface

> Hi Frederic, > The latest ntopng dev build allows you to create virtual interfaces on the > basis > of the ingress flow interface. You just have to visit the preferences page > (Expert View), tab "Network Interfaces", and enable "Ingress Flow Interfaces". > This should do the trick. Thanks

Re: [Ntop] Excluding hosts or a subnet from being monitored

Gerhard, what's the nprobe configuration used? Simone On Tue, Jan 17, 2017 at 8:08 PM, Gerhard Mourani wrote: > Hi Simone, > > Seem it doesn't work with my version 7.4.170109 of nprobe! > > Starting nProbe: 17/Jan/2017 14:05:54 [nprobe.c:3407] Valid nProbe license > found

Re: [Ntop] PF_RING ZC licences not recognised

Fixed - this was down to user error on my part. Thanks to Alfredo for assisting via email. A. -- Andrew Howard a...@andrew-howard.me.uk - Reply message - From: "Andrew Howard" To: Subject: PF_RING ZC licences not recognised Date: