-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Dear Ken,
In the webinterface goto 'Admin' - 'Configure' - 'Preferences'
Then search for 'google_maps.key'
With the set button you can enter your key.
- --
Success,
Roel
Ken Teague schreef op 2009-10-01 22:46:
When I select Hosts World Map from
you using port mirroring, taps, netflow / sflow, what?
run tcpdump on host and make sure you can see interesting traffic there first.
G
From: ntop-boun...@unipi.it on behalf of Mohammad Khalil
Sent: Wed 9/30/2009 2:06 AM
To: ntop@unipi.it
Subject: [Ntop]
What's ur resolv.conf look like? Also, within the web gui you can assign a
custom host name. Drill into a specific host and in the upper right corner of
page will be a field/link for this.
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it
resolve.conf is just our local DNS server -- but I did not know about
the custom host name trick.
But also, now that I just upgraded to teh SVN development version it
seems to be reading more of the netbios names on the workstations
On 9/30/2009 9:35 AM, Gary Gatten wrote:
What's ur
Ola
Lua is old stuff: it's is current;y being replaced by python bindings
Geodata is for IP localization: if you have a package installed we can
use that instead of downloading code. Geodata is licensed under LGPL.
In any case I want to have fresh .dat files that's why I download them
Luca
Hi Ola
On Sep 28, 2009, at 9:13 AM, Ola Lundqvist wrote:
Hi Luca
Quoting Luca Deri d...@ntop.org:
Ola
Lua is old stuff: it's is current;y being replaced by python bindings
Ok. What is it licensed under?
it's the standard package you have on Linux so I don't see a problem
here. the license
Ola
do
- make clean (if already built)
- autogen.sh -p
- autogen.sh
- make
Luca
On Sep 27, 2009, at 9:31 PM, Ola Lundqvist wrote:
Hi all
I have a problem to build the ntop 3.3.10 version on Debian unstable.
I do not know if this is a problem with the libtool version in Debian
or if this is a
On Tue, 22 Sep 2009, Brett Charbeneau wrote:
BC On Tue, 22 Sep 2009, Graeme Fowler wrote:
BC
BC GF On Tue, 2009-09-22 at 09:36 -0400, Brett Charbeneau wrote:
BC GF Anyone have any clues?
BC GF
BC GF At a rough guess, ntop's webserver is attempting to deliver gzip
BC GF compressed data to your
On Tue, 2009-09-22 at 09:36 -0400, Brett Charbeneau wrote:
Anyone have any clues?
At a rough guess, ntop's webserver is attempting to deliver gzip
compressed data to your browser (because the browser has instructed it
to with an Accept-Encoding: request header).
In turn, I'd guess that there's
I am running 3.3.11.
How does MaxMind do the AS aggregation?
-
Mike Hammett
Intelligent Computing Solutions
http://www.ics-il.com
From: Luca Deri
Sent: Monday, November 17, 2008 3:23 AM
To: ntop@unipi.it
Subject: Re: [Ntop] AS number missing
Dear all,
as of ntop 3.3.9 AS numbers
ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Sep 04 23:14:52 2009
Subject: Re: [Ntop] NTOP run a way disk usage but RRD files are not big
Erick Bergquist wrote:
It is from a yum package on Fedora 11. Version 3.3.9. All I did was a
yum install ntop shortly after a fresh
If you have the free memory, increase it. And yes, you can tweak the
timers, but I think you'll need to recompile.
I currently have address resolution and sessions disabled due to
frequent segfaults. Are you running the latest from SVN? What's its
version info?
-Original Message-
Haven't seen any segfaults -- other random messages that hint at memory
problems but that seems likely as we are close to using our 1GB of RAM.
Wouldn't disabling sessions really cripple the usefulness of ntop?
This is the most detail I could see about my version of ntop
ntop v.3.3.11-dev
to restart the ntop instance every 15 mins and lose all
the memory only data!
G
-Original Message-
From: ntop-boun...@unipi.it [mailto:ntop-boun...@unipi.it] On Behalf Of
James Chase
Sent: Wednesday, September 16, 2009 1:42 PM
To: ntop@unipi.it
Subject: Re: [Ntop] Maximum Number of TCP
Vicente
please upgrade to the latest svn code
Luca
On Sep 11, 2009, at 10:32 PM, Vicente Buritica wrote:
Thanks James. That did it.
On Fri, Sep 11, 2009 at 3:25 PM, James Chase
ja...@chasecomputers.net wrote:
This is how I got around that on CentOS 4 --
ln -s
This is how I got around that on CentOS 4 --
ln -s /tmp/ntop-3.3.10/GeoIP-1.4.6/libGeoIP/.libs/
/tmp/ntop-3.3.10/GeoIP-1.4.6/libGeoIP/.libs/.libs
James
On 9/11/2009 4:20 PM, Vicente Buritica wrote:
Hi,
I'm new to ntop and I'm having trouble with make and libGeoIP.so.
Looks there's a path
Thanks James. That did it.
On Fri, Sep 11, 2009 at 3:25 PM, James Chase ja...@chasecomputers.netwrote:
This is how I got around that on CentOS 4 --
ln -s /tmp/ntop-3.3.10/GeoIP-1.4.6/libGeoIP/.libs/
/tmp/ntop-3.3.10/GeoIP-1.4.6/libGeoIP/.libs/.libs
James
On 9/11/2009 4:20 PM, Vicente
Ryan
please send me another .pcap file containing flows I can use for
reproducing the issue
Luca
On Sep 10, 2009, at 4:12 PM, Ryan Sumner wrote:
Luca,
I grabbed the latest version from SVN, compiled, it and installed it.
After about 30 minutes, I saw the netflow statistics start to look a
...@unipi.it
You can reach the person managing the list at
ntop-ow...@unipi.it
When replying, please edit your Subject line so it is more specific
than Re: Contents of Ntop digest...
Today's Topics:
1. Re: Cisco ASA Netflow Template Support (Ryan Sumner)
2. Re: Cisco ASA
Luca,
Thanks for the update. It's been a few months so I wanted to check to
see if you were able to make any progress with the ASA issues? Thanks
for your dedication to the ntop project.
On Sun, Jul 19, 2009 at 11:16 AM, Luca Derid...@ntop.org wrote:
Ryan
I've not started yet. I'm still
To: ntop-dev@unipi.it
Sent: Wednesday, 2 September, 2009 5:42:24 PM
Subject: Re: [Ntop-dev] error traversing Database for ipnum
please update to the latest svn code
Luca
On Sep 2, 2009, at 6:02 PM, ROB POWELL wrote:
Wonder if anyone can help I'm getting the following error a lot with
a new
Try deleting your dnsCache.db and address*.db. Do NOT delete your
prefscache.db. Although, in 3.3.9 it MAY do this by itself...
Also you can try to disable name resolution, and/or sessions. Just for
testing unless of course you don't really need this info in your deployment.
Check the man on
Hello
please update to the code that's in SVN that should have fixed this
issue
Luca
On Sep 4, 2009, at 2:46 PM, Gary Gatten wrote:
Try deleting your dnsCache.db and address*.db. Do NOT delete your
prefscache.db. Although, in 3.3.9 it MAY do this by itself...
Also you can try to
Are your RRD files in that directory structure? RRD is the only thing
that will eat that much disk space that fast. Even extra verbose
logging wouldn't do it. Unless MAY you have Netflow debug enabled or
some other packet dumps / exports?
G
-Original Message-
From:
PS: usually /usr/local/var/ntop/RRD or
/usr/local/var/ntop/YourInstance/RRD
-Original Message-
From: ntop-boun...@unipi.it [mailto:ntop-boun...@unipi.it] On Behalf Of
Erick Bergquist
Sent: Friday, September 04, 2009 1:57 PM
To: ntop@unipi.it
Subject: [Ntop] NTOP run a way disk usage but
I guess try lsof to make sure? And disable rrd as a test?
-Original Message-
From: ntop-boun...@unipi.it [mailto:ntop-boun...@unipi.it] On Behalf Of Erick
Bergquist
Sent: Friday, September 04, 2009 2:14 PM
To: ntop@unipi.it
Subject: Re: [Ntop] NTOP run a way disk usage but RRD files
Hello,
A few days ago I posted this (plus some more emails):
We have been experiencing packet loss when capturing packets from a 3G
wireless modem using Fedora 10's tcpdump. In order to avoid dropped
packets, I have been trying the PF_RING patch.
Can some kind person please help me
are current.
Lastly, maybe get off of usb and use an ethernet port to a 3G router. Maybe
Luca has some ideas, cause I'm out!
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Sep 04 19:37:20 2009
Subject: Re: [Ntop] PF_RING
To: ntop@unipi.it
Subject: Re: [Ntop] NTOP run a way disk usage but RRD files are not big
Well, I installed it with yum on fedora and these are in the
/var/lib/ntop/rrd folder with the ntop .db files in /var/lib/ntop
the /var/lib/ntop folder is 8.5 meg total with subdirectories.
On Fri, Sep 4
No clue then. Ntop writes to rrds, syslogs, and dumps. And .db's but those are
small.
Is this a package or from source?
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Sep 04 21:46:06 2009
Subject: Re: [Ntop] NTOP run
2009
Subject: Re: [Ntop] NTOP run a way disk usage but RRD files are not big
How would I check with lsof?
I've disabled the Round Robin plugin and deleted the rrd files, and
when I start ntop up the available disk space continues to go down
10-15 meg every 5 minutes or so. This behavior stops once I
To: ntop@unipi.it
Subject: Re: [Ntop] NTOP run a way disk usage but RRD files are not big
Well, I installed it with yum on fedora and these are in the
/var/lib/ntop/rrd folder with the ntop .db files in /var/lib/ntop
the /var/lib/ntop folder is 8.5 meg total with subdirectories.
On Fri, Sep
spew a crapload of
messages - like its in debug mode. Maybe you have a version with this
problem?
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Sep 04 21:25:18 2009
Subject: Re: [Ntop] NTOP run a way disk usage but RRD
are small.
Is this a package or from source?
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Sep 04 21:46:06 2009
Subject: Re: [Ntop] NTOP run a way disk usage but RRD files are not big
Nothing in there, that was one
Erick Bergquist wrote:
It is from a yum package on Fedora 11. Version 3.3.9. All I did was a
yum install ntop shortly after a fresh install of Fedora.
I have rebooted the system and it free'd up like 20 gig in disk space,
and once I started ntop my disk space starting being used like a half
a
Updated to latest SVN this morning and still getting same db traversing error?
From: Luca Deri d...@ntop.org
To: ntop-dev@unipi.it
Sent: Wednesday, 2 September, 2009 5:42:24 PM
Subject: Re: [Ntop-dev] error traversing Database for ipnum
please update
please update to the latest svn code
Luca
On Sep 2, 2009, at 6:02 PM, ROB POWELL wrote:
Wonder if anyone can help I'm getting the following error a lot with
a new NTOP build
error traversing Database for ipnum = xxx
installed versions
NTOP 3.3.10 (svn)
LIBEVENT 1.4.12-stable
OS
Hello,
On Tue, Sep 1, 2009 at 5:41 PM, Mitch Davismjd-ntop@afork.com wrote:
We have been experiencing packet loss when capturing packets from a 3G
wireless modem using Fedora 10's tcpdump. In order to avoid dropped
packets, I have been trying the PF_RING patch.
[r...@t99920 ~]#
I think the prefsCache.db is in gdb format. I'm sure you can check out the
source for the gui and see what its actually doing - or find a tool to read the
gdb so you can determine what needs to be done that way.
I would also recommend you group your devices logically somehow vs setting up
Subject: Re: [Ntop] PF_RING for non-eth devices
Hello,
On Tue, Sep 1, 2009 at 5:41 PM, Mitch Davismjd-ntop@afork.com wrote:
We have been experiencing packet loss when capturing packets from a 3G
wireless modem using Fedora 10's tcpdump. In order to avoid dropped
packets, I have been
Hello Gary,
Thank you for your mail.
We are using a USB 3G wireless modem rated at 21Mbps on a 21Mbps
network. Depending on site, we get somewhere between 6 and 14Mbps.
When doing large HTTP transfers, the throughput is fine, and running
wireshark on captures doesn't show signs of
code will not be executed. That is what I observed.
the child will quit if not able to provide a reply within 2 minutes
Luca
--Xinan
--- On Mon, 8/31/09, Luca Deri d...@ntop.org wrote:
From: Luca Deri d...@ntop.org
Subject: Re: [Ntop-dev] Utility: Data Dump is broken
To: ntop-dev@unipi.it
Fixed
Thanks Luca
On Aug 26, 2009, at 9:28 PM, xinan.t...@sbcglobal.net wrote:
There are four places in emitter.c where array language[] is
searched for. However, the search is cross the array bound
MAX_FLAG_LANGUGE.
I would suggest to two chages:
1. Comparsion is LESS than instead of
On Aug 26, 2009, at 9:18 PM, xinan.t...@sbcglobal.net wrote:
After several-day hacking, I finally make the Data Dump working
again. The version based is 3.3.10.
First, here is deadcode in http.c starting at line 2681, the
parent will return(0) in the then branch and the child will quit
--- On Mon, 8/31/09, Luca Deri d...@ntop.org wrote:
From: Luca Deri d...@ntop.org
Subject: Re: [Ntop-dev] Utility: Data Dump is broken
To: ntop-dev@unipi.it, xinan.t...@sbcglobal.net
Date: Monday, August 31, 2009, 3:45 PM
On Aug 26, 2009, at 9:18 PM, xinan.t...@sbcglobal.net wrote:
After
James
can you please fetch the code from SVN and check if the problem is gone?
Thanks Luca
Gary Gatten wrote:
Re: [Ntop] ntop web server stops responding
Ignore sigpipe is a configure option. Check the
man/faq about webserver dying with no error. Also try -t d and maybe
-K? I'm
Ignore sigpipe is a configure option. Check the man/faq about webserver dying
with no error. Also try -t d and maybe -K? I'm OOO so can't really help more
right now.
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Mon Aug 24
Correct
Luca
On Aug 13, 2009, at 11:16 PM, Will Metcalf wrote:
I want to make sure that I understand the pfring_set_cluster() call.
If I have a multi-threaded application, and I want traffic to load
balance across threads based on flow, the cluster id should be the
same for all threads
-Original Message-
From: ntop-boun...@unipi.it [mailto:ntop-boun...@unipi.it] On Behalf Of Mike
Tremaine
Sent: Wednesday, August 12, 2009 7:03 AM
To: ntop@unipi.it
Subject: Re: [Ntop] Libpcap counter issue?
Gary Gatten wrote:
Try not to run the dev releases unless you must, who knows what
Make a switch somewhere so users can tweak it? Or use the mib-ii counters?
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Thu Aug 13 07:45:42 2009
Subject: Re: [Ntop] Libpcap counter issue?
If you read way back in the list
Burton Strauss III wrote:
If you read way back in the list, this is a known item.
The various NICs report different things for the counters (some total, some
# since last read). ntop tries to figure out which way the NIC is
reporting, but can be fooled (esp. if the counts are low (and of
Try not to run the dev releases unless you must, who knows what condition
they're in at any given time.
Do you think it's actually dropping packets, just the decimal is off by 3 (or
more) places? Or, is this bug just in the way the stats are collected and
displayed and there is no significant
Gary Gatten wrote:
Try not to run the dev releases unless you must, who knows what
condition they're in at any given time.
Do you think it's actually dropping packets, just the decimal is off
by 3 (or more) places? Or, is this bug just in the way the stats are
collected and displayed and
Thanks Gary,
That pointed me in the right direction. I finially scheduled time to
update /etc/services and /etc/ntop/protocols.list with the two udp
services our voip system uses; rebooted ntop server and seems to not
mark those ports as suspicious and it shows up in the TCP/UDP port
distribution.
Sweet - glad it helped!
-Original Message-
From: ntop-boun...@unipi.it [mailto:ntop-boun...@unipi.it] On Behalf Of
JoeSox
Sent: Wednesday, August 12, 2009 5:39 PM
To: ntop@unipi.it
Subject: Re: [Ntop] Customize suspicious ip ports list
Thanks Gary,
That pointed me in the right direction
Hi Luca,
any prerelease available perhaps? Would be really gratefull for that.
And all the info about it you can provide?
Best regards,
Josip
Luca Deri wrote:
Josip
ntop can't do what you need. But PF_RING can. I have developed some
VoIP extensions for PF_RING that do support
Josip
not yet. This is going to be an SDK (so you can develop your apps)
with support from ntop that will be used as console
Regards luca
On Aug 9, 2009, at 10:38 PM, Josip Djuricic wrote:
Hi Luca,
any prerelease available perhaps? Would be really gratefull for
that. And all the info
Sorry I didn't get back in a timely fashion; it's all working nicely
once I added the symlink for the source and get a new verision compiled;
maybe the yum version is yukky, or maybe there's some weird interaction
I couldn't find.
Either way I'm happy now, thanks for great software and support :)
...@unipi.it [mailto:ntop-boun...@unipi.it] On Behalf Of Gary
Gatten
Sent: Monday, August 03, 2009 1:42 PM
To: ntop@unipi.it
Subject: Re: [Ntop] Uninstall / Reinstall on Fedora
I don't know the directory structure on Fedora - unless RedHat / Fedory use
the same exact structure? Ntop installs
Development:
Error compiling development version: v.3.3.11-dev when SNMP is defined...
- too many args to function: getIfName
./configure --enable-snmp --enable-mysql --disable-static;
make
.
.
.
netflowPlugin.c: In function 'updateInterfaceName':
netflowPlugin.c:344: warning: passing argument
this. You have a demo
version or full version?
From: ntop-boun...@unipi.it
To: ntop@unipi.it
Sent: Fri Aug 07 23:30:32 2009
Subject: Re: [Ntop] Importing pcap files
Hi,
When I type in Ntop -f filename, Ntop returns the message Unrecognized
option. I placed a test
Sorry for the noise, but I've come this far:
Ok rrdtool 1.2.30 was great; ntop's configure now continues up until:
configure: error: cannot find macro directory `m4'
Of course a 'mkdir m4' fixed this.
Now it looks like I need to hand-edit a configure generated Makefile
somewhere:
gcc
Sent: Sat Aug 08 00:50:22 2009
Subject: Re: [Ntop] web server won't respond
Daniel Rose wrote:
Gary Gatten wrote:
Ps: for kicks make sure and try a real browser, maybe from a different
host. MAYBE the ntop http server is smart enough that if it doesn't
rx a proper http request in n
.
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Sat Aug 08 01:30:33 2009
Subject: Re: [Ntop] web server won't respond
Sorry for the noise, but I've come this far:
Ok rrdtool 1.2.30 was great; ntop's configure now continues up until
What about default password and perms? Did you run with -A the first and set
the password? Also try starting without -d and with -u root.
From: ntop-boun...@unipi.it
To: ntop@unipi.it
Sent: Sat Aug 08 01:46:31 2009
Subject: Re: [Ntop] web server won't respond
?
--
*From*: ntop-boun...@unipi.it
*To*: ntop@unipi.it
*Sent*: Fri Aug 07 23:30:32 2009
*Subject*: Re: [Ntop] Importing pcap files
Hi,
When I type in Ntop -f filename, Ntop returns the message Unrecognized
option. I placed a test file in the same directory
Sent: Sat Aug 08 02:06:52 2009
Subject: Re: [Ntop] Importing pcap files
I just tried sudo Ntop -f filename on Ubuntu and it worked. I went back to my
WinXP Ntop and found that many of the options (-f, -m, -V, etc) do not work.
Thanks for the help.
Gordon
On Fri, Aug 7, 2009 at 11:29 PM, Gary
the filename maybe use the full path? Ah, you're on Winblows Not
sure if it supports this. You have a demo version or full version?
From: ntop-boun...@unipi.it
To: ntop@unipi.it
Sent: Fri Aug 07 23:30:32 2009
Subject: Re: [Ntop] Importing pcap files
Hi,
When I type in Ntop -f filename
If its not very often and not causing any probs try to ignore it. Else, maybe
try a different browser? Also check the FAQ and man, there are a couple tweaks
for web server stuff that may or may not help.
From: ntop-boun...@unipi.it
To: ntop@unipi.it
Sent: Sat
Its a strange error and i didnt get any solution to it but you never know that
this is causing some problem in the data collection.
Date: Sat, 8 Aug 2009 11:09:53 -0500
From: ggat...@waddell.com
To: ntop@unipi.it
Subject: Re: [Ntop] Error 10 during sending page
If its not very often
The webserver is a unique thread, seperate from the collection and storage
threads, so I doubt it will cause any issues there.
From: ntop-boun...@unipi.it
To: ntop@unipi.it
Sent: Sat Aug 08 11:20:03 2009
Subject: Re: [Ntop] Error 10 during sending page
Its
May be the browser will not get or should i say will not display some of the
data ..
Date: Sat, 8 Aug 2009 12:24:02 -0500
From: ggat...@waddell.com
To: ntop@unipi.it
Subject: Re: [Ntop] Error 10 during sending page
The webserver is a unique thread, seperate from the collection
Nope , web usually works no prob. U sure ip tables or pf isn't running on your
host?
Ntop will track bad urls and block access from that ip for some time, MAYBE
that's it?
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri
2009
Subject: Re: [Ntop] web server won't respond
Gary Gatten wrote:
Nope , web usually works no prob. U sure ip tables or pf isn't running
on your host?
Positive; I shut it down and got the same result. Besides, I'm
connecting from localhost. I'll check again though!
Ntop will track bad
: Re: [Ntop] web server won't respond
Gary Gatten wrote:
Bad is trying to connect using goofy chars/strings embedded in url.
Try to start with -t 5 and see if anything is logged.
yup; now I see more output:
Sat Aug 8 11:31:58 2009 RRD: Cycle 1 ended, 56 RRDs updated, 0.176 seconds
Sat Aug 8 11
...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Aug 07 20:36:52 2009
Subject: Re: [Ntop] web server won't respond
Gary Gatten wrote:
Bad is trying to connect using goofy chars/strings embedded in url.
Try to start with -t 5 and see if anything is logged.
yup; now I see
Gary Gatten wrote:
Ps: for kicks make sure and try a real browser, maybe from a different
host. MAYBE the ntop http server is smart enough that if it doesn't
rx a proper http request in n seconds it kills the connection. I don't
know for sure - just a thought.
A valid thought, but it's
Hi,
When I type in Ntop -f filename, Ntop returns the message Unrecognized
option. I placed a test file in the same directory at Ntop so there is no
issue with paths. I also verified that I can import the sample file into
Wireshark so I know its good. I looked at the man page and I believe -f is
Daniel Rose wrote:
Gary Gatten wrote:
Ps: for kicks make sure and try a real browser, maybe from a different
host. MAYBE the ntop http server is smart enough that if it doesn't
rx a proper http request in n seconds it kills the connection. I don't
know for sure - just a thought.
I don't know the directory structure on Fedora - unless RedHat / Fedory
use the same exact structure? Ntop installs things in bin, etc, lib,
man, and share. Ie:
/share/ntop/html
The DB files are usually in /usr/local/var/ntop. These are where the
rrd files and runtime preferences are
perrier...@wanadoo.fr
To: ntop@unipi.it
Sent: Thursday, 30 July, 2009 3:40:55 AM
Subject: Re: [Ntop] Centos 5.3 unstable?
desoler mais mail ne doit pas etre pour moi??
Message du 27/07/09 17:25
De : Mike Tremaine
A : ntop@unipi.it
Copie à :
Objet : Re: [Ntop] Centos 5.3 unstable?
Mike
Can u try saving a file with wireshark (or whatever) and using ntop to open?
And ntop to save the file and wireshark to open?
I think a similar prob was reported maybe 6 months ago? Try searching threads
and see what pops up.
- Original Message -
From: ntop-boun...@unipi.it
, like rrdtool dir.
Debian 5.0.2
However, I now see that I do get the same error when I try to compile
snort, so I guess that I should probably try to redo the operation from
scratch.
Success; I re-installed Debian and re-did everything and now it works --
clearly I must have typo'd something
You can if you catch it within 24 hours, or even better if you can catch
it real-time. Once sessions / hosts age out from inactivity the details
are hard to get at. Try to view the nTop reports during the suspect
time window. Else, turn up the logging configs in the rrd plugin (watch
your disk
Thanks for your reply. I am looking at the reports within hours of the
data spike but am not dumping data to MySQL yet.
I guess what I am looking to do is zoom in on the Mail Protocol graph
for instance, select a time period and see information similar to what
is available in Remote - Local
. There
are knobs in ntop to control some behavior - such as sticky hosts, so a
discovered host never ages out. However, USE A FILTER to limit what
ntop sees if you use sticky hosts! Else you'd better have a couple
hundred Gig of RAM and a REALLY fast system!
I'll re-read your posts in a few and see
, 2009 1:49 PM
To: ntop@unipi.it
Subject: Re: [Ntop] Identifying Inbound Network Traffic
Thanks for your reply. I am looking at the reports within hours of the
data spike but am not dumping data to MySQL yet.
I guess what I am looking to do is zoom in on the Mail Protocol graph
for instance, select
Of
James Chase
Sent: Thursday, July 30, 2009 1:49 PM
To: ntop@unipi.it
Subject: Re: [Ntop] Identifying Inbound Network Traffic
Thanks for your reply. I am looking at the reports within hours of the
data spike but am not dumping data to MySQL yet.
I guess what I am looking to do is zoom in on the Mail
H. What OS? Sometimes there build issues on the less popular OS's such
as BSD and Solaris, but flavors of Linux are usually ok.
Maybe try fetching the source again and simply run autogen.sh with no
args. Try build from scratch with no args, except of course the one
required for your OS,
desoler mais mail ne doit pas etre pour moi??
Message du 27/07/09 17:25
De : Mike Tremaine
A : ntop@unipi.it
Copie à :
Objet : Re: [Ntop] Centos 5.3 unstable?
Mike Tremaine wrote:
Luca Deri wrote:
Can you please use 1 interface only (e.g. eth1) and see if the
problem
Mike Tremaine wrote:
Luca Deri wrote:
Can you please use 1 interface only (e.g. eth1) and see if the
problem is here?
Luca
Just an update on the ntop instance with only 1 interface, it has been
up 22 hours now and handled
Too early to tell for sure but it seems like the dual interface
Luca Deri wrote:
Can you please use 1 interface only (e.g. eth1) and see if the problem
is here?
Luca
Just an update on the ntop instance with only 1 interface, it has been
up 22 hours now and handled
Peak120.2 Mbit/s13653.9 Pkt/s
Dropped (libpcap)1.2%3,888,799
Dropped
Thank you for the reply. I will indeed let you know if I figure anything
out.
--Bruce
On Tue, Jul 21, 2009 at 10:45 AM, Luca Deri d...@ntop.org wrote:
BruceI understand your concerns. I have seen this problem some time ago
and I couldn;t really solve it. Please contact the Google people and
Usually it means ntop was not compiled with perl support integrated. If you're
installing from packages, (older versions of ntop only, newer versions don't
seem to be packaged any more) then you'll have to talk to the packager.
If compiling yourself, watch the autogen.sh scripts output closely
On Fri, 2009-07-24 at 07:00 -0700, Mike Tremaine wrote:
I'm still having problems with Ntop dying. Generally I get this log entry.
Jul 23 18:34:58 ntop ntop[12891]: *** glibc detected ***
/usr/local/bin/ntop: double free or corruption (!prev):
0x2c2b7eb0 ***
You, Gary, and several
Luca Deri wrote:
Hi all,
In fact, what happens if you disable sessions at all? Do you see any
problem?
Luca
As you suggested yesterday I disbaled sessions [-z] it still died within
an hour.
Resolved to./usr/local/bin/ntop -d -L -u ntop -w 3000 -W 0 -P
/usr/local/var/ntop -i
Same here, only I disabled inthe netflow plugin and I still died within minutes.
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Jul 24 09:57:24 2009
Subject: Re: [Ntop] Centos 5.3 unstable?
Luca Deri wrote:
Hi all
Can you please use 1 interface only (e.g. eth1) and see if the problem
is here?
Luca
On Jul 24, 2009, at 4:57 PM, Mike Tremaine wrote:
Luca Deri wrote:
Hi all,
In fact, what happens if you disable sessions at all? Do you see
any problem?
Luca
As you suggested yesterday I disbaled
.
- Original Message -
From: ntop-boun...@unipi.it ntop-boun...@unipi.it
To: ntop@unipi.it ntop@unipi.it
Sent: Fri Jul 24 10:17:14 2009
Subject: Re: [Ntop] Centos 5.3 unstable?
Can you please use 1 interface only (e.g. eth1) and see if the problem
is here?
Luca
On Jul 24, 2009, at 4:57 PM
Will do.
Sent from my iPod
On Jul 24, 2009, at 8:17 AM, Luca Deri d...@ntop.org wrote:
Can you please use 1 interface only (e.g. eth1) and see if the
problem is here?
Luca
On Jul 24, 2009, at 4:57 PM, Mike Tremaine wrote:
Luca Deri wrote:
Hi all,
In fact, what happens if you disable
1 - 100 of 8895 matches
Mail list logo