Kirk, Once you get flow-tools going, you might want to consider FlowViewer ( http://ensight.eos.nasa.gov/FlowViewer ). FlowViewer is a companion tool to flow-tools which gives you a web interface. FlowViewer provides text, graphing and MRTG-like tracking features.
Joe |------------> | From: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |Kirk Olson <[email protected]> | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |[email protected] | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |01/08/2010 01:55 PM | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |Re: [Flow-tools] new install | >--------------------------------------------------------------------------------------------------------------------------------------------------| I was using version 9 on the router. Version 9 would error out on flow-capture so I changed the version to 5 on the router and now I have flows being written. I did also disable iptables and ip6tables (?) per Craig and Joe. I will test now if those are getting in the way too. Many thanks to al Kirk On Fri, Jan 8, 2010 at 12:20 PM, Joe Loiacono <[email protected]> wrote: Also make sure there is no firewall (iptables) blocking things. the f/w blocks packets after tcpdump. Joe Loiacono |------------> | From: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |Kirk Olson <[email protected]> | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |[email protected] | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |01/08/2010 11:34 AM | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |[Flow-tools] new install | >--------------------------------------------------------------------------------------------------------------------------------------------------| Thanks all for hearing my plight. flow-capture is running and tcpdump reports incoming udp packets but files are not being written in the directory specified. I am using the following command to start the capture: flow-capture -w /flows/mkflows 0/0/9800 -S5 -n287 I am running Fedora 10 and am sure I am missing something simple. I am not particularly good with the Linux OS but am willing to learn. ;-) Kirk_______________________________________________ Flow-tools mailing list [email protected] http://mailman.splintered.net/mailman/listinfo/flow-tools _______________________________________________ Flow-tools mailing list [email protected] http://mailman.splintered.net/mailman/listinfo/flow-tools _______________________________________________ Flow-tools mailing list [email protected] http://mailman.splintered.net/mailman/listinfo/flow-tools
