In additional I obtain:
09/Sep/2010 16:27:48 [plugin.c:128] No plugins in ./plugins
09/Sep/2010 16:27:49 [plugin.c:128] No plugins in /usr/local/lib/nprobe/plugins
09/Sep/2010 16:27:49 [plugin.c:132] WARNING: Unable to find plugins directory.
nProbe will work without plugins!
09/Sep/2010 16:27:49 [util.c:1540] WARNING: Unable to locate template
'SIP_CALL_ID'. Discarded.
09/Sep/2010 16:27:49 [util.c:1540] WARNING: Unable to locate template
'SIP_CALLING_PARTY'. Discarded.
09/Sep/2010 16:27:49 [util.c:1540] WARNING: Unable to locate template
'SIP_CALLED_PARTY'. Discarded.
09/Sep/2010 16:27:49 [util.c:1540] WARNING: Unable to locate template
'SIP_RTP_CODECS'. Discarded.
09/Sep/2010 16:27:49 [util.c:1540] WARNING: Unable to locate template
'SIP_RTP_SRC_PORT'. Discarded.
09/Sep/2010 16:27:49 [util.c:1540] WARNING: Unable to locate template
'SIP_RTP_DST_PORT'. Discarded.
09/Sep/2010 16:27:49 [plugin.c:520] 0 plugin(s) enabled
09/Sep/2010 16:27:49 [nprobe.c:4029] Capturing packets from interface eth1
And if I register and analyze the flows sent (tcpdump), I cannot find the SIP
field into netflow packets (wireshark).
I'm trying the demo version to test it.
thanks for help!
Simon
Il 09/09/2010 14:18, Simone Felici ha scritto:
Hi to all!
I'l trying to configure ntop/nprobe con collect informations on VoIP traffic.
A've some questions:
1. Do I need nprobe to obtain an advanced monitoring of VoIP records as
descrived here (http://luca.ntop.org/VoIP.pdf) or is
enough to configure a cisco router to export "flow export ..." pointing to a
server running ntop?
2. If I need nprobe, I've tested this solution:
a) voip server on Cisco router with port in span duplicating ALL the traffic to
a server with nprobe on eth1.
b) starting nprobe with this parameters:
./nprobe -i eth1 -n <ntop_server_ip>:2055 -U 257 -T "%LAST_SWITCHED
%FIRST_SWITCHED %IPV4_SRC_ADDR %IPV4_DST_ADDR %IN_BYTES
%IN_PKTS %OUT_BYTES %SIP_CALL_ID %SIP_CALLING_PARTY %SIP_CALLED_PARTY
%SIP_RTP_CODECS %SIP_RTP_SRC_PORT %SIP_RTP_DST_PORT
%RTP_FIRST_SSRC %RTP_IN_JITTER %RTP_OUT_PAYLOAD_TYPE %RTP_IN_MAX_DELTA %L4_SRC_PORT
%L4_DST_PORT"
c) starting ntop on another server enabling the "NetFlow plugin" on port 2055.
Is the scenario correct?
3. Even if correct (please confirm) on the nprobe server, I cannot see on ntop any
information about voip. I cannot see the "ntop:
VoIP Session Detail" or "ntop: Host Detail" (I'm missing these menus) like descrived in
"Open Source VoIP Traffic Monitoring"
documentation of Luca Deri.
What I'm doing wrong?
Thank's
Simon
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
--
Simone Felici
Divisione Tecnica: Progettazione e Sviluppo
tel. +39 0461.030.111
fax. +39 0461 030.112
Via Fersina, 23 - 38123 Trento
-------------
MC-link S.p.A.
Sede Direzionale e Amministrativa
Via Carlo Perrier, 9/a - 00157 Roma
Sede Legale
Via Fersina, 23 - 38123 Trento
http://www.mclink.it
Save a tree. Don't print this e-mail unless it's really necessary
Informativa ai sensi del Codice della proprietà industriale e del Codice dei
dati personali.
Le informazioni contenute in questa e-mail e negli eventuali allegati, possono contenere informazioni confidenziali e coperte da
segreto commerciale/industriale. Esse vengono comunicate nei limiti giuridici dei rapporti in essere fra le parti e pertanto
nessun ulteriore diritto di proprietà intellettuale o industriale può essere rivendicato dal ricevente.
Le informazioni contenute in questa e-mail e negli eventuali allegati sono indirizzate esclusivamente a coloro che figurano come
destinatari.
Se avete ricevuto per errore questa e-mail siete pregati di informarci (rispedendola al mittente) e di provvedere alla sua
rimozione, a non farne utilizzo e a non conservarne alcuna copia.
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
