Command Line Started as.... ntop Resolved to.... ntop Preferences Used NOTE: (effective) means that this is the value after ntop has processed the parameter.(default) means this is the default value, usually (but not always) set by a #define in globals-defines.h. -a | --access-log-file (default) (nil) -b | --disable-decoders (default) No -c | --sticky-hosts (default) No -d | --daemon No -e | --max-table-rows (default) 128 -g | --track-local-hosts (default) Track all hosts -i | --interface (effective) eth0 -j | --create-other-packets (default) Disabled -l | --pcap-log (default) (nil) -m | --local-subnets (effective) 10.11.96.0/22, 172.18.10.0/27 -n | --numeric-ip-addresses dnsResolutionForLocalHostsOnly <------------------could this be the issue -o | --no-mac (default) Trust MAC Addresses -p | --protocols (default) internal list -q | --create-suspicious-packets (default) Disabled -r | --refresh-time (default) 120 -s | --no-promiscuous (default) No -t | --trace-level (default) 3 -u | --user nobody (uid=99, gid=99) -w | --http-server (default) Active, all interfaces, port 3000 -z | --disable-sessions (default) No -B | --filter-expression (default) none -D | --domain none -F | --flow-spec (default) none -K | --enable-debug (default) No -L | --use-syslog daemon -M | --no-interface-merge (effective) (default) (Merging Interfaces) Yes -O | --pcap-file-path (default) /var/lib/ntop -P | --db-file-path (default) /var/lib/ntop -Q | --spool-file-path (default) /var/lib/ntop -U | --mapper (default) http://geotool.servehttp.com/ -W | --https-server Uninitialized -X 32768 --disable-instantsessionpurge (default) No --disable-mutexextrainfo Yes --disable-stopcap Yes --fc-only (default) No --instance (default) (nil) --no-fc (default) No --no-invalid-lun (default) No --p3p-cp (default) none --p3p-uri (default) none --skip-version-check Yes --w3c Yes
On Thu, Jun 30, 2011 at 11:55 PM, Gary Gatten <[email protected]> wrote: > Gotta be startup args. Go to About -> Show Configuration. Scroll down a bit > to "Command Line". Also note "Preferences Used" and perhaps look for > anything else "odd". > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of casey rhoads > Sent: Thursday, June 30, 2011 2:20 PM > To: [email protected] > Subject: Re: [Ntop] Last Contacted Peers > > no startup args. I installed with pacman from the Arch directories. > > On Thu, Jun 30, 2011 at 11:47 PM, Gary Gatten <[email protected]> wrote: >> IPv6? >> >> Packet Statistics? Generally speaking "all" reporting functions are enabled >> by default - in fact, many/all can't be enabled/disabled. >> >> Did you build 4.0.3 or install a package? Obviously something is not right. >> What are your startup args? >> >> >> -----Original Message----- >> From: [email protected] >> [mailto:[email protected]] On Behalf Of casey rhoads >> Sent: Thursday, June 30, 2011 2:10 PM >> To: [email protected] >> Subject: Re: [Ntop] Last Contacted Peers >> >> Gary thank you for the quick response below is a response from the web >> gui for last contacted peers. >> >> Last Contacted Peers >> >> Sent To IP Address >> ff02::1:ff3d:37d4 ff02::1:ff3d:37d4 >> ff02::1:ff79:9cdc ff02::1:ff79:9cdc >> ff02::1:ff9f:e429 ff02::1:ff9f:e429 >> ff02::1:3 ff02::1:3 >> 224.0.0.252 224.0.0.252 >> ff02::1:ffb2:6cd1 ff02::1:ffb2:6cd1 >> ff02::1:2 ff02::1:2 >> Total Contacts 23 >> >> >> I am also missing the packet statistics section. how would i enable that? >> >> Thank you >> >> On Thu, Jun 30, 2011 at 11:29 PM, Gary Gatten <[email protected]> wrote: >>> I'm not certain I understand your question. However, I personally have >>> never seen host names in the "Last Contacted Peers" (LCP) table. Even if >>> 1.1.1.1 resolves to www.gary.net and is displayed in other reports as >>> www.gary.net, it always shows up as 1.1.1.1 in the LCP table. For me this >>> has always been the case - as far as I recall. Someone recently posted a >>> similar question / statement, claiming his LCP WAS showing hostnames until >>> an ntop upgrade, and he tweaks the name res options (-n 2 I think) and it >>> started displaying names again. Perhaps google for ntop and Last Contacted >>> Peers and see what you find, this thread was in the last 4 - 8 weeks IIRC. >>> >>> As for the resolution process in general; ntop "sniffs" packets as well as >>> performs name/IP lookups. It's typically pretty good at resolving things. >>> >>> Also, from my experience multicast IP's are nearly impossible to resolve to >>> a host / unicast IP address. Some are well known / reserved, but >>> 224.0.0.52 appears to not be. >>> >>> I'm thinking I didn't answer your question, but hopefully at least pointed >>> you in the right direction. >>> >>> G >>> >>> >>> -----Original Message----- >>> From: [email protected] >>> [mailto:[email protected]] On Behalf Of casey rhoads >>> Sent: Thursday, June 30, 2011 1:30 PM >>> To: [email protected] >>> Subject: [Ntop] Last Contacted Peers >>> >>> I have installed NTOP 4.0.3 on arch linux it shows all last contacted >>> peers that are outside of the network as multicast dns such as >>> 224.0.0.52 i need to change this to the actual name of the website. >>> >>> How would i go about getting these to resolve to websites. >>> >>> Thank you in advance >>> >>> Casey >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> >>> >>> >>> >>> >>> <font size="1"> >>> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in >>> 0in 1.0pt 0in'> >>> </div> >>> "This email is intended to be reviewed by only the intended recipient >>> and may contain information that is privileged and/or confidential. >>> If you are not the intended recipient, you are hereby notified that >>> any review, use, dissemination, disclosure or copying of this email >>> and its attachments, if any, is strictly prohibited. If you have >>> received this email in error, please immediately notify the sender by >>> return email and delete this email from your system." >>> </font> >>> >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> >> _______________________________________________ >> Ntop mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop >> >> >> >> >> >> <font size="1"> >> <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in >> 0in 1.0pt 0in'> >> </div> >> "This email is intended to be reviewed by only the intended recipient >> and may contain information that is privileged and/or confidential. >> If you are not the intended recipient, you are hereby notified that >> any review, use, dissemination, disclosure or copying of this email >> and its attachments, if any, is strictly prohibited. If you have >> received this email in error, please immediately notify the sender by >> return email and delete this email from your system." >> </font> >> >> _______________________________________________ >> Ntop mailing list >> [email protected] >> http://listgateway.unipi.it/mailman/listinfo/ntop >> > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop > > > > > > <font size="1"> > <div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in > 0in 1.0pt 0in'> > </div> > "This email is intended to be reviewed by only the intended recipient > and may contain information that is privileged and/or confidential. > If you are not the intended recipient, you are hereby notified that > any review, use, dissemination, disclosure or copying of this email > and its attachments, if any, is strictly prohibited. If you have > received this email in error, please immediately notify the sender by > return email and delete this email from your system." > </font> > > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop > _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
