Hi folks,
According to the man pages, the default Application Protocols list is this:
FTP ftp ftp-data
HTTP http www https 3128 /* 3128 is HTTP cache */
DNS name domain
Telnet telnet login
NBios-IP netbios-ns netbios-dgm netbios-ssn
Mail pop-2 pop-3 pop3 kpop smtp imap imap2
DHCP/BOOTP 67-68
SNMP snmp snmp-trap
NNTP nntp
NFS/AFS mount pcnfs bwnfs nfsd nfsd-status 7000-7009
X11 6000-6010
SSH 22
Gnutella 6346 6347 6348
Morpheus 1214
WinMX 6699 7730
DirectConnect
eDonkey 4661-4665
BitTorrent 6881-6999 6969
Messenger 1863 5000 5001 5190-5193
But I see protocols other than these appearing underneath the
Application Protocols tab in the Web interface.
Poking around, I see that nDPI/src/include/ipq_protocols_osdpi.h defines
quite a few more protocols than the list in the man page, including ones
displayed under the Application Protocols tab.
==> What is the relationship between the list in the man page and the
contents of ipq_protocols_ospdi.h?
==> I'm attempting to add a couple protocols ... but my protocols.list
file doesn't seem to have an effect on the pie chart displayed under the
Application Protocols tab ... can you see what I'm missing, in my
efforts to add CAPWAP to this pie chart?
ps -ef | grep ntop
/opt/local/bin/ntop -u ntop -i eth8 -d -L -u ntop -P
/opt/local/share/ntop -p /opt/local/etc/ntop/protocols.list --use-syslog
daemon
cat /opt/local/etc/ntop/protocols.list
CAPWAP=capwap-control|capwap-data
SKINNY=2000
or
cat /opt/local/etc/ntop/protocols.list
+CAPWAP=capwap-control|capwap-data
+SKINNY=2000
grep capwap /etc/services
capwap-control 5246/udp # Control and Provisioning, WAP
capwap-data 5247/udp # Control and Provisioning, WAP
#
--sk
Stuart Kendrick
FHCRC
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
