yes. Send me (privately) a pcap, full packet size, just to see how they look
Luca > On 16 Feb 2015, at 22:07, Dr. Johannes Zellner <[email protected]> wrote: > > yes I'm using the latest ntopng from svn. > > How do I share packets in pcap format? > > Am 16.02.2015 um 22:02 schrieb Luca Deri: >> Johannes, >> can you please share some packets in pcap format. i want to see if they are >> decoded by ntopng >> >> BTW: I assume you are using the ntopng code that’s current;y in SVN >> >> Luca >> >>> On 16 Feb 2015, at 22:00, Dr. Johannes Zellner <[email protected] >>> <mailto:[email protected]>> wrote: >>> >>> Hi Yuri, >>> >>> thanks. >>> The interface was already in promisc mode. >>> >>> I made a few more observations: >>> >>> 1. ntopng works with other interfaces, e.g. eth0 (but that’s not the >>> interface I’m interested in) >>> 2. iptraf also shows only the network interfaces ntopng works with >>> 4. iptraf doesn't show the dsl interface at all -- that's the interface >>> ntopng doesn't work with >>> 3. if I use iptraf -u it works with all interfaces, also the dsl interface >>> I’m interested in >>> from man iptraf: -u allow use of unsupported interfaces as ethernet >>> devices. This is needed if you changed the name of an interface (ex: ip >>> link set eth0 name foo0) >>> >>> I wonder if ntopng needs also some special -u switch like iptraf. >>> Best regards, >>> -- >>> Johannes >>> >>> Am 15.02.2015 um 10:10 schrieb Yuri Francalacci: >>> >>> >>> >>>> The traffic you see is probably broadcast. >>>> Check if the nic is in promiscuous mode once activated ntopng, because if >>>> it is not, that’s could be the reason why you don’t see any flow. >>>> Regards, Yuri >>>> ############################################### >>>> Yuri Francalacci - [email protected] <mailto:[email protected]> - >>>> http://www.ntop.org <http://www.ntop.org/> >>>> "Simplicity is the ultimate sophistication" - Leonardo da Vinci >>>> ############################################### >>>> >>>>> On 14 Feb 2015, at 19:58, Dr. Johannes Zellner <[email protected] >>>>> <mailto:[email protected]>> wrote: >>>>> >>>>> btw. >>>>> >>>>> at the bottom of the pages it displays some traffic, see attached image >>>>> >>>>> <jiaciajj.png> >>>>> >>>>> Am 14.02.2015 um 19:53 schrieb Dr. Johannes Zellner: >>>>> >>>>> >>>>> >>>>>> Hi, >>>>>> >>>>>> I compiled ntopng on a dsl modem & router (AVM FritzBox 7390, mips >>>>>> architecture). >>>>>> I’m running a modified firmware on this box (see http://freetz.org >>>>>> <http://freetz.org/>) and on top a debian chroot environment, where I >>>>>> compiled ntopng and I’m running ntopng. >>>>>> >>>>>> I started ntopng like this: >>>>>> >>>>>> /etc/init.d/redis-server start >>>>>> ./ntopng -i dsl -W 0 >>>>>> I can connect to ntopng with a web browser to the url >>>>>> http://{ip_of_the_box}:3000/ <http://%7bip_of_the_box%7d:3000/> and the >>>>>> ntopng web server seems to be up and running. >>>>>> >>>>>> BUT: >>>>>> >>>>>> it doesn’t display any traffic at all. >>>>>> >>>>>> In Dashboard->Talkers I just get the message “There are no talkers for >>>>>> the current host”. >>>>>> and in Flows->Active Flows I get “No Results Found”. >>>>>> >>>>>> Any ideas? >>>>>> >>>>>> -- >>>>>> >>>>>> Johannes >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Ntop mailing list >>>>>> [email protected] <mailto:[email protected]> >>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>>> <http://listgateway.unipi.it/mailman/listinfo/ntop> >>>>> _______________________________________________ >>>>> Ntop mailing list >>>>> [email protected] <mailto:[email protected]> >>>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>>> <http://listgateway.unipi.it/mailman/listinfo/ntop> >>>> >>>> >>>> _______________________________________________ >>>> Ntop mailing list >>>> [email protected] <mailto:[email protected]> >>>> http://listgateway.unipi.it/mailman/listinfo/ntop >>>> <http://listgateway.unipi.it/mailman/listinfo/ntop> >>> >>> >>> >>> >>> _______________________________________________ >>> Ntop mailing list >>> [email protected] <mailto:[email protected]> >>> http://listgateway.unipi.it/mailman/listinfo/ntop >>> <http://listgateway.unipi.it/mailman/listinfo/ntop> >> >> >> _______________________________________________ >> Ntop mailing list >> [email protected] <mailto:[email protected]> >> http://listgateway.unipi.it/mailman/listinfo/ntop >> <http://listgateway.unipi.it/mailman/listinfo/ntop> > -- > Dr. Johannes Zellner <[email protected]> > <mailto:[email protected]>_______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
