Hi Luca
attached is a file I created with tcpdump -s 0 port ntp or domain -i dsl -w mycap.pcap hope that's what you wanted. -- Johannes Am 16.02.2015 um 22:08 schrieb Luca Deri:
yes. Send me (privately) a pcap, full packet size, just to see how they lookLucaOn 16 Feb 2015, at 22:07, Dr. Johannes Zellner <[email protected] <mailto:[email protected]>> wrote:yes I'm using the latest ntopng from svn. How do I share packets in pcap format? Am 16.02.2015 um 22:02 schrieb Luca Deri:Johannes,can you please share some packets in pcap format. i want to see if they are decoded by ntopngBTW: I assume you are using the ntopng code that’s current;y in SVN LucaOn 16 Feb 2015, at 22:00, Dr. Johannes Zellner <[email protected] <mailto:[email protected]>> wrote:Hi Yuri, thanks. The interface was already in promisc mode. I made a few more observations:1. ntopng works with other interfaces, e.g. eth0 (but that’s not the interface I’m interested in)2. iptraf also shows only the network interfaces ntopng works with4. iptraf doesn't show the dsl interface at all -- that's the interface ntopng doesn't work with 3. if I use iptraf -u it works with all interfaces, also the dsl interface I’m interested in from man iptraf: -u allow use of unsupported interfaces as ethernet devices. This is needed if you changed the name of an interface (ex: ip link set eth0 name foo0)*I wonder if ntopng needs also some special -u switch like iptraf.* Best regards, -- Johannes Am 15.02.2015 um 10:10 schrieb Yuri Francalacci:The traffic you see is probably broadcast.Check if the nic is in promiscuous mode once activated ntopng, because if it is not, that’s could be the reason why you don’t see any flow.Regards, Yuri ###############################################Yuri Francalacci - [email protected] <mailto:[email protected]> - http://www.ntop.org <http://www.ntop.org/>"Simplicity is the ultimate sophistication" - Leonardo da Vinci ###############################################On 14 Feb 2015, at 19:58, Dr. Johannes Zellner <[email protected] <mailto:[email protected]>> wrote:btw.at the bottom of the pages it displays /some/ traffic, see attached image<jiaciajj.png> Am 14.02.2015 um 19:53 schrieb Dr. Johannes Zellner:Hi,I compiled ntopng on a dsl modem & router (AVM FritzBox 7390, mips architecture). I’m running a modified firmware on this box (see http://freetz.org <http://freetz.org/>) and on top a debian chroot environment, where I compiled ntopng and I’m running ntopng.I started ntopng like this: |/etc/init.d/redis-server start ./ntopng -i dsl -W 0 |I can connect to ntopng with a web browser to the url http://{ip_of_the_box}:3000/ <http://%7bip_of_the_box%7d:3000/> and the ntopng web server seems to be up and running.BUT: it doesn’t display any traffic at all.In Dashboard->Talkers I just get the message “There are no talkers for the current host”.and in Flows->Active Flows I get “No Results Found”. Any ideas? -- Johannes _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop_______________________________________________ Ntop mailing list [email protected] <mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected] <mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-- Dr. Johannes Zellner<[email protected]> _______________________________________________ Ntop mailing list [email protected] <mailto:[email protected]> http://listgateway.unipi.it/mailman/listinfo/ntop_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
-- Dr. Johannes Zellner <[email protected]>
mycap.pcap
Description: application/vnd.tcpdump.pcap
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
