I'm running FreeBSD 4.5R using the current ports distribution of
NTOP. According to the NTOP GUI I'm running v.2.0.0 MT (SSL).
I'll explain my setup. I have a FreeBSD machine with two interfaces. One
interface is on the 192.168.2.0/24 network behind my firewall. The second
interface is "virtually" on the 192.168.1.0/24 network but physically it is
plugged into the hub that services my 6.65.85.160/29 Internet subnet.
FreeBSD (fxp0) -- 192.168.2.0/24 -- Firewall -- 6.65.85.160/29 --> Internet
| ^
| (ep1) ------ 192.168.1.0/24 --------------------|
Both interfaces are specifically be monitored by ntop and I included the -M
switch so I can switch between interfaces.
I have a -m switch as part of my startup script, ntop.sh, for ntop. The
following shows the value (note the line below is wrapped):
additional_args='-M -K -E -N -S0
-m"6.65.85.160/255.255.255.248,192.168.1.0/255.255.255.0,192.168.2.0/255.255.255.0"'
I also tried the #.#.#.#/<bits> notation but this didn't appear to work
either. Ntop startup fine with this - no error messages. Where I think
there is a problem is in the "Data Sent"->"All
Protocols"->"One-Of-My-Local-Hosts". The page for my 6.65.85.163 host is
being shown as "Remote" even though the -m switch should be making it "Local".
The -M switch does allow my to "switch" interfaces but the data between the
interfaces is be "mixed". The man page says this should not be
happening. At startup, ntop attaches to fxp0. When I switch to ep1, I'm
still seeing services that only exist on fxp0 (e.g. NFS) and the hosts
associated with that subnet. The metrics are being not incremented
though. It appears they got "mixed" when I switched interfaces.
Any ideas on both or either of these ?
-
........................................................
......... ..- -. .. -..- .-. ..- .-.. . ... ............
.-- .. -. -... .-.. --- .-- ... -.. .-. --- --- .-.. ...
Sean O'Neill
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listmanager.unipi.it/mailman/listinfo/ntop
