I will be out of the office on vacation from August 2 through August 12. I will return
on Tuesday morning August 13.
If you need immediate attention related to MIS support issues please call the MCCPC
helpdesk at extension 3103 or send an e-mail to: "[EMAIL PROTECTED]"
>>> ntop 08/02/02 06:00 >>>
Send Ntop mailing list submissions to
[EMAIL PROTECTED]
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.ntop.org/mailman/listinfo/ntop
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Ntop digest..."
Today's Topics:
1. trouble whit netflows (Nicolas Meaux)
2. RE: Making ntop "boot-resistant" (Burton M. Strauss III)
3. RE: make error of 2.1.2 on RH7.3. - math library problem (Burton M. Strauss III)
4. Bye I'm becoming a daemon (was make error of 2.1.2 on RH7.3.) (Burton M. Strauss
III)
5. RE: trouble whit netflows (Burton M. Strauss III)
6. RE: New "feature" for NTOP (Burton M. Strauss III)
7. Re: sflow data retrieval (update FAQ) (Blake)
8. ntop start in Redhat 7.3 (=?iso-8859-1?q?Bruno=20Penedo?=)
9. RE: sflow data retrieval (update FAQ) (Burton M. Strauss III)
10. RE: ntop start in Redhat 7.3 (Burton M. Strauss III)
11. {FreeBSD 4.5-R] NTOP-2.1.2 Isn't Working Properly Anymore.... (The Jetman)
12. RE: {FreeBSD 4.5-R] NTOP-2.1.2 Isn't Working Properly Anymore.... (Burton M.
Strauss III)
--__--__--
Message: 1
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: Nicolas Meaux <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Date: Thu, 1 Aug 2002 17:11:03 +0200
Subject: [Ntop] trouble whit netflows
Reply-To: [EMAIL PROTECTED]
Hi,
I have a problems whit netflows, ntop don't seems to received the flows
...
So,
-start ntop whit minimal options : ntop -u ntop ( i don't work whit the
defaults options )
-i enable the plugin....
-i configure netflows to use the port 8080
-i made a tcpdump on port 8080, and he already received flows
-i have a debian and the ver 2.1.0-3 of ntop
-i switch the device to "netflows-device"
ntop works when eth0 is switched on.
syslog say :
01/Aug/2002 16:57:12 Welcome to NetFlow. (C) 2002 by Luca Deri.
01/Aug/2002 16:57:32 NetFlow collector listening on port 8080.
Thanks,
--
Nicolas Meaux
*quipe R&THgr;seaux T&THgr;l&THgr;coms
Universit&THgr; de Picardie
--__--__--
Message: 2
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: RE: [Ntop] Making ntop "boot-resistant"
Date: Thu, 1 Aug 2002 10:40:04 -0500
Reply-To: [EMAIL PROTECTED]
You are right, it's in the FAQ (docs/FAQ - look for -S option)
Short answer, no.
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Wolfgang Mettbach
Sent: Tuesday, July 30, 2002 10:46 AM
To: [EMAIL PROTECTED]
Subject: [Ntop] Making ntop "boot-resistent"
Hello,
I am sure that this must be very simple and most probably it is a FAQ as
well but I haven't found the solution yet.
I'd like to use ntop to messure and account the traffic on an internal
device, seperatly for each client. Ntop does this job pretty well.
Unfortunately the data is lost each time ntop is restarted, eg. when
rebooting. So, after a reboot, the accountings are set to zero again.
How do I make ntop remember the previous data? Can I tell ntop to write
the data to a file periodicaly and re-read that file after restart?
Thanks in advance for any help.
Bye,
--
Wolfgang Mettbach Phone: +49 (0)5251 50081-22
ynes GmbH Fax: +49 (0)5251 50081-19
Paderborn (Germany) http://www.ynes.de
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
Message: 3
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: RE: [Ntop] make error of 2.1.2 on RH7.3. - math library problem
Date: Thu, 1 Aug 2002 11:10:26 -0500
Reply-To: [EMAIL PROTECTED]
One problem per message
1) I had to make a small patch to the makefile for RedHat's newer installs -
they split the math libs. It's in the SRPM. I'll post it separately too.
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Roman
Havelka
Sent: Wednesday, July 31, 2002 1:44 PM
To: [EMAIL PROTECTED]
Subject: [Ntop] make error of 2.1.2 on RH7.3.
Hello,
I have these problems with ntop -
1) how to install ntop 2.1.2 from the source on RedHat
7.3 ? The make error in crypt (and sin, cos...) was
mentioned, but is there a solution ?
2) all the pages generated by ntop (now I use 2.1.1)
have the javasript error - syntax (seems to be
unprintable character in functions.js) - tested by
Netscape 4.7. and IE 5.5. How to solve it ?
3) my ntop also stops by "Bye, becoming a daemon" - is
the a cure ? (ntop -d -P /var/lib/ntop -L -S 1,
starting from init.d by default ntopd script)
Are these problems on RH distribution only ?
Thanks for your help.
Roman
__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
Message: 4
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Date: Thu, 1 Aug 2002 11:10:34 -0500
Subject: [Ntop] Bye I'm becoming a daemon (was make error of 2.1.2 on RH7.3.)
Reply-To: [EMAIL PROTECTED]
That's the message when ntop becomes a daemon. Do a ps -axf you'll see the
threads running. Try connecting to the web server...
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Roman
Havelka
Sent: Wednesday, July 31, 2002 1:44 PM
To: [EMAIL PROTECTED]
Subject: [Ntop] make error of 2.1.2 on RH7.3.
Hello,
I have these problems with ntop -
1) how to install ntop 2.1.2 from the source on RedHat
7.3 ? The make error in crypt (and sin, cos...) was
mentioned, but is there a solution ?
2) all the pages generated by ntop (now I use 2.1.1)
have the javasript error - syntax (seems to be
unprintable character in functions.js) - tested by
Netscape 4.7. and IE 5.5. How to solve it ?
3) my ntop also stops by "Bye, becoming a daemon" - is
the a cure ? (ntop -d -P /var/lib/ntop -L -S 1,
starting from init.d by default ntopd script)
Are these problems on RH distribution only ?
Thanks for your help.
Roman
__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
Message: 5
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: RE: [Ntop] trouble whit netflows
Date: Thu, 1 Aug 2002 11:21:18 -0500
Reply-To: [EMAIL PROTECTED]
Upgrade ntop to 2.1.2 - we don't support versions prior to 2.1. There were
significant changes in the implementation of netflow in 2.1 - see the plugin
for the configuration options.
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Nicolas Meaux
Sent: Thursday, August 01, 2002 10:11 AM
To: [EMAIL PROTECTED]
Subject: [Ntop] trouble whit netflows
Hi,
I have a problems whit netflows, ntop don't seems to received the flows
...
So,
-start ntop whit minimal options : ntop -u ntop ( i don't work whit the
defaults options )
-i enable the plugin....
-i configure netflows to use the port 8080
-i made a tcpdump on port 8080, and he already received flows
-i have a debian and the ver 2.1.0-3 of ntop
-i switch the device to "netflows-device"
ntop works when eth0 is switched on.
syslog say :
01/Aug/2002 16:57:12 Welcome to NetFlow. (C) 2002 by Luca Deri.
01/Aug/2002 16:57:32 NetFlow collector listening on port 8080.
Thanks,
--
Nicolas Meaux
*quipe R&THgr;seaux T&THgr;l&THgr;coms
Universit&THgr; de Picardie
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
Message: 6
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: RE: [Ntop] New "feature" for NTOP
Date: Thu, 1 Aug 2002 11:41:47 -0500
Reply-To: [EMAIL PROTECTED]
Write the code, we'll be happy to include it.
The code handling ICMP is a model - it too is an Ethernet but not TCP/IP
protocol.
Remember that the mission of ntop is to pull information of interest to
network admins out of the data streams. Let that drive what you
I would suggest creating a header tab like "IP Traffic" for "Other
Protocols". Then have left menu pages for specific protocols.
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
Pierotti, Phil
Sent: Tuesday, July 30, 2002 5:21 PM
To: [EMAIL PROTECTED]
Subject: [Ntop] New "feature" for NTOP
I was wondering if anyone has looked into providing more complete support
for IPSEC VPN traffic in NTOP?
ISAKMP is standard TCP/UDP port, but the rest of IPSEC is different IP
protocol numbers (ie functionally at the same level as UDP and TCP) [esp =
protocol 50, ah = protocol 51]
It would be nice if NTOP could also track and display counters for this on
the "all protocols" page.
Others that come to mind at this level include GRE (protocol 47) , TLSP
(56), IPIP (94) , L2TP (115).
http://www.iana.org/assignments/protocol-numbers
Just a thought.
Thanks,
Phil P
----------------------------------------------------------------------------
--
[EMAIL PROTECTED]
----------------------------------------------------------------------------
--
Phil Pierotti Ph: 408 376 5820
Senior Network Engineer Cell: 408 410 1818
eBay, Inc.
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
Message: 7
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
Date: Thu, 1 Aug 2002 10:35:49 -0700 (PDT)
From: Blake <[EMAIL PROTECTED]>
Subject: Re: [Ntop] sflow data retrieval (update FAQ)
To: [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
maybe this one should go in the FAQ?
--- Thomas Keitel <[EMAIL PROTECTED]> wrote:
> I asked a similar question a few weeks ago. The
> answer is to choose the
> sflow external interface as opposed to the default
> ethernet that is selected
> by default. I don*t have it up in front of me but
> setup your sflow plugin
> and then change the interface from *ethernet*
> whatever to sflow plugin and
> you should be ready to rock.
>
> Cheers,
>
> Tom
>
>
> On 7/29/02 13:53, "Rolf Trainor"
> <[EMAIL PROTECTED]> wrote:
>
>
> > I am running the latest version of ntop and have
> the sflow plugin installed
> > and I see it sending and receiving packets. The
> question is, how can I view
> > the data? I am not seeing anything show up on the
> web pages.
> >
> > Is there a document out there that talks about
> sflow configuration and
> > monitoring with ntop and to read and understand
> the data?
> >
> >
> >
> > Thanks,
> >
> > rolf
> >
> >
> >
> > Do You Yahoo!?
> > Yahoo! Health <http://health.yahoo.com/> - Feel
> better, live better
>
>
>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com
--__--__--
Message: 8
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
Date: Thu, 1 Aug 2002 14:57:36 -0300 (ART)
From: =?iso-8859-1?q?Bruno=20Penedo?= <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: [Ntop] ntop start in Redhat 7.3
Reply-To: [EMAIL PROTECTED]
hi all, im using Redhat 7.3 distribution and i've
installed ntop(version 2.1.2) on it several times and
this isnt start. I have openssl0.9.6b, libpcap-0.6.2,
gdb, libpng, mySQL, installed in the OS. I need to
know the minimum system requirements of ntop. What are
the libs... what is the OS and cpu memory etc..
im using ntop cause we agreed the solution of
implement thsis product cause this is the best trafic
monitor on the world, we ll use this in
triples.com.br. I wait answers. Since Thanfull
Bpenedo
_______________________________________________________________________
Yahoo! PageBuilder
O super editor para cria&tgr;&pgr;o de sites: &THgr; gr*tis, f*cil e r*pido.
http://br.geocities.yahoo.com/v/pb.html
--__--__--
Message: 9
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: RE: [Ntop] sflow data retrieval (update FAQ)
Date: Thu, 1 Aug 2002 13:22:38 -0500
Reply-To: [EMAIL PROTECTED]
It's in there - I just haven't committed it - I try not to do it for EACH
additional entry.
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Blake
Sent: Thursday, August 01, 2002 12:36 PM
To: [EMAIL PROTECTED]
Subject: Re: [Ntop] sflow data retrieval (update FAQ)
maybe this one should go in the FAQ?
--- Thomas Keitel <[EMAIL PROTECTED]> wrote:
> I asked a similar question a few weeks ago. The
> answer is to choose the
> sflow external interface as opposed to the default
> ethernet that is selected
> by default. I don9t have it up in front of me but
> setup your sflow plugin
> and then change the interface from �ethernet9
> whatever to sflow plugin and
> you should be ready to rock.
>
> Cheers,
>
> Tom
>
>
> On 7/29/02 13:53, "Rolf Trainor"
> <[EMAIL PROTECTED]> wrote:
>
>
> > I am running the latest version of ntop and have
> the sflow plugin installed
> > and I see it sending and receiving packets. The
> question is, how can I view
> > the data? I am not seeing anything show up on the
> web pages.
> >
> > Is there a document out there that talks about
> sflow configuration and
> > monitoring with ntop and to read and understand
> the data?
> >
> >
> >
> > Thanks,
> >
> > rolf
> >
> >
> >
> > Do You Yahoo!?
> > Yahoo! Health <http://health.yahoo.com/> - Feel
> better, live better
>
>
>
>
__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
Message: 10
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: RE: [Ntop] ntop start in Redhat 7.3
Date: Thu, 1 Aug 2002 13:22:49 -0500
Reply-To: [EMAIL PROTECTED]
Read docs/FAQ and docs/1STRUN.txt
They are NOT there because Luca or I felt like writing them...
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Bruno
Penedo
Sent: Thursday, August 01, 2002 12:58 PM
To: [EMAIL PROTECTED]
Subject: [Ntop] ntop start in Redhat 7.3
hi all, im using Redhat 7.3 distribution and i've
installed ntop(version 2.1.2) on it several times and
this isnt start. I have openssl0.9.6b, libpcap-0.6.2,
gdb, libpng, mySQL, installed in the OS. I need to
know the minimum system requirements of ntop. What are
the libs... what is the OS and cpu memory etc..
im using ntop cause we agreed the solution of
implement thsis product cause this is the best trafic
monitor on the world, we ll use this in
triples.com.br. I wait answers. Since Thanfull
Bpenedo
_______________________________________________________________________
Yahoo! PageBuilder
O super editor para cria&tgr;&pgr;o de sites: &THgr; gr*tis, f*cil e r*pido.
http://br.geocities.yahoo.com/v/pb.html
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
Message: 11
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "The Jetman" <[EMAIL PROTECTED]>
To: "NTOP Mail List" <[EMAIL PROTECTED]>
Date: Thu, 1 Aug 2002 18:22:23 -0400
Subject: [Ntop] {FreeBSD 4.5-R] NTOP-2.1.2 Isn't Working Properly Anymore....
Reply-To: [EMAIL PROTECTED]
Love NTOP, since I started using it a couple of weeks ago. I installed
it from the ntop-2.0.tgz FBSD-specific pkg. Worked almost exactly as
expected and was installed and operational in less than five mins. Okay,
I see what mite be bugs in the system, so I d/l the latest tarball (2.1.2) and
did the following:
1) ./configure ; gmake ; gmake install
2) edit ntop.sh
2a) add args = -S1 -P /var/db/ntop ; interface = wi0
3) chown nobody /var/db/ntop
That's it. Only now NTOP is really acting buggy. I put the startup script
in the bild directory and run it w/ max debug msgs (-t5) and don't see any
errors. That is, except for a never-ending stream of 'Host not found'
messages sent to the console. Also, the Stats:Network Load link doesn't
display graphs any more ! A single link is presented w/ the date/time,
which displays the table w/ the top three sending/receiving hosts on
a minute-by-minute basis.
Another observation: prior to adding the -S1 option, NTOP used
the directory spec'd by the -P option. However, upon adding the -S1
option, it immed prompted for the pswd again and placed the *.db
files in /usr/local/var/ntop ! That's not mentioned in the man
page, so I presume that's is a bug ?
If I re-install the 2.0 pkg, NTOP is operational again. So my
question is: what did I do wrong w/ 2.1.2 ?
=============== From the desk of Jethro Wright, III ================
+ Before you criticize someone, you should walk a mile in their +
+ shoes. That way, when you criticize them, you're a mile away +
+ *AND* you have their shoes. +
=== [EMAIL PROTECTED] =============================== Anon ===
--__--__--
Message: 12
Organization: Centro di Servizi per la rete di Ateneo - Pisa - Italy
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Subject: RE: [Ntop] {FreeBSD 4.5-R] NTOP-2.1.2 Isn't Working Properly Anymore....
Date: Thu, 1 Aug 2002 17:50:44 -0500
Reply-To: [EMAIL PROTECTED]
See the instructions at http://snapshot.ntop.org on how to ask for help.
Need the EXACT messages you are getting, etc.
I will say I've never heard of ntop.sh, so I really can't answer for
problems with it.
I have compiled and run ntop 2.1.2 on FreeBSD 5.0...
If you chown nobody, does root have read/write access? Otherwise, it will
not retrieve the password, think it's not defined and ask you for it...
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of The
Jetman
Sent: Thursday, August 01, 2002 5:22 PM
To: NTOP Mail List
Subject: [Ntop] {FreeBSD 4.5-R] NTOP-2.1.2 Isn't Working Properly
Anymore....
Love NTOP, since I started using it a couple of weeks ago. I installed
it from the ntop-2.0.tgz FBSD-specific pkg. Worked almost exactly as
expected and was installed and operational in less than five mins. Okay,
I see what mite be bugs in the system, so I d/l the latest tarball (2.1.2)
and
did the following:
1) ./configure ; gmake ; gmake install
2) edit ntop.sh
2a) add args = -S1 -P /var/db/ntop ; interface = wi0
3) chown nobody /var/db/ntop
That's it. Only now NTOP is really acting buggy. I put the startup script
in the bild directory and run it w/ max debug msgs (-t5) and don't see any
errors. That is, except for a never-ending stream of 'Host not found'
messages sent to the console. Also, the Stats:Network Load link doesn't
display graphs any more ! A single link is presented w/ the date/time,
which displays the table w/ the top three sending/receiving hosts on
a minute-by-minute basis.
Another observation: prior to adding the -S1 option, NTOP used
the directory spec'd by the -P option. However, upon adding the -S1
option, it immed prompted for the pswd again and placed the *.db
files in /usr/local/var/ntop ! That's not mentioned in the man
page, so I presume that's is a bug ?
If I re-install the 2.0 pkg, NTOP is operational again. So my
question is: what did I do wrong w/ 2.1.2 ?
=============== From the desk of Jethro Wright, III ================
+ Before you criticize someone, you should walk a mile in their +
+ shoes. That way, when you criticize them, you're a mile away +
+ *AND* you have their shoes. +
=== [EMAIL PROTECTED] =============================== Anon ===
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
--__--__--
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
End of Ntop Digest
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://lists.ntop.org/mailman/listinfo/ntop
