You're welcome; glad the document was helpful. :) See, Burton, people do read the docs. :)
Shawn, can you explain what you mean by "My NetFlows still does not show any packets or traffic?" What output is leading you to say this? Cheers, --Jonathan > -----Original Message----- > From: Shawn Wall [mailto:[EMAIL PROTECTED] > Sent: Sunday, October 24, 2004 4:06 PM > To: [EMAIL PROTECTED] > Subject: RE: [Ntop] NetFlow > > I found my problem. Two issues: > > 1. I didn't have CEF enabled on the router (not mentioned in the CICSO > docs!) > > 2. netstat showed high RECV-Q stats for 2055 on my Linux box. Restarting > NTOP resolved this. > > My NetFlows still does not show any packets or traffic? I don't know if > this > is important since I am getting data from netflow. > > I have to give credit to a doc I found on google. Read it at: > > http://www.mirrors.wiretapped.net/security/network-monitoring/ntop/ntop- netflow-cisco.pdf > > shawn > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Claudio Martella > Sent: Sunday, October 24, 2004 1:48 PM > To: [EMAIL PROTECTED] > Subject: Re: [Ntop] NetFlow > > Actually IIRC the module doesn't give the kind of stats you were looking > for. I > mean even if it recieves che netflow datagrams and calculates the stats, > that > counters are incremented. They actually don't work. Just switch to the > netflow-device and look at the ntop host or traffic stats, and see if > everything > is fine. I don't know if the NTOP team reccomends a particular distro, but > i > wouldn't say there's one. > > > On Sun, Oct 24, 2004 at 12:54:31PM -0600, Shawn Wall wrote: > > I'm using the NTOP 3.0 rpm for Mandrake 10.x. I tried compiling NTOP on > > Mandrake but I found that it was not working i.e. I gave up and took the > > easy road. Is there a preferred/recommend Linux distro for NTOP? > > > > shawn > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > > Claudio Martella > > Sent: Sunday, October 24, 2004 12:50 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [Ntop] NetFlow > > > > What version are you using? I experience the same problem with the > debian > > package. Try compiling the last version by yourself. > > > > On Sun, Oct 24, 2004 at 11:10:56AM -0600, Shawn Wall wrote: > > > I've recently tried sending Netflow exports from my 2501 to my NTOP > box. > I > > > sniffed the wire and I can see udp flow export packets from 80 to 128 > > bytes > > > in length sent to NTOP from the router. I checked NTOP under NETFLOWS > and > > it > > > shows 0 packets and 0 traffic. Any ideas? Thanks. > > > > > > > > > > > > shawn > > > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > Ntop mailing list > > > [EMAIL PROTECTED] > > > http://listgateway.unipi.it/mailman/listinfo/ntop > > > > > > -- > > Claudio "thefly" Martella > > [EMAIL PROTECTED] > > GNU/PG keyid: 0x8EA95625 > > _______________________________________________ > > Ntop mailing list > > [EMAIL PROTECTED] > > http://listgateway.unipi.it/mailman/listinfo/ntop > > > > _______________________________________________ > > Ntop mailing list > > [EMAIL PROTECTED] > > http://listgateway.unipi.it/mailman/listinfo/ntop > > > > > > > > -- > Claudio "thefly" Martella > [EMAIL PROTECTED] > GNU/PG keyid: 0x8EA95625 > _______________________________________________ > Ntop mailing list > [EMAIL PROTECTED] > http://listgateway.unipi.it/mailman/listinfo/ntop > > _______________________________________________ > Ntop mailing list > [EMAIL PROTECTED] > http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [EMAIL PROTECTED] http://listgateway.unipi.it/mailman/listinfo/ntop
