Network diagram
LOCAL PC ------> (interface 0)router(interface 1)----->remote server
Interface 0 = Ip address 192.168.40.1
LOCAL PC ------> (interface 0)router(interface 1)----->remote server
Interface 0 = Ip address 192.168.40.1
Local PC = Ip address 192.168.40.2
Interface 1 = Ip address 192.168.0.1
Interface 1 = Ip address 192.168.0.1
Remote server= IP address 192.168.0.3
When i first installed ntop there was only one default nic called
INTEL nic with ip address 192.168.40.2, Device\npf with some long number.
However then I had to add a netflow device under the INTEL nic. Once I added it I called this new nic Netflow.
Netflow nic with IP address 192.168.40.0
Therefore when I go under the INTEL nic I am seeing the correct localhosts and remote hosts and plus i could see my router interface as
192.168.40.1
However when I switch to the netflow nic I see my Local PC with a remote address of 192.168.40.2 as remote host.
So does this mean I should only use the INTEL NIC to do my network analysis currently on this networrk and on a large scale network. But also for the Netflow Nic why am I not seeing the LOCAL PC as a local hosts. Also on the INTEL nic with IP address
192.168.40.2 I could see all the flows as well.
So i am kinda confused in which NIC to use. The intel is giving me the correct information.
But under Available Plugins ->netflow it is says in the description " Recieved flow data is reported as a separate NIC in the regular ntop reports. Remember to switch the reporting NIC". So does this mean I use the INTEL nic for reporting data(data analysis) or I am suppost to use the Netflow Nic.
I want to do netflow analysis. Also I did type in the address 192.168.40.0/24 under -m(local hosts)
Under Netflow conguration -> *Virtual Netflow Interface network my ip address is 192.168.40.0/24
So everything seems to be configured fine.
If anyone can tell me what the problem could be please let me know. Currently I am assuming I am only suppost to look at the INTEL nic for netflows.
Apprecaite your help
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
