Hi, Detection is done by nDPI. nDPI is a library that is shared by ntopng and nProbe and is actively under development. So, if ntopng correctly detects the protocol but nProbe doesn't, I guess you are using a version of nProbe that hasn't the proper heuristics to detect the protocols you're looking for. This typically solves by updating nProbe to the latest version.
Regards, On Tue, Jan 24, 2017 at 5:50 PM, Yotam Hochman <[email protected]> wrote: > Hello, I am using nProbe demo version for evaluation. > I am using the "%L7_PROTO_NAME" in the -T flag to get the application > layer protocol (detected by nDPI). > Unfortunately, the output file detects "WhatsAppVoice" and "STUN" flows as > "Unknown"/"RTP", even though ntopng detect the right protocol of them. > > This is the command I start nProbe with: > C:\Program Files\nProbe>nprobe.exe/c -i 5 -Q 5 -u 5 -n 127.0.0.1:2055 -D > t -P C:\Flows -F 60 -T "%L7_PROTO_NAME %IPV4_SRC_ADDR %IPV4_DST_ADDR" > > > What am I doing wrong? > > _______________________________________________ > Ntop-misc mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop-misc >
_______________________________________________ Ntop-misc mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-misc
