Hi, please follow up here: https://github.com/ntop/ntopng/issues/327
On Mon, Dec 21, 2015 at 8:02 AM, Luca Deri <[email protected]> wrote: > Wine > it looks good to me. In ZMQ the probe is a source not an exporter as in > netflow. > > If you have concerns, please file a bug on github and we’ll follow up > > Cheers Luca > > > > On 21 Dec 2015, at 04:17, Warren Daly (OPUS) <[email protected]> wrote: > > > > Some more details... > > > > # tcpdump port 2055 > > tcpdump: verbose output suppressed, use -v or -vv for full protocol > decode > > listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes > > 10:05:50.824802 IP 192.168.13.254.18656 > Netflow.2055: UDP, length 1460 > > 10:05:50.963017 IP 192.168.13.254.18656 > Netflow.2055: UDP, length 1408 > > 10:05:51.426415 IP 192.168.13.254.18656 > Netflow.2055: UDP, length 1440 > > 10:05:51.716595 IP 192.168.13.254.18656 > Netflow.2055: UDP, length 1472 > > 10:05:51.800322 IP 192.168.13.254.18656 > Netflow.2055: UDP, length 1424 > > 10:05:52.186109 IP 192.168.13.254.18656 > Netflow.2055: UDP, length 1424 > > > > # tcpdump port 2057 > > tcpdump: verbose output suppressed, use -v or -vv for full protocol > decode > > listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes > > 10:06:08.466601 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1440 > > 10:06:09.177377 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1400 > > 10:06:09.749476 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1396 > > 10:06:12.030970 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1400 > > 10:06:14.848377 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1468 > > 10:06:16.072222 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1420 > > 10:06:18.071092 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1456 > > 10:06:19.440800 IP 192.168.0.1.19156 > Netflow.2057: UDP, length 1472 > > > > here's the 2 nprobes listening... > > root 6965 6798 0 09:38 pts/2 00:00:00 nprobe --zmq > tcp://*:5557 -i none -n none --collector-port 2057 > > root 6994 6798 0 10:04 pts/2 00:00:00 nprobe --zmq > tcp://*:5555 -i none -n none --collector-port 2055 > > > > tcp://*:5557 shows flows in ntoppng, tcp://*:5555 says "No Results Found" > > > > ufw status = disabled. > > > > Completely baffled to why some collectors show flows, and others show > "No results found". > > > > Starting nprobe in verbose mode shows nothing unusual... ntopng says "No > Results Found" > > > > # nprobe --verbose 2 --zmq tcp://*:5555 -i none -n none --collector-port > 2055 > > 21/Dec/2015 10:02:05 [nprobe.c:3130] Valid nProbe license found > > 21/Dec/2015 10:02:05 [nprobe.c:4488] WARNING: The output interfaceId is > set to 0: did you forget to use -Q perhaps ? > > 21/Dec/2015 10:02:05 [nprobe.c:4491] WARNING: The input interfaceId is > set to 0: did you forget to use -u perhaps ? > > 21/Dec/2015 10:02:05 [nprobe.c:4552] Welcome to nProbe v.7.2.151204 > ($Revision: 4471 $) for x86_64-unknown-linux-gnu with native PF_RING > acceleration > > 21/Dec/2015 10:02:05 [nprobe.c:4562] Running on Ubuntu 14.04.2 LTS > > 21/Dec/2015 10:02:05 [nprobe.c:4573] [LICENSE] nProbe SystemId: > 4A831FDA09B1B8A9 > > 21/Dec/2015 10:02:05 [nprobe.c:4584] [LICENSE] nProbe License: xxxx > > 21/Dec/2015 10:02:05 [nprobe.c:4587] [LICENSE] nProbe Edition: Standard > [without PF_RING Acceleration] > > 21/Dec/2015 10:02:05 [nprobe.c:4614] [LICENSE] Maintenance is available > until Sat Dec 10 10:48:50 2016 [355 days left] > > 21/Dec/2015 10:02:05 [nprobe.c:4620] Tracing enabled > > 21/Dec/2015 10:02:05 [plugin.c:248] 0 plugin(s) loaded [0 delete][0 > packet]. > > 21/Dec/2015 10:02:05 [nprobe.c:6526] Welcome to nprobe v.7.2.151204 for > x86_64-unknown-linux-gnu > > 21/Dec/2015 10:02:05 [nprobe.c:5752] Compiling flow templates... > > 21/Dec/2015 10:02:05 [plugin.c:1000] 0 plugin(s) enabled > > 21/Dec/2015 10:02:05 [nprobe.c:6203] Non IPv4/v6 traffic is discarded > according to the template > > 21/Dec/2015 10:02:05 [util.c:287] GeoIP: loaded AS config file > /usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat > > 21/Dec/2015 10:02:05 [util.c:296] GeoIP: loaded AS IPv6 config file > /usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat > > 21/Dec/2015 10:02:05 [nprobe.c:5121] Using packet capture length 128 > > 21/Dec/2015 10:02:05 [nprobe.c:6698] IPv6 traffic will NOT be > exported/accounted by this probe > > 21/Dec/2015 10:02:05 [nprobe.c:6699] due to configuration options (e.g. > use NetFlow v9) > > 21/Dec/2015 10:02:05 [nprobe.c:6702] The flows hash has 131072 buckets > > 21/Dec/2015 10:02:05 [nprobe.c:6704] Flows older than 120 seconds will > be exported > > 21/Dec/2015 10:02:05 [nprobe.c:6707] Flows inactive for at least 30 > seconds will be exported > > 21/Dec/2015 10:02:05 [nprobe.c:6710] Expired flows will not be queued > for more than 30 seconds > > 21/Dec/2015 10:02:05 [nprobe.c:6717] Exported flows with engineType 0 > and engineId 173 > > 21/Dec/2015 10:02:05 [nprobe.c:6739] TCP TOS will be ignored and set to > 0. > > 21/Dec/2015 10:02:05 [nprobe.c:6757] After 1 flow packets are sent, > we'll delay at least 1 ms > > 21/Dec/2015 10:02:05 [nprobe.c:6777] Flows will be emitted in NetFlow 5 > format > > 21/Dec/2015 10:02:05 [nprobe.c:6807] Flow input interface index is set > to 0 > > 21/Dec/2015 10:02:05 [nprobe.c:6813] Flow output interface index is set > to 0 > > 21/Dec/2015 10:02:05 [nprobe.c:6827] Not capturing packet from interface > (collector mode) > > 21/Dec/2015 10:02:05 [util.c:3840] Succesfully created ZMQ endpoint > tcp://*:5555 > > 21/Dec/2015 10:02:05 [collect.c:86] Created UDP sockets > > 21/Dec/2015 10:02:05 [collect.c:90] Created a SCTP socket (22) > > 21/Dec/2015 10:02:05 [collect.c:145] Flow collector listening on port > 2055 (IPv4/v6) > > 21/Dec/2015 10:02:05 [nprobe.c:6947] Starting 1 packet fetch thread(s) > > 21/Dec/2015 10:02:05 [engine.c:3210] Starting bucket dequeue thread > > 21/Dec/2015 10:02:05 [nprobe.c:7035] nProbe started successfully > > > > Regards, > > Warren > > > > > > > > > > _______________________________________________ > > Ntop mailing list > > [email protected] > > http://listgateway.unipi.it/mailman/listinfo/ntop > >
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
