Hi, > On 21 Dec 2017, at 18:58, Rokkhan <[email protected]> wrote: > > Hi, > > I am testing ntopng 3.3.1 on a Centos 7. Is there anyway to filter dumped > packets to disk on an interface? > > I would like to have a dedicated interface to dump traffic but the only > option I see is to dump "All packets" or "Unkonwn Layer7- Flows Packets". > > Is there any way to filter the traffic that i would like to dump. i.e between > two IP or by ip+port of destination?
You can chose to record only the traffic of one or more given IPs. Visit the host page in ntopng and then select the checkbox record host traffic. If you need more flexibility have a look at n2disk. This will give you full control (via BPF filters) to chose which packets to record as well as full flexibility to extract subsets of recorded packets (again with BPF filters). > > Could it be possible to download pcap file from ntopng also? Currently this is not supported. > > Greetings. > _______________________________________________ > Ntop mailing list > [email protected] > http://listgateway.unipi.it/mailman/listinfo/ntop _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
