Discussion:
[Ntop] nprobe starts and stops - no log to trouble shoot
Art Stephens
2018-01-05 01:26:57 UTC
Permalink
when starting nprobe from ntop applications the status light turns green
then red

when run ps aux | grep nprobe right after issuing sudo service nprobe start

nobody 12778 14.1 0.3 343712 14740 ? Ssl 17:09 0:00
/usr/local/bin/nprobe /run/nprobe.conf
root 13045 0.0 0.0 26168 1340 ? S 17:09 0:00 systemctl
stop nprobe.service

I can run from console which will start but I get
sudo /usr/local/bin/nprobe /run/nprobe-ens18.conf
04/Jan/2018 17:19:31 [plugin.c:187] No plugins found in ./plugins
04/Jan/2018 17:19:31 [plugin.c:195] Loading 23 plugins [.so] from
/usr/local/lib/nprobe/plugins
04/Jan/2018 17:19:31 [nprobe.c:3784] ERROR: Invalid nProbe license
(/etc/nprobe.license) [Missing license file]
04/Jan/2018 17:19:31 [nprobe.c:3791] ERROR:
*****************************************************
04/Jan/2018 17:19:31 [nprobe.c:3792] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3793] ERROR: ** Switching to DEMO MODE
(missing valid license) **
04/Jan/2018 17:19:31 [nprobe.c:3794] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3795] ERROR: ** Purchase your nProbe
license at **
04/Jan/2018 17:19:31 [nprobe.c:3796] ERROR: ** https://shop.ntop.org/
**
04/Jan/2018 17:19:31 [nprobe.c:3797] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3798] ERROR:
*****************************************************
04/Jan/2018 17:19:31 [nprobe.c:4809] WARNING: If you want to preserve the
-M value, please specify -w before -M
04/Jan/2018 17:19:31 [nprobe.c:4727] WARNING: Unable to parse sampling
option: discarded
04/Jan/2018 17:19:31 [nprobe.c:5755] WARNING: The output interfaceId is set
to 0: did you forget to use -Q perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5758] WARNING: The input interfaceId is set
to 0: did you forget to use -u perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5859] Welcome to nProbe v.8.2.171206
($Revision: 5975 $) for x86_64-pc-linux-gnu with native PF_RING acceleration
04/Jan/2018 17:19:31 [nprobe.c:5869] Running on Ubuntu 16.04.3 LTS
04/Jan/2018 17:19:31 [nprobe.c:5880] [LICENSE] nProbe SystemId:
9FB0563B0C001090
04/Jan/2018 17:19:31 [nprobe.c:5993] Sample rate [packet: 1][flow
collection/export: 1/1]
04/Jan/2018 17:19:31 [nprobe.c:8432] ERROR:
***************************************************************
04/Jan/2018 17:19:31 [nprobe.c:8433] ERROR: * NOTE: This is a DEMO version
limited to 25000 flows export. *
04/Jan/2018 17:19:31 [nprobe.c:8434] ERROR:
***************************************************************
04/Jan/2018 17:19:31 [nprobe.c:8440] Welcome to nProbe v.8.2.171206 for
x86_64-pc-linux-gnu
04/Jan/2018 17:19:31 [nprobe.c:7462] You selected v9/IPFIX without
specifying a template (-T).
04/Jan/2018 17:19:31 [nprobe.c:7463] The default template will be used
04/Jan/2018 17:19:31 [nprobe.c:7468] Using NetFlow Packet Payload Len: 1472
04/Jan/2018 17:19:31 [plugin.c:1155] 0 plugin(s) enabled
04/Jan/2018 17:19:31 [nprobe.c:7907] Each flow is 89 bytes long
04/Jan/2018 17:19:31 [nprobe.c:7908] The # flows per packet has been set to
15
04/Jan/2018 17:19:31 [nprobe.c:7911] IP TOS is accounted
04/Jan/2018 17:19:31 [nprobe.c:7937] Non IPv4/v6 traffic is discarded
according to the template
04/Jan/2018 17:19:31 [util.c:440] GeoIP: loaded AS config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat
04/Jan/2018 17:19:31 [util.c:451] GeoIP: loaded AS IPv6 config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat
04/Jan/2018 17:19:31 [nprobe.c:6487] Using packet capture length 128
04/Jan/2018 17:19:31 [pro/pf_ring.c:356] Initializing PF_RING socket on
device ens18..
04/Jan/2018 17:19:31 [pro/pf_ring.c:398] Dumping traffic statistics on
/proc/net/pf_ring/stats/17022-ens18.15
04/Jan/2018 17:19:31 [pro/pf_ring.c:463] PF_RING enabled on ens18
04/Jan/2018 17:19:31 [util.c:3591] nProbe changed user to 'nobody'
04/Jan/2018 17:19:31 [nprobe.c:8989] nProbe started successfully
04/Jan/2018 17:19:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt
04/Jan/2018 17:20:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt

but none of the netflow v9 flows directed at the interface from my BGP
router show up.

ntop nBox 2.4
Linux kernel 4.4.0-87-generic x86_64
2x Common KVM processor
CPU 0 0 1 2 3
CPU 1 4 5 6 7
1x Red Hat, Inc Virtio network device

ntopng Version 3.2.171206 - Community Edition
Built on Ubuntu 16.04.3 LTS

sudo nprobe -v
Welcome to nProbe v.8.2.171206 (r5975) for x86_64-pc-linux-gnu
with native PF_RING acceleration.
Copyright 2002-17 ntop.org

sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Thanks
--
Arthur Stephens
Senior Network Administrator
Ptera Inc.
PO Box 135
24001 E Mission Suite 50
Liberty Lake, WA 99019
509-927-7837
ptera.com |
facebook.com/PteraInc | twitter.com/Ptera
-----------------------------------------------------------------------------
"This message may contain confidential and/or propriety information, and is
intended for the person/entity to whom it was originally addressed.
Any use by others is strictly prohibited. Please note that any views or
opinions presented in this email are solely those of the author and are not
intended to represent those of the company."
Art Stephens
2018-01-05 16:30:29 UTC
Permalink
Ah yes I did do that also - with no instance running that is when I saw the
systemctl stop nprobe.service.
I also verified with webmin running processes that no nprobe was running
and then tried to start it from nbox but same thing happens.
And with no logging I have no clue.The status light turns green and then
turns red.
Art,
It looks like there's a systemctl command that is trying to stop a running
nprobe instance (see pid 13045), while you are also running nprobe from the
command line (see pid 12778). Make sure all the nprobe processes are
stopped (possibly terminate them manually) and then try to re-start them
from the nBox instance.
Simone
when starting nprobe from ntop applications the status light turns green
then red
when run ps aux | grep nprobe right after issuing sudo service nprobe start
nobody 12778 14.1 0.3 343712 14740 ? Ssl 17:09 0:00
/usr/local/bin/nprobe /run/nprobe.conf
root 13045 0.0 0.0 26168 1340 ? S 17:09 0:00 systemctl
stop nprobe.service
I can run from console which will start but I get
sudo /usr/local/bin/nprobe /run/nprobe-ens18.conf
04/Jan/2018 17:19:31 [plugin.c:187] No plugins found in ./plugins
04/Jan/2018 17:19:31 [plugin.c:195] Loading 23 plugins [.so] from
/usr/local/lib/nprobe/plugins
04/Jan/2018 17:19:31 [nprobe.c:3784] ERROR: Invalid nProbe license
(/etc/nprobe.license) [Missing license file]
04/Jan/2018 17:19:31 [nprobe.c:3791] ERROR: ******************************
***********************
04/Jan/2018 17:19:31 [nprobe.c:3792] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3793] ERROR: ** Switching to DEMO MODE
(missing valid license) **
04/Jan/2018 17:19:31 [nprobe.c:3794] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3795] ERROR: ** Purchase your nProbe
license at **
04/Jan/2018 17:19:31 [nprobe.c:3796] ERROR: **
https://shop.ntop.org/ **
04/Jan/2018 17:19:31 [nprobe.c:3797] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3798] ERROR: ******************************
***********************
04/Jan/2018 17:19:31 [nprobe.c:4809] WARNING: If you want to preserve the
-M value, please specify -w before -M
04/Jan/2018 17:19:31 [nprobe.c:4727] WARNING: Unable to parse sampling
option: discarded
04/Jan/2018 17:19:31 [nprobe.c:5755] WARNING: The output interfaceId is
set to 0: did you forget to use -Q perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5758] WARNING: The input interfaceId is set
to 0: did you forget to use -u perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5859] Welcome to nProbe v.8.2.171206
($Revision: 5975 $) for x86_64-pc-linux-gnu with native PF_RING acceleration
04/Jan/2018 17:19:31 [nprobe.c:5869] Running on Ubuntu 16.04.3 LTS
9FB0563B0C001090
04/Jan/2018 17:19:31 [nprobe.c:5993] Sample rate [packet: 1][flow
collection/export: 1/1]
04/Jan/2018 17:19:31 [nprobe.c:8432] ERROR: ******************************
*********************************
04/Jan/2018 17:19:31 [nprobe.c:8433] ERROR: * NOTE: This is a DEMO version
limited to 25000 flows export. *
04/Jan/2018 17:19:31 [nprobe.c:8434] ERROR: ******************************
*********************************
04/Jan/2018 17:19:31 [nprobe.c:8440] Welcome to nProbe v.8.2.171206 for
x86_64-pc-linux-gnu
04/Jan/2018 17:19:31 [nprobe.c:7462] You selected v9/IPFIX without
specifying a template (-T).
04/Jan/2018 17:19:31 [nprobe.c:7463] The default template will be used
04/Jan/2018 17:19:31 [nprobe.c:7468] Using NetFlow Packet Payload Len: 1472
04/Jan/2018 17:19:31 [plugin.c:1155] 0 plugin(s) enabled
04/Jan/2018 17:19:31 [nprobe.c:7907] Each flow is 89 bytes long
04/Jan/2018 17:19:31 [nprobe.c:7908] The # flows per packet has been set
to 15
04/Jan/2018 17:19:31 [nprobe.c:7911] IP TOS is accounted
04/Jan/2018 17:19:31 [nprobe.c:7937] Non IPv4/v6 traffic is discarded
according to the template
04/Jan/2018 17:19:31 [util.c:440] GeoIP: loaded AS config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat
04/Jan/2018 17:19:31 [util.c:451] GeoIP: loaded AS IPv6 config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat
04/Jan/2018 17:19:31 [nprobe.c:6487] Using packet capture length 128
04/Jan/2018 17:19:31 [pro/pf_ring.c:356] Initializing PF_RING socket on
device ens18..
04/Jan/2018 17:19:31 [pro/pf_ring.c:398] Dumping traffic statistics on
/proc/net/pf_ring/stats/17022-ens18.15
04/Jan/2018 17:19:31 [pro/pf_ring.c:463] PF_RING enabled on ens18
04/Jan/2018 17:19:31 [util.c:3591] nProbe changed user to 'nobody'
04/Jan/2018 17:19:31 [nprobe.c:8989] nProbe started successfully
04/Jan/2018 17:19:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt
04/Jan/2018 17:20:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt
but none of the netflow v9 flows directed at the interface from my BGP
router show up.
ntop nBox 2.4
Linux kernel 4.4.0-87-generic x86_64
2x Common KVM processor
CPU 0 0 1 2 3
CPU 1 4 5 6 7
1x Red Hat, Inc Virtio network device
ntopng Version 3.2.171206 - Community Edition
Built on Ubuntu 16.04.3 LTS
sudo nprobe -v
Welcome to nProbe v.8.2.171206 (r5975) for x86_64-pc-linux-gnu
with native PF_RING acceleration.
Copyright 2002-17 ntop.org
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Thanks
--
Arthur Stephens
Senior Network Administrator
Ptera Inc.
PO Box 135
24001 E Mission Suite 50
Liberty Lake, WA 99019
509-927-7837 <(509)%20927-7837>
ptera.com |
facebook.com/PteraInc | twitter.com/Ptera
-----------------------------------------------------------
------------------
"This message may contain confidential and/or propriety information, and
is intended for the person/entity to whom it was originally addressed.
Any use by others is strictly prohibited. Please note that any views or
opinions presented in this email are solely those of the author and are not
intended to represent those of the company."
_______________________________________________
Ntop mailing list
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
http://listgateway.unipi.it/mailman/listinfo/ntop
--
Arthur Stephens
Senior Network Administrator
Ptera Inc.
PO Box 135
24001 E Mission Suite 50
Liberty Lake, WA 99019
509-927-7837
ptera.com |
facebook.com/PteraInc | twitter.com/Ptera
-----------------------------------------------------------------------------
"This message may contain confidential and/or propriety information, and is
intended for the person/entity to whom it was originally addressed.
Any use by others is strictly prohibited. Please note that any views or
opinions presented in this email are solely those of the author and are not
intended to represent those of the company."
Art Stephens
2018-01-05 23:35:38 UTC
Permalink
My syslog is full of these going on continuously..

Jan 5 15:33:03 ntop systemd[1]: Stopped nprobe extensible NetFlow
v5/v9/IPFIX probe/collector for IPv4/v6.
Jan 5 15:33:14 ntop systemd[1]: Stopped nprobe extensible NetFlow
v5/v9/IPFIX probe/collector for IPv4/v6.
Jan 5 15:33:24 ntop systemd[1]: Stopped nprobe extensible NetFlow
v5/v9/IPFIX probe/collector for IPv4/v6.
Jan 5 15:33:34 ntop systemd[1]: Stopped nprobe extensible NetFlow
v5/v9/IPFIX probe/collector for IPv4/v6.
Jan 5 15:33:44 ntop systemd[1]: Stopped nprobe extensible NetFlow
v5/v9/IPFIX probe/collector for IPv4/v6.
Jan 5 15:33:55 ntop systemd[1]: Stopped nprobe extensible NetFlow
v5/v9/IPFIX probe/collector for IPv4/v6.
Jan 5 15:34:01 ntop CRON[22570]: (root) CMD (python
/var/ntop/utils/scheduler.py > /dev/null 2>&1)
Jan 5 15:34:05 ntop systemd[1]: Stopped nprobe extensible NetFlow
v5/v9/IPFIX probe/collector for IPv4/v6.
Post by Art Stephens
when starting nprobe from ntop applications the status light turns green
then red
when run ps aux | grep nprobe right after issuing sudo service nprobe start
nobody 12778 14.1 0.3 343712 14740 ? Ssl 17:09 0:00
/usr/local/bin/nprobe /run/nprobe.conf
root 13045 0.0 0.0 26168 1340 ? S 17:09 0:00 systemctl
stop nprobe.service
I can run from console which will start but I get
sudo /usr/local/bin/nprobe /run/nprobe-ens18.conf
04/Jan/2018 17:19:31 [plugin.c:187] No plugins found in ./plugins
04/Jan/2018 17:19:31 [plugin.c:195] Loading 23 plugins [.so] from
/usr/local/lib/nprobe/plugins
04/Jan/2018 17:19:31 [nprobe.c:3784] ERROR: Invalid nProbe license
(/etc/nprobe.license) [Missing license file]
04/Jan/2018 17:19:31 [nprobe.c:3791] ERROR: ******************************
***********************
04/Jan/2018 17:19:31 [nprobe.c:3792] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3793] ERROR: ** Switching to DEMO MODE
(missing valid license) **
04/Jan/2018 17:19:31 [nprobe.c:3794] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3795] ERROR: ** Purchase your nProbe
license at **
04/Jan/2018 17:19:31 [nprobe.c:3796] ERROR: **
https://shop.ntop.org/ **
04/Jan/2018 17:19:31 [nprobe.c:3797] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3798] ERROR: ******************************
***********************
04/Jan/2018 17:19:31 [nprobe.c:4809] WARNING: If you want to preserve the
-M value, please specify -w before -M
04/Jan/2018 17:19:31 [nprobe.c:4727] WARNING: Unable to parse sampling
option: discarded
04/Jan/2018 17:19:31 [nprobe.c:5755] WARNING: The output interfaceId is
set to 0: did you forget to use -Q perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5758] WARNING: The input interfaceId is set
to 0: did you forget to use -u perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5859] Welcome to nProbe v.8.2.171206
($Revision: 5975 $) for x86_64-pc-linux-gnu with native PF_RING acceleration
04/Jan/2018 17:19:31 [nprobe.c:5869] Running on Ubuntu 16.04.3 LTS
9FB0563B0C001090
04/Jan/2018 17:19:31 [nprobe.c:5993] Sample rate [packet: 1][flow
collection/export: 1/1]
04/Jan/2018 17:19:31 [nprobe.c:8432] ERROR: ******************************
*********************************
04/Jan/2018 17:19:31 [nprobe.c:8433] ERROR: * NOTE: This is a DEMO version
limited to 25000 flows export. *
04/Jan/2018 17:19:31 [nprobe.c:8434] ERROR: ******************************
*********************************
04/Jan/2018 17:19:31 [nprobe.c:8440] Welcome to nProbe v.8.2.171206 for
x86_64-pc-linux-gnu
04/Jan/2018 17:19:31 [nprobe.c:7462] You selected v9/IPFIX without
specifying a template (-T).
04/Jan/2018 17:19:31 [nprobe.c:7463] The default template will be used
04/Jan/2018 17:19:31 [nprobe.c:7468] Using NetFlow Packet Payload Len: 1472
04/Jan/2018 17:19:31 [plugin.c:1155] 0 plugin(s) enabled
04/Jan/2018 17:19:31 [nprobe.c:7907] Each flow is 89 bytes long
04/Jan/2018 17:19:31 [nprobe.c:7908] The # flows per packet has been set
to 15
04/Jan/2018 17:19:31 [nprobe.c:7911] IP TOS is accounted
04/Jan/2018 17:19:31 [nprobe.c:7937] Non IPv4/v6 traffic is discarded
according to the template
04/Jan/2018 17:19:31 [util.c:440] GeoIP: loaded AS config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat
04/Jan/2018 17:19:31 [util.c:451] GeoIP: loaded AS IPv6 config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat
04/Jan/2018 17:19:31 [nprobe.c:6487] Using packet capture length 128
04/Jan/2018 17:19:31 [pro/pf_ring.c:356] Initializing PF_RING socket on
device ens18..
04/Jan/2018 17:19:31 [pro/pf_ring.c:398] Dumping traffic statistics on
/proc/net/pf_ring/stats/17022-ens18.15
04/Jan/2018 17:19:31 [pro/pf_ring.c:463] PF_RING enabled on ens18
04/Jan/2018 17:19:31 [util.c:3591] nProbe changed user to 'nobody'
04/Jan/2018 17:19:31 [nprobe.c:8989] nProbe started successfully
04/Jan/2018 17:19:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt
04/Jan/2018 17:20:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt
but none of the netflow v9 flows directed at the interface from my BGP
router show up.
ntop nBox 2.4
Linux kernel 4.4.0-87-generic x86_64
2x Common KVM processor
CPU 0 0 1 2 3
CPU 1 4 5 6 7
1x Red Hat, Inc Virtio network device
ntopng Version 3.2.171206 - Community Edition
Built on Ubuntu 16.04.3 LTS
sudo nprobe -v
Welcome to nProbe v.8.2.171206 (r5975) for x86_64-pc-linux-gnu
with native PF_RING acceleration.
Copyright 2002-17 ntop.org
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Thanks
--
Arthur Stephens
Senior Network Administrator
Ptera Inc.
PO Box 135
24001 E Mission Suite 50
Liberty Lake, WA 99019
509-927-7837 <(509)%20927-7837>
ptera.com |
facebook.com/PteraInc | twitter.com/Ptera
-----------------------------------------------------------
------------------
"This message may contain confidential and/or propriety information, and
is intended for the person/entity to whom it was originally addressed.
Any use by others is strictly prohibited. Please note that any views or
opinions presented in this email are solely those of the author and are not
intended to represent those of the company."
--
Arthur Stephens
Senior Network Administrator
Ptera Inc.
PO Box 135
24001 E Mission Suite 50
Liberty Lake, WA 99019
509-927-7837
ptera.com |
facebook.com/PteraInc | twitter.com/Ptera
-----------------------------------------------------------------------------
"This message may contain confidential and/or propriety information, and is
intended for the person/entity to whom it was originally addressed.
Any use by others is strictly prohibited. Please note that any views or
opinions presented in this email are solely those of the author and are not
intended to represent those of the company."
Art Stephens
2018-01-05 22:45:35 UTC
Permalink
I am so confused - this is not making sence to me.

I started /usr/local/bin/nprobe -V 9 -i ens18 --collector 127.0.0.1:2055
on exit it says
05/Jan/2018 14:37:19 [nprobe.c:3061] Flow export stats: [33989323
bytes/35440 pkts][1934 flows/155 pkts sent]
05/Jan/2018 14:37:19 [nprobe.c:3071] Flow drop stats: [0 bytes/0 pkts][0
flows]
05/Jan/2018 14:37:19 [nprobe.c:3076] Total flow stats: [33989323
bytes/35440 pkts][1934 flows/155 pkts sent]

but there is nothing in ntopng but what is coming from the network that the
physical interface is on.
Art,
It looks like there's a systemctl command that is trying to stop a running
nprobe instance (see pid 13045), while you are also running nprobe from the
command line (see pid 12778). Make sure all the nprobe processes are
stopped (possibly terminate them manually) and then try to re-start them
from the nBox instance.
Simone
when starting nprobe from ntop applications the status light turns green
then red
when run ps aux | grep nprobe right after issuing sudo service nprobe start
nobody 12778 14.1 0.3 343712 14740 ? Ssl 17:09 0:00
/usr/local/bin/nprobe /run/nprobe.conf
root 13045 0.0 0.0 26168 1340 ? S 17:09 0:00 systemctl
stop nprobe.service
I can run from console which will start but I get
sudo /usr/local/bin/nprobe /run/nprobe-ens18.conf
04/Jan/2018 17:19:31 [plugin.c:187] No plugins found in ./plugins
04/Jan/2018 17:19:31 [plugin.c:195] Loading 23 plugins [.so] from
/usr/local/lib/nprobe/plugins
04/Jan/2018 17:19:31 [nprobe.c:3784] ERROR: Invalid nProbe license
(/etc/nprobe.license) [Missing license file]
04/Jan/2018 17:19:31 [nprobe.c:3791] ERROR: ******************************
***********************
04/Jan/2018 17:19:31 [nprobe.c:3792] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3793] ERROR: ** Switching to DEMO MODE
(missing valid license) **
04/Jan/2018 17:19:31 [nprobe.c:3794] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3795] ERROR: ** Purchase your nProbe
license at **
04/Jan/2018 17:19:31 [nprobe.c:3796] ERROR: **
https://shop.ntop.org/ **
04/Jan/2018 17:19:31 [nprobe.c:3797] ERROR: **
**
04/Jan/2018 17:19:31 [nprobe.c:3798] ERROR: ******************************
***********************
04/Jan/2018 17:19:31 [nprobe.c:4809] WARNING: If you want to preserve the
-M value, please specify -w before -M
04/Jan/2018 17:19:31 [nprobe.c:4727] WARNING: Unable to parse sampling
option: discarded
04/Jan/2018 17:19:31 [nprobe.c:5755] WARNING: The output interfaceId is
set to 0: did you forget to use -Q perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5758] WARNING: The input interfaceId is set
to 0: did you forget to use -u perhaps ?
04/Jan/2018 17:19:31 [nprobe.c:5859] Welcome to nProbe v.8.2.171206
($Revision: 5975 $) for x86_64-pc-linux-gnu with native PF_RING acceleration
04/Jan/2018 17:19:31 [nprobe.c:5869] Running on Ubuntu 16.04.3 LTS
9FB0563B0C001090
04/Jan/2018 17:19:31 [nprobe.c:5993] Sample rate [packet: 1][flow
collection/export: 1/1]
04/Jan/2018 17:19:31 [nprobe.c:8432] ERROR: ******************************
*********************************
04/Jan/2018 17:19:31 [nprobe.c:8433] ERROR: * NOTE: This is a DEMO version
limited to 25000 flows export. *
04/Jan/2018 17:19:31 [nprobe.c:8434] ERROR: ******************************
*********************************
04/Jan/2018 17:19:31 [nprobe.c:8440] Welcome to nProbe v.8.2.171206 for
x86_64-pc-linux-gnu
04/Jan/2018 17:19:31 [nprobe.c:7462] You selected v9/IPFIX without
specifying a template (-T).
04/Jan/2018 17:19:31 [nprobe.c:7463] The default template will be used
04/Jan/2018 17:19:31 [nprobe.c:7468] Using NetFlow Packet Payload Len: 1472
04/Jan/2018 17:19:31 [plugin.c:1155] 0 plugin(s) enabled
04/Jan/2018 17:19:31 [nprobe.c:7907] Each flow is 89 bytes long
04/Jan/2018 17:19:31 [nprobe.c:7908] The # flows per packet has been set
to 15
04/Jan/2018 17:19:31 [nprobe.c:7911] IP TOS is accounted
04/Jan/2018 17:19:31 [nprobe.c:7937] Non IPv4/v6 traffic is discarded
according to the template
04/Jan/2018 17:19:31 [util.c:440] GeoIP: loaded AS config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat
04/Jan/2018 17:19:31 [util.c:451] GeoIP: loaded AS IPv6 config file
/usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat
04/Jan/2018 17:19:31 [nprobe.c:6487] Using packet capture length 128
04/Jan/2018 17:19:31 [pro/pf_ring.c:356] Initializing PF_RING socket on
device ens18..
04/Jan/2018 17:19:31 [pro/pf_ring.c:398] Dumping traffic statistics on
/proc/net/pf_ring/stats/17022-ens18.15
04/Jan/2018 17:19:31 [pro/pf_ring.c:463] PF_RING enabled on ens18
04/Jan/2018 17:19:31 [util.c:3591] nProbe changed user to 'nobody'
04/Jan/2018 17:19:31 [nprobe.c:8989] nProbe started successfully
04/Jan/2018 17:19:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt
04/Jan/2018 17:20:32 [nprobe.c:3024] WARNING: Unable to create file
/var/log/nprobe/ens18-0_flows_stats.txt
but none of the netflow v9 flows directed at the interface from my BGP
router show up.
ntop nBox 2.4
Linux kernel 4.4.0-87-generic x86_64
2x Common KVM processor
CPU 0 0 1 2 3
CPU 1 4 5 6 7
1x Red Hat, Inc Virtio network device
ntopng Version 3.2.171206 - Community Edition
Built on Ubuntu 16.04.3 LTS
sudo nprobe -v
Welcome to nProbe v.8.2.171206 (r5975) for x86_64-pc-linux-gnu
with native PF_RING acceleration.
Copyright 2002-17 ntop.org
sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Thanks
--
Arthur Stephens
Senior Network Administrator
Ptera Inc.
PO Box 135
24001 E Mission Suite 50
Liberty Lake, WA 99019
509-927-7837 <(509)%20927-7837>
ptera.com |
facebook.com/PteraInc | twitter.com/Ptera
-----------------------------------------------------------
------------------
"This message may contain confidential and/or propriety information, and
is intended for the person/entity to whom it was originally addressed.
Any use by others is strictly prohibited. Please note that any views or
opinions presented in this email are solely those of the author and are not
intended to represent those of the company."
_______________________________________________
Ntop mailing list
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
http://listgateway.unipi.it/mailman/listinfo/ntop
--
Arthur Stephens
Senior Network Administrator
Ptera Inc.
PO Box 135
24001 E Mission Suite 50
Liberty Lake, WA 99019
509-927-7837
ptera.com |
facebook.com/PteraInc | twitter.com/Ptera
-----------------------------------------------------------------------------
"This message may contain confidential and/or propriety information, and is
intended for the person/entity to whom it was originally addressed.
Any use by others is strictly prohibited. Please note that any views or
opinions presented in this email are solely those of the author and are not
intended to represent those of the company."
Loading...