[prev in list] [next in list] [prev in thread] [next in thread]
List: ntop
Subject: Re: [Ntop] How to Analyse MikroTik Traffic Using nprobe -> ntopng on Windows
From: Simone Mainardi <mainardi () ntop ! org>
Date: 2018-12-27 9:34:16
Message-ID: C14D1AB7-32AC-49C6-A334-9E61347ED333 () ntop ! org
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
> On 24 Dec 2018, at 22:32, technical@mcw.org.za wrote:
>
> Update to prev mail:
>
> Starting ntopng with:
>
> ntopng /c -i tcp://*:5556c
>
> and nprobe with:
>
> nprobe /c --zmq "tcp://127.0.0.1:5556" --zmq-probe-mode -i none -n none \
> --collector-port 2055 -T "@NTOPNG@"
> Results in traffic being parsed to GUI running on:
>
> http://127.0.0.1:3000/lua/hosts_stats.lua
>
> However when selecting Hosts, Filter Hosts, Local Hosts, it outputs: No results \
> found, yet we can see some of our local IPs listed under Hosts (main menu).
use ntopng option -m to list your local networks.
For example, if your local addresses are 192.168.1.0/24 use -m 192.168.1.0/24
a comma-separated list is accepted as well.
Finally, do NOT cross-post in the ML and on GitHub \
(https://github.com/ntop/ntopng/issues/2268 \
<https://github.com/ntop/ntopng/issues/2268>). Community people do not need to read \
the same thing more than 1 time.
>
> Our primary requirement right now is analyzing / recording LAN users internet \
> bandwidth usage.
> C:\Program Files\ntopng>ntopng /c -i tcp://*:5556c
>
> ===================================================================
> Starting ntopng
> Running ntopng.
> 24/Dec/2018 23:26:30 [Ntop.cpp:1545] Setting local networks to 127.0.0.0/8
> 24/Dec/2018 23:26:30 [Redis.cpp:132] Successfully connected to redis 127.0.0.1@0
> 24/Dec/2018 23:26:30 [Redis.cpp:132] Successfully connected to redis 127.0.0.1@0
> 24/Dec/2018 23:26:30 [NtopPro.cpp:310] [LICENSE] Reading license from Redis
> 24/Dec/2018 23:26:30 [NtopPro.cpp:451] WARNING: [LICENSE] Invalid or missing \
> license 24/Dec/2018 23:26:30 [NtopPro.cpp:468] WARNING: [LICENSE] ntopng will now \
> run in enterprise edition for 10 minutes 24/Dec/2018 23:26:30 [NtopPro.cpp:470] \
> WARNING: [LICENSE] before returning to community mode 24/Dec/2018 23:26:30 \
> [NtopPro.cpp:472] WARNING: [LICENSE] You can buy a permanent license at \
> http://shop.ntop.org 24/Dec/2018 23:26:30 [NtopPro.cpp:474] WARNING: [LICENSE] or \
> run ntopng in community mode starting 24/Dec/2018 23:26:30 [NtopPro.cpp:475] \
> WARNING: [LICENSE] ntopng --community 24/Dec/2018 23:26:30 [Ntop.cpp:1639] \
> Registered interface tcp://*:5556c [id: 9] 24/Dec/2018 23:26:31 \
> [HTTPserver.cpp:945] HTTPS Disabled: missing SSL certificate C:\Program \
> Files\ntopng\httpdocs/ssl/ntopng-cert.pem 24/Dec/2018 23:26:31 [HTTPserver.cpp:947] \
> Please read https://github.com/ntop/ntopng/blob/dev/doc/README.SSL if you want to \
> enable SSL. 24/Dec/2018 23:26:31 [HTTPserver.cpp:1114] Web server dirs [C:\Program \
> Files\ntopng\httpdocs][C:\Program Files\ntopng\scripts] 24/Dec/2018 23:26:31 \
> [HTTPserver.cpp:1117] HTTP server listening on 3000 24/Dec/2018 23:26:31 \
> [main.cpp:393] Working directory: Z:\Cloud\OneDrive\MyPC\Documents\ntopng \
> 24/Dec/2018 23:26:31 [main.cpp:395] Scripts/HTML pages directory: C:\Program \
> Files\ntopng 24/Dec/2018 23:26:31 [Ntop.cpp:390] Welcome to ntopng x64 v.3.7.180929 \
> - (C) 1998-18 ntop.org 24/Dec/2018 23:26:31 [Ntop.cpp:400] Built on Windows
> 24/Dec/2018 23:26:31 [NtopPro.cpp:633] [LICENSE] System Id: 2152224034-9206A1D8
> 24/Dec/2018 23:26:31 [NtopPro.cpp:634] [LICENSE] Edition: Enterprise
> 24/Dec/2018 23:26:31 [NtopPro.cpp:635] [LICENSE] License Type: Time-Limited \
> License 24/Dec/2018 23:26:31 [NtopPro.cpp:644] [LICENSE] Validity: Until Mon \
> Dec 24 23:36:30 2018 24/Dec/2018 23:26:31 [PeriodicActivities.cpp:68] Started \
> periodic activities loop... 24/Dec/2018 23:26:32 [PeriodicActivities.cpp:109] Each \
> periodic activity script will use 2 threads 24/Dec/2018 23:26:32 \
> [NetworkInterface.cpp:2581] Started packet polling on interface tcp://*:5556c [id: \
> 9]... 24/Dec/2018 23:26:32 [CollectorInterface.cpp:122] Collecting flows on \
> tcp://*:5556c ======================================================================================
>
> C:\Program Files\nProbe>nprobe /c --zmq "tcp://127.0.0.1:5556" --zmq-probe-mode -i \
> none -n none --collector-port 2055 -T "@NTOPNG@"
> ==============================================================================
> Running nProbe for Windows.
> 24/Dec/2018 23:26:40 [nprobe.c:4168] Valid nProbe license found
> 24/Dec/2018 23:26:40 [nprobe.c:6092] WARNING: The output interfaceId is set to 0: \
> did you forget to use -Q perhaps ? 24/Dec/2018 23:26:40 [nprobe.c:6095] WARNING: \
> The input interfaceId is set to 0: did you forget to use -u perhaps ? 24/Dec/2018 \
> 23:26:40 [nprobe.c:6182] Welcome to nProbe v.8.6.181004 ($Revision: 4384 $) for \
> Windows 24/Dec/2018 23:26:40 [nprobe.c:6192] Running on Windows
> 24/Dec/2018 23:26:40 [nprobe.c:6203] [LICENSE] nProbe SystemId: 2152224034-9206A1D8
> 24/Dec/2018 23:26:40 [nprobe.c:6270] Sample rate [packet: 1][flow \
> collection/export: 1/1] 24/Dec/2018 23:26:40 [nprobe.c:8966] Welcome to nProbe \
> v.8.6.181004 for Windows 24/Dec/2018 23:26:40 [nprobe.c:7870] WARNING: Adding \
> %EXPORTER_IPV4_ADDRESS to the template as nProbe is working as collector \
> 24/Dec/2018 23:26:40 [nprobe.c:7976] Using NetFlow Packet Payload Len: 1472 \
> 24/Dec/2018 23:26:40 [nprobe.c:7906] @NTOPNG@ expanded to " %L7_PROTO \
> %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR \
> %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %IN_BYTES %IN_PKTS %OUT_BYTES \
> %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %SRC_VLAN %EXPORTER_IPV4_ADDRESS" \
> 24/Dec/2018 23:26:40 [plugin.c:1238] 0 plugin(s) enabled 24/Dec/2018 23:26:40 \
> [nprobe.c:8422] Each flow is 82 bytes long 24/Dec/2018 23:26:40 [nprobe.c:8423] The \
> # flows per packet has been set to 16 24/Dec/2018 23:26:40 [nprobe.c:8426] IP TOS \
> is accounted 24/Dec/2018 23:26:40 [nprobe.c:8452] Non IPv4/v6 traffic is discarded \
> according to the template 24/Dec/2018 23:26:40 [nprobe.c:9231] Flows ASs will not \
> be computed (missing libmxminddb support) 24/Dec/2018 23:26:40 [nprobe.c:9334] Not \
> capturing packet from interface (collector mode) 24/Dec/2018 23:26:40 [util.c:4719] \
> Initializing ZMQ as client 24/Dec/2018 23:26:40 [util.c:4738] Exporting flows \
> towards ZMQ endpoint tcp://127.0.0.1:5556 24/Dec/2018 23:26:40 [collect.c:142] Flow \
> collector listening on port 2055 (IPv4/v6) 24/Dec/2018 23:26:40 [nprobe.c:9582] \
> nProbe started successfully 24/Dec/2018 23:30:26 [nprobe.c:567] Received shutdown \
> request... [signal: 2] 24/Dec/2018 23:30:27 [nprobe.c:6317] Flushing active flows
> 24/Dec/2018 23:30:27 [engine.c:3169] About to flush hash (threadId 0)
> 24/Dec/2018 23:30:27 [engine.c:3171] Completed hash walk (thread 0)
> ==================================================================================
>
> Assistance greatly appreciated.
>
> Best,
>
> Johan.
>
>
> On 2018-12-24 20:50, technical@mcw.org.za wrote:
> > Hi Emanuele,
> > Both below Windows CMD terminals run as Administrator:
> > C:\Program Files\ntopng>ntopng /c i -i tcp://*:5556c
> > =============================================
> > Starting ntopng
> > Running ntopng.
> > 24/Dec/2018 20:39:33 [Ntop.cpp:1545] Setting local networks to 127.0.0.0/8
> > 24/Dec/2018 20:39:33 [Redis.cpp:132] Successfully connected to redis 127.0.0.1@0
> > 24/Dec/2018 20:39:33 [Redis.cpp:132] Successfully connected to redis 127.0.0.1@0
> > 24/Dec/2018 20:39:33 [NtopPro.cpp:310] [LICENSE] Reading license from Redis
> > 24/Dec/2018 20:39:33 [NtopPro.cpp:451] WARNING: [LICENSE] Invalid or
> > missing license
> > 24/Dec/2018 20:39:33 [NtopPro.cpp:468] WARNING: [LICENSE] ntopng will
> > now run in enterprise edition for 10 minutes
> > 24/Dec/2018 20:39:33 [NtopPro.cpp:470] WARNING: [LICENSE] before
> > returning to community mode
> > 24/Dec/2018 20:39:33 [NtopPro.cpp:472] WARNING: [LICENSE] You can buy
> > a permanent license at http://shop.ntop.org
> > 24/Dec/2018 20:39:33 [NtopPro.cpp:474] WARNING: [LICENSE] or run
> > ntopng in community mode starting
> > 24/Dec/2018 20:39:33 [NtopPro.cpp:475] WARNING: [LICENSE] ntopng --community
> > 24/Dec/2018 20:39:34 [CollectorInterface.cpp:66] ERROR: Unable to bind
> > to ZMQ endpoint tcp://*:5556 [collector]
> > 24/Dec/2018 20:39:35 [main.cpp:239] ERROR: An exception occurred
> > during tcp://*:5556c interface creation[2]: No such file or directory
> > 24/Dec/2018 20:39:35 [main.cpp:293] ERROR: Startup error: missing
> > super-user privileges ?
> > C:\Program Files\ntopng>ntopng /c i -i tcp://*:5556c
> > Starting ntopng
> > Running ntopng.
> > 24/Dec/2018 20:40:36 [Ntop.cpp:1545] Setting local networks to 127.0.0.0/8
> > 24/Dec/2018 20:40:36 [Redis.cpp:132] Successfully connected to redis 127.0.0.1@0
> > 24/Dec/2018 20:40:36 [Redis.cpp:132] Successfully connected to redis 127.0.0.1@0
> > 24/Dec/2018 20:40:36 [NtopPro.cpp:310] [LICENSE] Reading license from Redis
> > 24/Dec/2018 20:40:36 [NtopPro.cpp:451] WARNING: [LICENSE] Invalid or
> > missing license
> > 24/Dec/2018 20:40:36 [NtopPro.cpp:468] WARNING: [LICENSE] ntopng will
> > now run in enterprise edition for 10 minutes
> > 24/Dec/2018 20:40:36 [NtopPro.cpp:470] WARNING: [LICENSE] before
> > returning to community mode
> > 24/Dec/2018 20:40:36 [NtopPro.cpp:472] WARNING: [LICENSE] You can buy
> > a permanent license at http://shop.ntop.org
> > 24/Dec/2018 20:40:36 [NtopPro.cpp:474] WARNING: [LICENSE] or run
> > ntopng in community mode starting
> > 24/Dec/2018 20:40:36 [NtopPro.cpp:475] WARNING: [LICENSE] ntopng --community
> > 24/Dec/2018 20:40:37 [CollectorInterface.cpp:66] ERROR: Unable to bind
> > to ZMQ endpoint tcp://*:5556 [collector]
> > 24/Dec/2018 20:40:37 [main.cpp:239] ERROR: An exception occurred
> > during tcp://*:5556c interface creation[2]: No such file or directory
> > 24/Dec/2018 20:40:37 [main.cpp:293] ERROR: Startup error: missing
> > super-user privileges ?
> > ================================================
> > C:\Program Files\nProbe>nprobe /c my_nprobe --zmq
> > "tcp://<192.168.88.2>:5556" --zmq-probe-mode -i none -n none
> > --collector-port 2055 -T "@NTOPNG@"
> > ============================================================
> > Running nProbe for Windows.
> > 24/Dec/2018 20:41:38 [nprobe.c:4168] Valid nProbe license found
> > 24/Dec/2018 20:41:38 [nprobe.c:6092] WARNING: The output interfaceId
> > is set to 0: did you forget to use -Q perhaps ?
> > 24/Dec/2018 20:41:38 [nprobe.c:6095] WARNING: The input interfaceId is
> > set to 0: did you forget to use -u perhaps ?
> > 24/Dec/2018 20:41:38 [nprobe.c:6182] Welcome to nProbe v.8.6.181004
> > ($Revision: 4384 $) for Windows
> > 24/Dec/2018 20:41:38 [nprobe.c:6192] Running on Windows
> > 24/Dec/2018 20:41:38 [nprobe.c:6203] [LICENSE] nProbe SystemId:
> > 2152224034-9206A1D8
> > 24/Dec/2018 20:41:38 [nprobe.c:6270] Sample rate [packet: 1][flow
> > collection/export: 1/1]
> > 24/Dec/2018 20:41:38 [nprobe.c:8966] Welcome to nProbe v.8.6.181004 for Windows
> > 24/Dec/2018 20:41:38 [nprobe.c:7870] WARNING: Adding
> > %EXPORTER_IPV4_ADDRESS to the template as nProbe is working as
> > collector
> > 24/Dec/2018 20:41:38 [nprobe.c:7976] Using NetFlow Packet Payload Len: 1472
> > 24/Dec/2018 20:41:38 [nprobe.c:7906] @NTOPNG@ expanded to " %L7_PROTO
> > %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT %L4_DST_PORT %IPV6_SRC_ADDR
> > %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %IN_BYTES %IN_PKTS
> > %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %SRC_VLAN
> > %EXPORTER_IPV4_ADDRESS"
> > 24/Dec/2018 20:41:38 [plugin.c:1238] 0 plugin(s) enabled
> > 24/Dec/2018 20:41:38 [nprobe.c:8422] Each flow is 82 bytes long
> > 24/Dec/2018 20:41:38 [nprobe.c:8423] The # flows per packet has been set to 16
> > 24/Dec/2018 20:41:38 [nprobe.c:8426] IP TOS is accounted
> > 24/Dec/2018 20:41:38 [nprobe.c:8452] Non IPv4/v6 traffic is discarded
> > according to the template
> > 24/Dec/2018 20:41:38 [nprobe.c:9231] Flows ASs will not be computed
> > (missing libmxminddb support)
> > 24/Dec/2018 20:41:38 [nprobe.c:9334] Not capturing packet from
> > interface (collector mode)
> > 24/Dec/2018 20:41:38 [util.c:4719] Initializing ZMQ as client
> > 24/Dec/2018 20:41:38 [util.c:4736] ERROR: Unable to export flows
> > towards ZMQ endpoint tcp://<192.168.88.2>:5556: Invalid argument
> > 24/Dec/2018 20:41:38 [collect.c:142] Flow collector listening on port
> > 2055 (IPv4/v6)
> > 24/Dec/2018 20:41:38 [nprobe.c:9582] nProbe started successfully
> > 24/Dec/2018 20:46:29 [nprobe.c:567] Received shutdown request... [signal: 2]
> > 24/Dec/2018 20:46:29 [nprobe.c:6317] Flushing active flows
> > 24/Dec/2018 20:46:31 [nprobe.c:3127] Processed packets: 0 (max bucket search: 0)
> > 24/Dec/2018 20:46:31 [nprobe.c:3110] Fragment queue length: 0
> > 24/Dec/2018 20:46:31 [nprobe.c:3137] Flow collection stats:
> > [collected pkts: 0][processed flows: 0]
> > 24/Dec/2018 20:46:31 [nprobe.c:3140] Flow export stats: [0
> > bytes/0 pkts][0 flows/0 pkts sent]
> > 24/Dec/2018 20:46:31 [nprobe.c:3146] Flow export drop stats: [0
> > bytes/0 pkts][0 flows]
> > 24/Dec/2018 20:46:31 [nprobe.c:3151] Total flow stats: [0
> > bytes/0 pkts][0 flows/0 pkts sent]
> > ====================================================================
> > Am not sure what to do / try form here, assistance appreciated,
> > Best,
> > Johan.
> > On 2018-12-24 16:02, Emanuele Faranda wrote:
> > > Hi,
> > > Please try to replace /i with /c so that you can see the commands output.
> > > Regards,
> > > Emanuele
> > > On 12/24/18 12:17 AM, technical@mcw.org.za wrote:
> > > > Update to the below, as per what Ive posted to the mailing list:
> > > > We have Multiple nProbe sites with Mikrotik routers, and want to send flows \
> > > > to one remote ntopng instance running on a Windows machine. Starting with the \
> > > > local site all behind the same Firewall / on same LAN: Mikrotik is setup to \
> > > > send NetFlow to the IP of the host running nprobe & ntopng: 192.168.88.2 \
> > > > ntopng started as service with the below CMD: ntopng /i -i tcp://*:5556c
> > > > And nprobe with:
> > > > nprobe /i my_nprobe --zmq "tcp://<192.168.88.2>:5556" --zmq-probe-mode -i \
> > > > none -n none --collector-port 2055 -T "@NTOPNG@" As per the steps outlined \
> > > > here: https://www.ntop.org/nprobe/best-practices-for-the-collection-of-flows-with-ntopng-and-nprobe/ \
> > > > However ntopng when loaded shows only: No packet has been received yet on \
> > > > interface tcp://*:5556c. Please wait 6 seconds until this page reloads. Have \
> > > > also tried the steps outlined below to no avail: \
> > > > https://www.ntop.org/ntopng/how-to-analyse-mikrotik-traffic-using-ntopng/ Any \
> > > > help greatly appreciated, Johan.
> > > > On 2018-12-23 13:12, technical@mcw.org.za wrote:
> > > > > Hi there,
> > > > > We have one simple requirement:
> > > > > To accurately record how much bandwidth each user is using, across our
> > > > > several sites, over a day / week / month / year. Realtime data nice to
> > > > > have but not necessary.
> > > > > I say 'simple requirement' however having tried many ways to achieve
> > > > > this over years its been anything but simple. (For us anyhow.)
> > > > > With ntopng now being able to record historical data we're feeling
> > > > > encouraged to try ntop again.
> > > > > As such we've acquired the needed licenses, instructed our Mikrotik to
> > > > > send NetFlow to the Windows PC running nProbe & ntopng, and created
> > > > > the needed license file.
> > > > > However I cannot figure out how to start nprobe service to capture the
> > > > > Mikrotik flows and send them to ntopng.
> > > > > What are the correct Windows cmd's to start nprobe & ntopng, to
> > > > > capture NetFlow from Mikrotik please?
> > > > > Lots of tutorials like the one below for starting on Linux but no so
> > > > > much on Windows:
> > > > > https://www.ntop.org/ntopng/how-to-analyse-mikrotik-traffic-using-ntopng/ \
> > > > > We seem to need the Windows equivalent of the below however: nprobe -i none \
> > > > > -n none -3 2055 --zmq tcp://127.0.0.1:1234 ntopng -i tcp://127.0.0.1:1234
> > > > > Help greatly appreciated,
> > > > > Best,
> > > > > Johan.
> > > > > _______________________________________________
> > > > > Ntop mailing list
> > > > > Ntop@listgateway.unipi.it
> > > > > http://listgateway.unipi.it/mailman/listinfo/ntop
> > > > _______________________________________________
> > > > Ntop mailing list
> > > > Ntop@listgateway.unipi.it
> > > > http://listgateway.unipi.it/mailman/listinfo/ntop
> > > _______________________________________________
> > > Ntop mailing list
> > > Ntop@listgateway.unipi.it
> > > http://listgateway.unipi.it/mailman/listinfo/ntop
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
[Attachment #5 (unknown)]
<html><head><meta http-equiv="Content-Type" content="text/html; \
charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: \
space; line-break: after-white-space;" class=""><br class=""><div><br \
class=""><blockquote type="cite" class=""><div class="">On 24 Dec 2018, at 22:32, <a \
href="mailto:technical@mcw.org.za" class="">technical@mcw.org.za</a> wrote:</div><br \
class="Apple-interchange-newline"><div class=""><div class="">Update to prev mail:<br \
class=""><br class="">Starting ntopng with:<br class=""><br class="">ntopng /c -i <a \
href="tcp://*:5556c" class="">tcp://*:5556c</a><br class=""><br class="">and nprobe \
with:<br class=""><br class="">nprobe /c --zmq "<a href="tcp://127.0.0.1:5556" \
class="">tcp://127.0.0.1:5556</a>" --zmq-probe-mode -i none -n none --collector-port \
2055 -T "@NTOPNG@"<br class=""><br class="">Results in traffic being parsed to GUI \
running on:<br class=""><br class=""><a \
href="http://127.0.0.1:3000/lua/hosts_stats.lua" \
class="">http://127.0.0.1:3000/lua/hosts_stats.lua</a><br class=""><br \
class="">However when selecting Hosts, Filter Hosts, Local Hosts, it outputs: No \
results found, yet we can see some of our local IPs listed under Hosts (main \
menu).<br class=""></div></div></blockquote><div><br class=""></div><div><br \
class=""></div><div>use ntopng option -m to list your local networks.<br \
class=""><br class="">For example, if your local addresses \
are 192.168.1.0/24 use -m 192.168.1.0/24</div><div><br \
class=""></div><div>a comma-separated list is accepted as well.</div><div><br \
class=""></div><div>Finally, do NOT cross-post in the ML and on GitHub (<a \
href="https://github.com/ntop/ntopng/issues/2268" \
class="">https://github.com/ntop/ntopng/issues/2268</a>). Community people do not \
need to read the same thing more than 1 time.</div><br class=""><blockquote \
type="cite" class=""><div class=""><div class=""><br class="">Our primary requirement \
right now is analyzing / recording LAN users internet bandwidth usage.<br \
class=""><br class="">C:\Program Files\ntopng>ntopng /c -i <a href="tcp://*:5556c" \
class="">tcp://*:5556c</a><br class=""><br \
class="">===================================================================<br \
class="">Starting ntopng<br class="">Running ntopng.<br class="">24/Dec/2018 23:26:30 \
[Ntop.cpp:1545] Setting local networks to 127.0.0.0/8<br class="">24/Dec/2018 \
23:26:30 [Redis.cpp:132] Successfully connected to redis 127.0.0.1@0<br \
class="">24/Dec/2018 23:26:30 [Redis.cpp:132] Successfully connected to redis \
127.0.0.1@0<br class="">24/Dec/2018 23:26:30 [NtopPro.cpp:310] [LICENSE] Reading \
license from Redis<br class="">24/Dec/2018 23:26:30 [NtopPro.cpp:451] WARNING: \
[LICENSE] Invalid or missing license<br class="">24/Dec/2018 23:26:30 \
[NtopPro.cpp:468] WARNING: [LICENSE] ntopng will now run in enterprise edition for 10 \
minutes<br class="">24/Dec/2018 23:26:30 [NtopPro.cpp:470] WARNING: [LICENSE] before \
returning to community mode<br class="">24/Dec/2018 23:26:30 [NtopPro.cpp:472] \
WARNING: [LICENSE] You can buy a permanent license at <a href="http://shop.ntop.org" \
class="">http://shop.ntop.org</a><br class="">24/Dec/2018 23:26:30 [NtopPro.cpp:474] \
WARNING: [LICENSE] or run ntopng in community mode starting<br class="">24/Dec/2018 \
23:26:30 [NtopPro.cpp:475] WARNING: [LICENSE] ntopng --community<br \
class="">24/Dec/2018 23:26:30 [Ntop.cpp:1639] Registered interface <a \
href="tcp://*:5556c" class="">tcp://*:5556c</a> [id: 9]<br class="">24/Dec/2018 \
23:26:31 [HTTPserver.cpp:945] HTTPS Disabled: missing SSL certificate C:\Program \
Files\ntopng\httpdocs/ssl/ntopng-cert.pem<br class="">24/Dec/2018 23:26:31 \
[HTTPserver.cpp:947] Please read <a \
href="https://github.com/ntop/ntopng/blob/dev/doc/README.SSL" \
class="">https://github.com/ntop/ntopng/blob/dev/doc/README.SSL</a> if you want to \
enable SSL.<br class="">24/Dec/2018 23:26:31 [HTTPserver.cpp:1114] Web server dirs \
[C:\Program Files\ntopng\httpdocs][C:\Program Files\ntopng\scripts]<br \
class="">24/Dec/2018 23:26:31 [HTTPserver.cpp:1117] HTTP server listening on 3000<br \
class="">24/Dec/2018 23:26:31 [main.cpp:393] Working directory: \
Z:\Cloud\OneDrive\MyPC\Documents\ntopng<br class="">24/Dec/2018 23:26:31 \
[main.cpp:395] Scripts/HTML pages directory: C:\Program Files\ntopng<br \
class="">24/Dec/2018 23:26:31 [Ntop.cpp:390] Welcome to ntopng x64 v.3.7.180929 - (C) \
1998-18 <a href="http://ntop.org" class="">ntop.org</a><br class="">24/Dec/2018 \
23:26:31 [Ntop.cpp:400] Built on Windows<br class="">24/Dec/2018 23:26:31 \
[NtopPro.cpp:633] [LICENSE] System Id: 2152224034-9206A1D8<br \
class="">24/Dec/2018 23:26:31 [NtopPro.cpp:634] [LICENSE] Edition: \
Enterprise<br class="">24/Dec/2018 23:26:31 \
[NtopPro.cpp:635] [LICENSE] License Type: Time-Limited License<br \
class="">24/Dec/2018 23:26:31 [NtopPro.cpp:644] [LICENSE] Validity: \
Until Mon Dec 24 23:36:30 2018<br class="">24/Dec/2018 \
23:26:31 [PeriodicActivities.cpp:68] Started periodic activities loop...<br \
class="">24/Dec/2018 23:26:32 [PeriodicActivities.cpp:109] Each periodic activity \
script will use 2 threads<br class="">24/Dec/2018 23:26:32 \
[NetworkInterface.cpp:2581] Started packet polling on interface <a \
href="tcp://*:5556c" class="">tcp://*:5556c</a> [id: 9]...<br class="">24/Dec/2018 \
23:26:32 [CollectorInterface.cpp:122] Collecting flows on <a href="tcp://*:5556c" \
class="">tcp://*:5556c</a><br \
class="">======================================================================================<br \
class=""><br class="">C:\Program Files\nProbe>nprobe /c --zmq "<a \
href="tcp://127.0.0.1:5556" class="">tcp://127.0.0.1:5556</a>" --zmq-probe-mode -i \
none -n none --collector-port 2055 -T "@NTOPNG@"<br class=""><br \
class="">==============================================================================<br \
class="">Running nProbe for Windows.<br class="">24/Dec/2018 23:26:40 [nprobe.c:4168] \
Valid nProbe license found<br class="">24/Dec/2018 23:26:40 [nprobe.c:6092] WARNING: \
The output interfaceId is set to 0: did you forget to use -Q perhaps ?<br \
class="">24/Dec/2018 23:26:40 [nprobe.c:6095] WARNING: The input interfaceId is set \
to 0: did you forget to use -u perhaps ?<br class="">24/Dec/2018 23:26:40 \
[nprobe.c:6182] Welcome to nProbe v.8.6.181004 ($Revision: 4384 $) for Windows<br \
class="">24/Dec/2018 23:26:40 [nprobe.c:6192] Running on Windows<br \
class="">24/Dec/2018 23:26:40 [nprobe.c:6203] [LICENSE] nProbe SystemId: \
2152224034-9206A1D8<br class="">24/Dec/2018 23:26:40 [nprobe.c:6270] Sample rate \
[packet: 1][flow collection/export: 1/1]<br class="">24/Dec/2018 23:26:40 \
[nprobe.c:8966] Welcome to nProbe v.8.6.181004 for Windows<br class="">24/Dec/2018 \
23:26:40 [nprobe.c:7870] WARNING: Adding %EXPORTER_IPV4_ADDRESS to the template as \
nProbe is working as collector<br class="">24/Dec/2018 23:26:40 [nprobe.c:7976] Using \
NetFlow Packet Payload Len: 1472<br class="">24/Dec/2018 23:26:40 [nprobe.c:7906] \
@NTOPNG@ expanded to " %L7_PROTO %IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT \
%L4_DST_PORT %IPV6_SRC_ADDR %IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL %IN_BYTES \
%IN_PKTS %OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED %SRC_VLAN \
%EXPORTER_IPV4_ADDRESS"<br class="">24/Dec/2018 23:26:40 [plugin.c:1238] 0 \
plugin(s) enabled<br class="">24/Dec/2018 23:26:40 [nprobe.c:8422] Each flow is 82 \
bytes long<br class="">24/Dec/2018 23:26:40 [nprobe.c:8423] The # flows per packet \
has been set to 16<br class="">24/Dec/2018 23:26:40 [nprobe.c:8426] IP TOS is \
accounted<br class="">24/Dec/2018 23:26:40 [nprobe.c:8452] Non IPv4/v6 traffic is \
discarded according to the template<br class="">24/Dec/2018 23:26:40 [nprobe.c:9231] \
Flows ASs will not be computed (missing libmxminddb support)<br class="">24/Dec/2018 \
23:26:40 [nprobe.c:9334] Not capturing packet from interface (collector mode)<br \
class="">24/Dec/2018 23:26:40 [util.c:4719] Initializing ZMQ as client<br \
class="">24/Dec/2018 23:26:40 [util.c:4738] Exporting flows towards ZMQ endpoint <a \
href="tcp://127.0.0.1:5556" class="">tcp://127.0.0.1:5556</a><br class="">24/Dec/2018 \
23:26:40 [collect.c:142] Flow collector listening on port 2055 (IPv4/v6)<br \
class="">24/Dec/2018 23:26:40 [nprobe.c:9582] nProbe started successfully<br \
class="">24/Dec/2018 23:30:26 [nprobe.c:567] Received shutdown request... [signal: \
2]<br class="">24/Dec/2018 23:30:27 [nprobe.c:6317] Flushing active flows<br \
class="">24/Dec/2018 23:30:27 [engine.c:3169] About to flush hash (threadId 0)<br \
class="">24/Dec/2018 23:30:27 [engine.c:3171] Completed hash walk (thread 0)<br \
class="">==================================================================================<br \
class=""><br class="">Assistance greatly appreciated.<br class=""><br \
class="">Best,<br class=""><br class="">Johan.<br class=""><br class=""><br \
class="">On 2018-12-24 20:50, <a href="mailto:technical@mcw.org.za" \
class="">technical@mcw.org.za</a> wrote:<br class=""><blockquote type="cite" \
class="">Hi Emanuele,<br class="">Both below Windows CMD terminals run as \
Administrator:<br class="">C:\Program Files\ntopng>ntopng /c i -i <a \
href="tcp://*:5556c" class="">tcp://*:5556c</a><br \
class="">=============================================<br class="">Starting ntopng<br \
class="">Running ntopng.<br class="">24/Dec/2018 20:39:33 [Ntop.cpp:1545] Setting \
local networks to 127.0.0.0/8<br class="">24/Dec/2018 20:39:33 [Redis.cpp:132] \
Successfully connected to redis 127.0.0.1@0<br class="">24/Dec/2018 20:39:33 \
[Redis.cpp:132] Successfully connected to redis 127.0.0.1@0<br class="">24/Dec/2018 \
20:39:33 [NtopPro.cpp:310] [LICENSE] Reading license from Redis<br \
class="">24/Dec/2018 20:39:33 [NtopPro.cpp:451] WARNING: [LICENSE] Invalid or<br \
class="">missing license<br class="">24/Dec/2018 20:39:33 [NtopPro.cpp:468] WARNING: \
[LICENSE] ntopng will<br class="">now run in enterprise edition for 10 minutes<br \
class="">24/Dec/2018 20:39:33 [NtopPro.cpp:470] WARNING: [LICENSE] before<br \
class="">returning to community mode<br class="">24/Dec/2018 20:39:33 \
[NtopPro.cpp:472] WARNING: [LICENSE] You can buy<br class="">a permanent license at \
<a href="http://shop.ntop.org" class="">http://shop.ntop.org</a><br \
class="">24/Dec/2018 20:39:33 [NtopPro.cpp:474] WARNING: [LICENSE] or run<br \
class="">ntopng in community mode starting<br class="">24/Dec/2018 20:39:33 \
[NtopPro.cpp:475] WARNING: [LICENSE] ntopng --community<br class="">24/Dec/2018 \
20:39:34 [CollectorInterface.cpp:66] ERROR: Unable to bind<br class="">to ZMQ \
endpoint <a href="tcp://*:5556" class="">tcp://*:5556</a> [collector]<br \
class="">24/Dec/2018 20:39:35 [main.cpp:239] ERROR: An exception occurred<br \
class="">during <a href="tcp://*:5556c" class="">tcp://*:5556c</a> interface \
creation[2]: No such file or directory<br class="">24/Dec/2018 20:39:35 \
[main.cpp:293] ERROR: Startup error: missing<br class="">super-user privileges ?<br \
class="">C:\Program Files\ntopng>ntopng /c i -i <a href="tcp://*:5556c" \
class="">tcp://*:5556c</a><br class="">Starting ntopng<br class="">Running ntopng.<br \
class="">24/Dec/2018 20:40:36 [Ntop.cpp:1545] Setting local networks to \
127.0.0.0/8<br class="">24/Dec/2018 20:40:36 [Redis.cpp:132] Successfully connected \
to redis 127.0.0.1@0<br class="">24/Dec/2018 20:40:36 [Redis.cpp:132] Successfully \
connected to redis 127.0.0.1@0<br class="">24/Dec/2018 20:40:36 [NtopPro.cpp:310] \
[LICENSE] Reading license from Redis<br class="">24/Dec/2018 20:40:36 \
[NtopPro.cpp:451] WARNING: [LICENSE] Invalid or<br class="">missing license<br \
class="">24/Dec/2018 20:40:36 [NtopPro.cpp:468] WARNING: [LICENSE] ntopng will<br \
class="">now run in enterprise edition for 10 minutes<br class="">24/Dec/2018 \
20:40:36 [NtopPro.cpp:470] WARNING: [LICENSE] before<br class="">returning to \
community mode<br class="">24/Dec/2018 20:40:36 [NtopPro.cpp:472] WARNING: [LICENSE] \
You can buy<br class="">a permanent license at <a href="http://shop.ntop.org" \
class="">http://shop.ntop.org</a><br class="">24/Dec/2018 20:40:36 [NtopPro.cpp:474] \
WARNING: [LICENSE] or run<br class="">ntopng in community mode starting<br \
class="">24/Dec/2018 20:40:36 [NtopPro.cpp:475] WARNING: [LICENSE] ntopng \
--community<br class="">24/Dec/2018 20:40:37 [CollectorInterface.cpp:66] ERROR: \
Unable to bind<br class="">to ZMQ endpoint <a href="tcp://*:5556" \
class="">tcp://*:5556</a> [collector]<br class="">24/Dec/2018 20:40:37 [main.cpp:239] \
ERROR: An exception occurred<br class="">during <a href="tcp://*:5556c" \
class="">tcp://*:5556c</a> interface creation[2]: No such file or directory<br \
class="">24/Dec/2018 20:40:37 [main.cpp:293] ERROR: Startup error: missing<br \
class="">super-user privileges ?<br \
class="">================================================<br class="">C:\Program \
Files\nProbe>nprobe /c my_nprobe --zmq<br \
class="">"tcp://<192.168.88.2>:5556" --zmq-probe-mode -i none -n none<br \
class="">--collector-port 2055 -T "@NTOPNG@"<br \
class="">============================================================<br \
class="">Running nProbe for Windows.<br class="">24/Dec/2018 20:41:38 [nprobe.c:4168] \
Valid nProbe license found<br class="">24/Dec/2018 20:41:38 [nprobe.c:6092] WARNING: \
The output interfaceId<br class="">is set to 0: did you forget to use -Q perhaps ?<br \
class="">24/Dec/2018 20:41:38 [nprobe.c:6095] WARNING: The input interfaceId is<br \
class="">set to 0: did you forget to use -u perhaps ?<br class="">24/Dec/2018 \
20:41:38 [nprobe.c:6182] Welcome to nProbe v.8.6.181004<br class="">($Revision: 4384 \
$) for Windows<br class="">24/Dec/2018 20:41:38 [nprobe.c:6192] Running on Windows<br \
class="">24/Dec/2018 20:41:38 [nprobe.c:6203] [LICENSE] nProbe SystemId:<br \
class="">2152224034-9206A1D8<br class="">24/Dec/2018 20:41:38 [nprobe.c:6270] Sample \
rate [packet: 1][flow<br class="">collection/export: 1/1]<br class="">24/Dec/2018 \
20:41:38 [nprobe.c:8966] Welcome to nProbe v.8.6.181004 for Windows<br \
class="">24/Dec/2018 20:41:38 [nprobe.c:7870] WARNING: Adding<br \
class="">%EXPORTER_IPV4_ADDRESS to the template as nProbe is working as<br \
class="">collector<br class="">24/Dec/2018 20:41:38 [nprobe.c:7976] Using NetFlow \
Packet Payload Len: 1472<br class="">24/Dec/2018 20:41:38 [nprobe.c:7906] @NTOPNG@ \
expanded to " %L7_PROTO<br class="">%IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_SRC_PORT \
%L4_DST_PORT %IPV6_SRC_ADDR<br class="">%IPV6_DST_ADDR %IP_PROTOCOL_VERSION %PROTOCOL \
%IN_BYTES %IN_PKTS<br class="">%OUT_BYTES %OUT_PKTS %FIRST_SWITCHED %LAST_SWITCHED \
%SRC_VLAN<br class="">%EXPORTER_IPV4_ADDRESS"<br class="">24/Dec/2018 20:41:38 \
[plugin.c:1238] 0 plugin(s) enabled<br class="">24/Dec/2018 20:41:38 [nprobe.c:8422] \
Each flow is 82 bytes long<br class="">24/Dec/2018 20:41:38 [nprobe.c:8423] The # \
flows per packet has been set to 16<br class="">24/Dec/2018 20:41:38 [nprobe.c:8426] \
IP TOS is accounted<br class="">24/Dec/2018 20:41:38 [nprobe.c:8452] Non IPv4/v6 \
traffic is discarded<br class="">according to the template<br class="">24/Dec/2018 \
20:41:38 [nprobe.c:9231] Flows ASs will not be computed<br class="">(missing \
libmxminddb support)<br class="">24/Dec/2018 20:41:38 [nprobe.c:9334] Not capturing \
packet from<br class="">interface (collector mode)<br class="">24/Dec/2018 20:41:38 \
[util.c:4719] Initializing ZMQ as client<br class="">24/Dec/2018 20:41:38 \
[util.c:4736] ERROR: Unable to export flows<br class="">towards ZMQ endpoint \
tcp://<192.168.88.2>:5556: Invalid argument<br class="">24/Dec/2018 20:41:38 \
[collect.c:142] Flow collector listening on port<br class="">2055 (IPv4/v6)<br \
class="">24/Dec/2018 20:41:38 [nprobe.c:9582] nProbe started successfully<br \
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic