mcabezadebaca at clinitech
Aug 13, 2012, 10:16 AM
Global Protocol Distribution Charts
I have a new installation of NTOP and am configuring it. I have 2 issues that may have simple solutions.
First, "Global TCP/UDP Protocol Distribution" isn't producing any graphics. This started after I added a -p option to point to a protocol.list file per the instructions to better categorize my internal traffic.
My second issue is that I would like to exclude traffic to and from a backup network and a couple of scanning servers that are skewing my results. I attempted to use a -B and now am attempting the -filter-expression switch with no luck:
--filter-expression="!(net 10.18.1.0 255.255.255.0,10.255.255.0 255.255.255.0, 10.21.0.0 255.255.0.0) and !(host 10.10.220.146, 10.255.255.20)"
Any and all help will be greatly appreciated.
Below is my basic information.
i686-pc-linux-gnu (32 bit)
Running as user
Nov 24 2011 12:20:45
Nov 24 2011 12:20:46
GEO-533LITE 20090201 Build 1 Copyright (c) 2007 MaxMind LLC All Rights Reserved
GeoIP<http://www.maxmind.com/> AS Version
GEO-117 20090114 Build 1 Copyright (c) 2007 MaxMind LLC All Rights Reserved
/usr/sbin/ntop --user ntop --use-syslog=daemon --db-file-path /var/lib/ntop --trace-level 5 --http-server 3000 --skip-version-check=yes --interface p2p2 --filter-expression=!(net 172.18.1.0 255.255.255.0,188.8.131.52 255.255.255.0, 172.17.0.0 255.255.0.0) and !(host 172.20.220.146, 184.108.40.206) -p /etc/protocol.list -O /captures
"Is everything sad going to come untrue?" Sam - The Lord of the Rings.
This e-mail message, including any attachments, is for the
sole use of the intended recipient(s) and may contain
confidential or privileged information. Any unauthorized
review, use, disclosure or distribution is prohibited. If
you are not the intended recipient, please contact the
sender by reply e-mail and destroy the message.
Think Green! Please do not print this e-mail unless you need to. Thank you.