Re: [Nfdump-discuss] Problem Recording Netflow Data.
netflow collecting and processing tools
Brought to you by:
phaag
Menu
▾
▴
Re: [Nfdump-discuss] Problem Recording Netflow Data.
|
From: Matthew G. <gr...@ca...> - 2011-02-25 16:14:31
|
On 02/25/2011 11:10 AM, Mark D. Nagel wrote: > On 2/25/2011 6:16 AM, Matthew Gracie wrote: >> For some reason, even though the traffic is coming in to the port that >> nfcapd is listening to, it's just not recognizing it as Netflow traffic. >> I've restarted the daemon, restarted the machine, changed ports, removed >> and reconfigured the flow-export rules on the router; nothing seems to >> make nfcapd recognize this traffic properly. > > Check iptables. > > Mark > I did - iptables isn't running on this machine. It looks like recompiling nfcapd on my machine and using that instead of the one from the AlienVault repository fixed the issue; I'm starting to get proper flow information now. Sorry to have wasted everyone's time. -- Matt Gracie (716) 888-8378 Information Security Administrator gr...@ca... Canisius College ITS Buffalo, NY http://www2.canisius.edu/~graciem/graciem_public_key.gpg |