From eric.middleton at oncologysupply.com Tue Mar 3 08:50:40 2009 From: eric.middleton at oncologysupply.com (Middleton, Eric) Date: Mon, 2 Mar 2009 15:50:40 -0600 Subject: [netflow-tools] softflowd questions Message-ID: <99248345D52E7B4C9AD0E02D2200F1CE0991D47A@100-EXCH-P-013.absg.net> I am running centos 4.7 server. I installed softflowd on it and ran this command softflowd -i eth0 -n 10.209.224.40:2055 If I go to my crannog netflow collector and check it the linux device shows in devices after a few seconds. However it never receives any data to display in the reports. It just see's the device as trying to communicate to it but gets no further data. Can anyone help with this issue? Thanks, Eric Middleton Oncology Supply Automation Cell: 334-790-7587 Office: 334-984-2673 CONFIDENTIALITY NOTICE. This electronic mail transmission may contain privileged and/or confidential information and is intended only for the review of the party to whom it is addressed. If you have received this transmission in error, please immediately return it to the sender, delete it and destroy it without reading it. Unintended transmission shall not constitute the waiver of the attorney-client or any other privilege. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/netflow-tools/attachments/20090302/95c85888/attachment-0001.html From xela at mailinglist.at Sat Mar 28 05:03:37 2009 From: xela at mailinglist.at (alex k) Date: Fri, 27 Mar 2009 19:03:37 +0100 (CET) Subject: [netflow-tools] softflowd keeps crashing Message-ID: hi there, first of all, softflowd is a cool piece of software. we have it on other linux machines (gateways) and it runs perfectly stable there. i use softflowd to collect data and nfsen to capture and evaluate. but there is one host, where softflowd keeps crashing. i am a bit clueless as instability doesn't seem to be a problem of softflowd. at least i didn't find anything in the web or this list. some information about the host: kernel (64 bit): 2.6.27.7-9-default #1 SMP 2008-12-04 18:10:04 +0100 x86_64 x86_64 x86_64 GNU/Linux libpcap version: libpcap0-0.9.8-47.41 softflowd version: softflowd-0.9.8 (compiled without problems on that machine) on this host with one network card runs vmware-server with several guests. the guests use bridged networking, every has its own ip address, but as mentioned - there is only one network card. softflowd crashes occasionally. sometimes once in two weeks, sometimes twice a day. the process disappears, the pid file stays. the only thing i recognized is, that at the same time there are often flows with completely wrong date (about 6 weeks in the future). not exactly the same time, of course. when softflowd crashes, the possibly critical data is lost. so my questions are: 1) where does softflowd get its time from? 2) can the wrong time be a problem? 3) what else could cause the crashes especially: how can i find it out. softflowd is _very_ quiet. nothing in the syslog, no message at all. thanks in advance for any helpful suggestion. xela