advertisement

Article:
  Monitoring Network Traffic with Netflow
Subject:   libnsl on FreeBSD
Date:   2005-09-18 12:22:12
From:   jasontaylor1
Response to: libnsl on FreeBSD

Thanks for that. It now compiles and installs without complaining.


However I get no output from flowdumper.


eg:

[jasont@sechost]/var/log/netflows: ls -l
total 1154
-rw-r--r-- 1 root wheel 8070 Sep 18 18:40 ft-v05.2005-09-18.183947+0100
-rw-r--r-- 1 root wheel 50481 Sep 18 18:45 ft-v05.2005-09-18.184001+0100
-rw-r--r-- 1 root wheel 60604 Sep 18 18:50 ft-v05.2005-09-18.184501+0100
-rw-r--r-- 1 root wheel 76010 Sep 18 18:55 ft-v05.2005-09-18.185001+0100
-rw-r--r-- 1 root wheel 56227 Sep 18 19:00 ft-v05.2005-09-18.185501+0100
-rw-r--r-- 1 root wheel 57349 Sep 18 19:05 ft-v05.2005-09-18.190001+0100
-rw-r--r-- 1 root wheel 44022 Sep 18 19:10 ft-v05.2005-09-18.190501+0100
-rw-r--r-- 1 root wheel 48894 Sep 18 19:15 ft-v05.2005-09-18.191001+0100
-rw-r--r-- 1 root wheel 62026 Sep 18 19:20 ft-v05.2005-09-18.191501+0100
-rw-r--r-- 1 root wheel 61056 Sep 18 19:25 ft-v05.2005-09-18.192001+0100
-rw-r--r-- 1 root wheel 44053 Sep 18 19:30 ft-v05.2005-09-18.192501+0100
-rw-r--r-- 1 root wheel 57780 Sep 18 19:35 ft-v05.2005-09-18.193001+0100
-rw-r--r-- 1 root wheel 44531 Sep 18 19:40 ft-v05.2005-09-18.193501+0100
-rw-r--r-- 1 root wheel 46751 Sep 18 19:45 ft-v05.2005-09-18.194001+0100
-rw-r--r-- 1 root wheel 58878 Sep 18 19:50 ft-v05.2005-09-18.194502+0100
-rw-r--r-- 1 root wheel 74163 Sep 18 19:55 ft-v05.2005-09-18.195001+0100
-rw-r--r-- 1 root wheel 73601 Sep 18 20:00 ft-v05.2005-09-18.195501+0100
-rw-r--r-- 1 root wheel 71073 Sep 18 20:05 ft-v05.2005-09-18.200001+0100
-rw-r--r-- 1 root wheel 60490 Sep 18 20:10 ft-v05.2005-09-18.200501+0100
-rw-r--r-- 1 root wheel 58576 Sep 18 20:15 ft-v05.2005-09-18.201001+0100
-rw-r--r-- 1 root wheel 45904 Sep 18 20:20 ft-v05.2005-09-18.201501+0100
-rw-r--r-- 1 root wheel 100 Sep 18 20:20 tmp-v05.2005-09-18.202001+0100


[jasont@sechost]/var/log/netflows: ls ft-* | xargs -n 1 flowdumper -s
[jasont@sechost]/var/log/netflows:


Any ideas? I've tried Cflow on a few different boxes now (Redhat 9, FreeBSD 4.8 and 5.4) with similar results.


Thanks


Jason
Main Topics Oldest First

Showing messages 1 through 2 of 2.

  • libnsl on FreeBSD
    2005-09-20 05:11:36  lukasz@bromirski.net [Reply | View]

    All I can say is that with the warning Michael Lucas is warning us, flowdumper won't show me nothing on three separate machines (4.x, 5.x and 6.x). With the nsl removed from Makefile it goes well and flowdumper works - I'm using it currently and plan to deploy more installations.

    This is propably my error as Michael can't be wrong, but the fact is - flow-tools are real nightmare to succesfully set up and a typical case how to not write and maintain software (IMHO of course).
  • libnsl on FreeBSD
    2005-09-19 18:18:45  agshekeloh [Reply | View]

    I've installed the tools in exactly this manner on eight different machines. Following the instructions *exactly* will make flowdumper work.

    When you say "it doesn't complain," are you talking about the line that says "no library found for -libnls"? If so, did you make exactly the edit in the article, or did you use the patch in the posted followup comment?

    I can't comment on the patch in the comment, but I can say that the edit in the article has always worked, both for me and a variety of other people. I have lost no functionality from the tools, on 4.x and 5.x.