[Flow-tools] new install
Ed Ravin
eravin at panix.com
Fri Jan 8 12:19:57 EST 2010
On Fri, Jan 08, 2010 at 10:33:07AM -0600, Kirk Olson wrote:
> flow-capture is running and tcpdump reports incoming udp packets but
> files are not being written in the directory specified. I am using the
> following command to start the capture:
>
> flow-capture -w /flows/mkflows 0/0/9800 -S5 -n287
Put the "0/0/9800" last on the command line, after all the hyphenated
options.
Make sure the /flows/mkflows directory exists.
Also, check with tcpdump that the incoming UDP packets are destined for
port 9800.
Check the syslogs for any errors from flow-capture.
Use "lsof -p <pid-of-flow-capture>" to make sure flow-capture is listening
to the right UDP port.
If all else fails, use "strace -p <pid-of-flow-capture>" to trace through
what it's doing or not doing.
More information about the Flow-tools
mailing list