IPv6 readiness of packages…
-
There's more than one tab/sheet… :-)
FYI- I was pleasantly surprised to find out darkstat not only started with no extra changes needed, but fully supports and graphs/tracks IPv6.
-
There's more than one tab/sheet… :-)
FYI- I was pleasantly surprised to find out darkstat not only started with no extra changes needed, but fully supports and graphs/tracks IPv6.
on an only slightly related note: how can we get ntop to show tunnelbroker/GIF tunnel traffic? It seems to support IPv6 just fine, but it doesn't show the tunnel as an interface, it only shows the actual physical interfaces, not the logical ones.
-
Not sure there I haven't tried that one yet on my box that has a gif tunnel. I fired it up on a VM and it was happy but I didn't leave it running.
I may toss it on my edge firewall and see how it goes later.
I thought it would listen on any interface it was configured to run on, no matter what type it was.
-
Well, the interface shows up when I reselected it in pfsense's ntop settings tab, it somehow was disabled when I was playing around with the snort-related IPv6 blocking and I recreated the interface assignments.
However, it doesn't show the IPv6 address, it lists gif0 as a loopback device with an IPv4 address of 0.0.0.0 and the IPv6 address shows as empty, when it should have no IPv4 address, and a real IPv6 address instead.
And in ntop's Admin > Switch NIC list, gif0 doesn't show up, either.
-
However, it doesn't show the IPv6 address, it lists gif0 as a loopback device with an IPv4 address of 0.0.0.0 and the IPv6 address shows as empty, when it should have no IPv4 address, and a real IPv6 address instead.
And in ntop's Admin > Switch NIC list, gif0 doesn't show up, either.
I've noticed the same thing with my gif0 interface.. been like that for a while now… wondering if ntop doesn't know what to do with it
-
Have you tried darkstat? It might be able to catch that traffic.
EDIT: darkstat does seem to happily graph data for one of my gif interfaces, but I didn't try it extensively.
-
Have you tried darkstat? It might be able to catch that traffic.
EDIT: darkstat does seem to happily graph data for one of my gif interfaces, but I didn't try it extensively.
Well, darkstat doesn't start up here (from syslog):
Jun 26 19:51:26 php: /status_services.php: The command '/usr/local/etc/rc.d/darkstat.sh stop' returned exit code '1', the output was 'No matching processes were found'
Jun 26 19:50:34 php: /pkg_edit.php: The command '/usr/local/etc/rc.d/darkstat.sh stop' returned exit code '1', the output was 'No matching processes were found'
Jun 26 19:50:34 check_reload_status: Syncing firewall
Jun 26 19:50:31 php: /pkg_edit.php: The command '/usr/local/etc/rc.d/darkstat.sh stop' returned exit code '1', the output was 'No matching processes were found'
Jun 26 19:48:39 php: /pkg_edit.php: The command '/usr/local/etc/rc.d/darkstat.sh stop' returned exit code '1', the output was 'No matching processes were found'
Jun 26 19:48:39 check_reload_status: Syncing firewall
Jun 26 19:48:36 php: /pkg_edit.php: The command '/usr/local/etc/rc.d/darkstat.sh stop' returned exit code '1', the output was 'No matching processes were found'Also, a way that these packages, e.g. darkstat, NTOP, etc. can use things like WAN6 (the name I gave the interface) instead of OPT2 or gif0?
-
select only 1 interface and try again… IIRC darkstat only works with one interface. The GUI shouldn't allow you to select more then one IMHO.. I think that's the reason why I stop using it a while ago..
-
select only 1 interface and try again… IIRC darkstat only works with one interface. The GUI shouldn't allow you to select more then one IMHO.. I think that's the reason why I stop using it a while ago..
Indeed. Bummer. I guess the package could launch multiple instances on different interfaces. And then one would have to access the various web pages for the different interfaces in some way…
-
Yes, you are correct about the one interface limitation. Saw this also.
Saw that the service was "Stopped" and tried to start it manually in CLI to see the result and got the following:I checked the "darkstat.sh" and it includes (for my setting) the following:
"/usr/local/sbin/darkstat -i gif0 -i re0 -p 666"But if I try to do a "./darkstat.sh start" manually it gives the following error:
[2.1-BETA0][admin@pfsense.mrzaz.com]/usr/local/etc/rc.d(25): ./darkstat.sh start
error: already specified argument "-i"
darkstat 3.0.715 (using libpcap version 1.0.0)usage: darkstat [ -i interface ]
[ -r file ]
[ -p port ]
.
.I checked a "man darkstat" on internet and found a one for the linux version and it specifies -i as in singular, not plural.
-i interface
Capture traffic on the specified network interface. This is the only mandatory commandline argument.I don't know if it is possible to run darkstat on multiple interfaces at the same time in one darkstat instance !?
//Danne
-
I don't know if it is possible to run darkstat on multiple interfaces at the same time in one darkstat instance !?
I doubt it. But one might be able to launch several instances, each running on one interface.
-
I don't know if it is possible to run darkstat on multiple interfaces at the same time in one darkstat instance !?
I doubt it. But one might be able to launch several instances, each running on one interface.
However, then it will start separate WEB-instances as well. You could not have it combined.
(eg. <ip>:666, <ip>:667 and so on.) And this is not prepared today in the current package./Dan</ip></ip>
