[root@grh ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:distinct
ACCEPT udp -- anywhere anywhere udp dpt:distinct32
ACCEPT udp -- anywhere anywhere udp dpt:palace-6
ACCEPT udp -- anywhere anywhere udp dpt:distinct
ACCEPT udp -- anywhere anywhere udp dpt:distinct32
ACCEPT udp -- anywhere anywhere udp dpt:palace-6
ACCEPT udp -- anywhere anywhere udp dpt:distinct
ACCEPT udp -- anywhere anywhere udp dpt:distinct32
ACCEPT udp -- anywhere anywhere udp dpt:palace-6
ACCEPT udp -- anywhere anywhere udp dpt:distinct
ACCEPT udp -- anywhere anywhere udp dpt:distinct32
ACCEPT udp -- anywhere anywhere udp dpt:palace-6
ACCEPT udp -- anywhere anywhere udp dpt:palace-5
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@grh ~]#
Bandwidth graph but no Top Talker Data
-
networkeng
- Posts: 27
- Joined: Wed Nov 12, 2014 5:25 pm
-
sreinhardt
- -fno-stack-protector
- Posts: 4366
- Joined: Mon Nov 19, 2012 12:10 pm
Re: Bandwidth graph but no Top Talker Data
Sorry, could we get that one more time with a little different flag:
Code: Select all
iptables -L -nNagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
-
networkeng
- Posts: 27
- Joined: Wed Nov 12, 2014 5:25 pm
Re: Bandwidth graph but no Top Talker Data
[root@grh ~]# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:10000
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9996
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@grh ~]#
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:10000
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9999
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9998
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9997
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:9996
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain FORWARD (policy ACCEPT)
target prot opt source destination
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@grh ~]#
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
Re: Bandwidth graph but no Top Talker Data
This all looks ok, one other possibility would be that Network Analyzer cannot access what it needs to in the netflow data. Is SELinux enabled?
And, do you have any errors in the apache error log after trying to access this page?
Code: Select all
getenforceCode: Select all
tail -200 /var/log/httpd/error_log-
networkeng
- Posts: 27
- Joined: Wed Nov 12, 2014 5:25 pm
Re: Bandwidth graph but no Top Talker Data
Hey guys, thank you very much for your help. It turns out it was a timestamp issue on the exported flows. I noticed the captures were getting a timestamp of 1969-12-31 18:00:00.000. I added the necessary timestamp commands on the cisco gear and now it's working.
Thanks again.
Thanks again.
-
sreinhardt
- -fno-stack-protector
- Posts: 4366
- Joined: Mon Nov 19, 2012 12:10 pm
Re: Bandwidth graph but no Top Talker Data
Fantasic, glad you figured it out! Also thanks for the note, I didn't even know it was possible to change the flow timestamp at the router level! Locking it up for now. If you need it unlocked let me know.
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.