headers
Earl C. Terwilliger | 1 Jul 2002 22:45

RC21Bug, segmentation fault leaks.c:511

Hello,

I am running Ntop RC2 built from current 6/29/2002 source on a Redhat 7.3 
system (Pentium III 866 with 128M) and am getting a segmentation fault.
(I am monitoring three interfaces here but it faults even if I monitor one)
(I was getting the same error on RedHat 7.0 too)

Here is the configuration file and gdb trace.

let me know if more is needed. I am not on the list so please email me 
seperately.

thanks
Earl

ntop version.....2.0.99
Built on.....07/01/02 02:21:08 PM
OS.....i686-pc-linux-gnu

Command line

Started as..../usr/local/bin/ntop
            -i
            eth0,eth1,eth2
            -P
            /temp
            -u
            root
            -K
(Continue reading)

Permalink | Reply | 0 comments |
headers
Kevin Maguire | 2 Jul 2002 01:18
Favicon

problem compiling under solaris 2.6

Hi

I checked out latest via CVS as described on main page.

However on solaris 2.6 it fails to compile webInterface.c due to

USE_SYSLOG gets defined, but on solaris 2.6/8/9 (all these OS versions
have same version of this file)

/usr/include/sys/syslog.h

does not define facilitynames, therefore errors.  (this IS defined in
Linmux /usr/include/sys/syslog.h).  I undefined USE_SYSLOG in
webInterface.c and main.c and the code compiles and links OK.

I also note it still logs plenty of info via syslog :-)

I had one more error, in ssl.c there is the line:

ERR_error_string_n(l, buf, sizeof buf);

this gives an undefined symbol at link timne.  I just commented it
out, as I wasn't intending using SSL anyway.

Lastly, I get the following in syslog:

Jun 28 22:23:01 server3 ntop[18967]: ERROR: URL security: '' rejected (code=1)(client=x.y.z.t)
Jun 28 22:25:01 server3 ntop[18967]: Rejected request from address x.y.z.t (it previously sent ntop a bad request)

which is a bit of a pain (I was using Konqueror to look at the stats).
(Continue reading)

Permalink | Reply | 3 comments |
headers
Burton M. Strauss III | 2 Jul 2002 01:42

RE: problem compiling under solaris 2.6

First off, one problem per message.

Secondly, what is the environment?  cc or gcc, etc...

Look at ntop.h, around 565:

 *                 USE_SYSLOG is shorthand for defined(HAVE_SYS_SYSLOG_H) ||
defined(HAVE_SYSLOG_H)
 *                 Use that ifdef everywhere else for code dependent on the
includes.

Which is correct, you have /usr/include/sys/syslog.h

The test for facilitynames is #if !defined(__GNUC__).

Thinking about this, it is assuming that a gcc compile has glibc libraries
and these will have the facilitynames.  And cc doesn't - so we supply them
inline.

I'm GUESSING you have gcc installed but not glibc?

-----Burton

-----Original Message-----
From: ntop-dev-admin <at> unipi.it [mailto:ntop-dev-admin <at> unipi.it]On Behalf
Of Kevin Maguire
Sent: Monday, July 01, 2002 6:19 PM
To: ntop-dev <at> ntop.org
Subject: [Ntop-dev] problem compiling under solaris 2.6
(Continue reading)

Permalink | Reply | 0 comments |
headers
Burton M. Strauss III | 2 Jul 2002 01:52

RE: problem compiling under solaris 2.6

First off, one problem per message.

ERR_error_string_n is a standard part of openSSL:

http://openssl.planetmirror.com/docs/crypto/ERR_error_string.html

The ./configure step looks for the files libssl.a and ssl.h to decide if you
have openSSL installed (it sometimes looks for libcrypto.a too).  If you
have a bad installation, it could be that it's finding them at ./configure
time (choosing to compile for openSSL), but is unable to link.  If you don't
plan on using openSSL, then use --disable-ssl.

-----Burton

-----Original Message-----
From: ntop-dev-admin <at> unipi.it [mailto:ntop-dev-admin <at> unipi.it]On Behalf
Of Kevin Maguire
Sent: Monday, July 01, 2002 6:19 PM
To: ntop-dev <at> ntop.org
Subject: [Ntop-dev] problem compiling under solaris 2.6

Hi

I checked out latest via CVS as described on main page.

<snip />

ERR_error_string_n(l, buf, sizeof buf);

this gives an undefined symbol at link timne.  I just commented it
(Continue reading)

Permalink | Reply | 0 comments |
headers
Burton M. Strauss III | 2 Jul 2002 01:52

RE: problem compiling under solaris 2.6

First off, one problem per message.

Code 1 means that URLsecurity found a % in the request.  ntop isn't prepared
to deal with (read that as protect the system) from unicode, so we simply
reject unicode URLs.

You should have an immediately prior line in the log:

     URL security(1): ERROR: Found percent in URL...DANGER...rejecting
request

Once you send a bad one, the address goes into a ring buffer on a 5 minute
timeout where we simply drop subsequent requests...  rather than waste
cycles ignoring an attack...

Answer: Live with it...

-----Burton

-----Original Message-----
From: ntop-dev-admin <at> unipi.it [mailto:ntop-dev-admin <at> unipi.it]On Behalf
Of Kevin Maguire
Sent: Monday, July 01, 2002 6:19 PM
To: ntop-dev <at> ntop.org
Subject: [Ntop-dev] problem compiling under solaris 2.6

Hi

I checked out latest via CVS as described on main page.
(Continue reading)

Permalink | Reply | 0 comments |
headers
Burton Strauss | 2 Jul 2002 04:11

RE: problem compiling under solaris 2.6

Reply to the list, NOT me personally.  Anything sent to me personally gets a reply If & only If I feel like it and
gets copied to the list...

glibc has a gnu extension which builds a table of the LOG_xxxx values, called facilitynames.  Sun's cc .h
files don't do that.

I had coded the test based on the __gnu__ precompiler variable, thinking that if you had gcc, you had the
glibc.  gcc + the Sun libraries is simply a combo I hadn't thought of - I assumed it would be one set or the other
not both.  I guess I need to add a test into ./configure and then use that not __gnuc__ in the code...

-----Burton

---------- Original Message ----------------------------------
From: Kevin Maguire <kmaguire <at> eso.org>
Date:  Tue, 2 Jul 2002 02:04:30 +0200 (MEST)

>Hi Burton
>
>Thanks for thr replies on this and the other matters.  I was in three
>minds to reply directly, or to the list as well, or _just_ to the list.
>Let me know if I made the wrong choice
>
>> First off, one problem per message.
>
>Point taken.
>
>> Secondly, what is the environment?  cc or gcc, etc...
>
>gcc 2.95.2.  I didn't try with Sun Forte cc.
>
(Continue reading)

Permalink | Reply | 0 comments |
headers
Burton Strauss | 2 Jul 2002 13:10

RE: ntop with MySQL

Can't... ntop stores data into the mySQL database, it doesn't read from the tables.

-----Burton

---------- Original Message ----------------------------------
From: Lavaraj Bose <lavarajb <at> yahoo.com>
Reply-To: ntop-dev <at> unipi.it
Date:  Fri, 28 Jun 2002 04:22:35 -0700 (PDT)

>Sir,
>I am a network student.
>I have installed your software in my system (Redhat
>7.1)
>And it is running  very nicely......thanks.
>But instead of reading from db files i want ntop to
>read from mysql tables.
>I have given ntop -v option .
>But it is not working .
>it is giving unknown option -v
>my ntop version is 2.0.99
>pls help me  in this problem
>thanks and regards
>lavaraj bose
>
>=====
>
>
>__________________________________________________
>Do You Yahoo!?
>Yahoo! - Official partner of 2002 FIFA World Cup
(Continue reading)

Permalink | Reply | 0 comments |
headers
Earl C. Terwilliger | 2 Jul 2002 14:57

keep ntop going..

Hello,

Until there is a fix for the NTOP segmentation fault problem,
I though others might need this work around that I am using.
It is a simple little 'C' program I coded to re-start NTOP if the 
"ntop caught signal" serror message is found.

/*
   Earl Terwilliger
   earlt <at> agent-source.com
*/

#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>

#define BUFSIZE 80

/*
   Change the next three lines to match
   your start/stop process and the error message
   which will re-start the process
*/

#define PROCESS_START "ntop -i \"eth0,eth1,eth2\"  -u ntop -P /temp"
#define PROCESS_ERROR_MSG "ntop caught signal"
#define PROCESS_KILL "ps -ef | grep \"ntop \" | grep -v grep | awk '{ print $2 }' | xargs kill -9"

int main() {
(Continue reading)

Permalink | Reply | 7 comments |
headers
Ricardo Jorge | 2 Jul 2002 16:06
Picon

XML dump files gets truncated from time to time

Hi !

	Since there are some problems with DB support module of NTOP (as
mentioned by Luca Deri), I am trying to retrieve the data and store it
using the http api ( http://host:3000/dumpData.html?language=xml ), as
this is a more neutral method then read strings formated to PHP or Perl.

	The problem starts when in my parsing routines some errors appears and
I decide to manually retreive the data, as you can see below.

	From time to time some of the data is truncated not at the same point
as you can see. This seems to be related to the size of the dump, the
larger the size the greater the possibilitiy to have a truncation.

	This is a live system capturing data from a Lan (a Linux machine
connected to that lan). The system is remote from my site and I have a
512 Kbps fiber optical direct connection to it, from where I retreive
the data. There is only one lan card in the remote site, so it sends the
dump from the same card as it is collecting data.

	I don't know if someone else is having the same problem (testing this
functionality of NTOP).

	I am using ntop-02-06-25.tgz, as this is the last version that compiles
and runs for me. I've tried ntop-02-07-01.tgz, but after compilation it
does not start, so I return to this one.

	Any help is apreciate. Thanks for you attention.

		Ricardo Jorge
(Continue reading)

Permalink | Reply | 6 comments |
headers
cvs-commit | 2 Jul 2002 16:05

New ntop commit (author burton)

Update of /export/home/ntop/ntop/plugins
In directory jabber:/tmp/cvs-serv29468/plugins

Modified Files:
	Makefile.in 
Log Message:
Update to the generated files (Makefile, et al) to reflect all the changes
we've made to ntop.  Basically, these files are regenerated by ./autogen.sh
and/or ./configure and/or make.  But we wanted to distribute ones that are
reasonable in case the user doesn't have all the tools.

-----Burton (ref BMS0102)
Permalink | Reply | 0 comments |

Gmane