[Ntop] ntop crash suddenly
Mario Beltran
mario at 123.hn
Fri Jan 20 20:59:58 CET 2006
Tanks Burton :)
I have installed ntop 3.2 and work fine excepts for these messages in
the ntop log
Fri Jan 20 13:44:56 2006 **ERROR** RRD: rrd_graph() call failed, rc -1, can't make a graph without contents
Fri Jan 20 13:44:56 2006 RRD: Failing file in graphSummary() is /var/db/ntop/rrd/interfaces/vr0/ipRemoteToRemoteBytes.rrd
Fri Jan 20 13:45:15 2006 **ERROR** RRD: rrd_graph() call failed, rc -1, can't make a graph without contents
Fri Jan 20 13:45:15 2006 RRD: Failing file in graphSummary() is /var/db/ntop/rrd/interfaces/vr0/ipRemoteToRemoteBytes.rrd
Fri Jan 20 13:47:18 2006 **ERROR** RRD: rrd_graph() call failed, rc -1, can't make a graph without contents
Fri Jan 20 13:47:18 2006 RRD: Failing file in graphSummary() is /var/db/ntop/rrd/interfaces/vr0/ipRemoteToRemoteBytes.rrd
Fri Jan 20 13:47:28 2006 **ERROR** Queue of address '???' failed, code -1 [addr queue=0/max=4]
Fri Jan 20 13:47:28 2006 ntop processing continues, address will not be resolved
Fri Jan 20 13:50:12 2006 **ERROR** Queue of address '???' failed, code -1 [addr queue=0/max=4]
Fri Jan 20 13:50:12 2006 ntop processing continues, address will not be resolved
Now What is the mistake that i have made in the init script?
this is my init script:
#!/bin/sh
#
# $FreeBSD: ports/net/ntop/files/ntop.sh.in,v 1.1 2005/12/12 07:03:16 lawrance Exp $
#
# PROVIDE: ntop
# REQUIRE: DAEMON
# KEYWORD: shutdown
#
# Add the following lines to /etc/rc.conf to enable ntop:
#
#ntop_enable="YES"
#
# See ntop(8) for flags
#
. /etc/rc.subr
name=ntop
rcvar=`set_rcvar`
command=/usr/local/bin/ntop
ntop_enable=${ntop_enable:-"NO"}
ntop_flags=${ntop_flags:-"-i 'vr0,vr1' -d --use-syslog=daemon"}
load_rc_config $name
run_rc_command "$1"
What should i do for solve this log messages?
Thanks in advance
Regards
Mario
Burton Strauss escribió:
>Current ntop is 3.2 - please use that version.
>-----Burton
>
>-----Original Message-----
>From: ntop-bounces at unipi.it [mailto:ntop-bounces at unipi.it] On Behalf Of
>Mario Beltran
>Sent: Thursday, January 19, 2006 5:29 PM
>To: ntop at Unipi.IT
>Subject: [Ntop] ntop crash suddenly
>
>Hello
>
>I have installed ntop v 3.1 on my box an i386 FreeBSD from ports
>
>This is my init script:
>
>#!/bin/sh
>
>#----------------------------------------------------------------------
># The following variables may be changed #
>
># Network interface(s) to be monitored;
># may be blank, or comma-separated list
>interfaces='vr0,vr1'
>
># User to run ntop as; leave blank for root #userid='nobody'
>userid='root'
>
># [IP:]port for serving HTTP; set to '0' to disable http_port='3000'
>
># [IP:]port for serving HTTPS; set to '0' to disable # The certificate is
>/usr/local/etc/ntop/ntop-cert.pem #https_port='3001'
>
># Directory for ntop.access.log
>logdir='/var/log'
>
># Specify any additional arguments here - see ntop(8) additional_args=''
>
>#
># End of user-configurable variables
>#----------------------------------------------------------------------
>#--set-pcap-nonblocking
>args='-d -L --skip-version-check'
>
>[ ! -z $interfaces ] && args="$args -i $interfaces"
>[ ! -z $http_port ] && args="$args -w $http_port"
>[ ! -z $https_port ] && args="$args -W $https_port"
>[ ! -z $logdir ] && args="$args -a ${logdir}/ntop.access.log"
>[ ! -z $userid ] && args="$args -u $userid"
>[ ! -z "$additional_args" ] && args="$args $additional_args"
>
>case "$1" in
>start)
> # is it the first time we run ntop
> [ ! -e /var/db/ntop/ntop_pw.db ] && {
> # just in case...
> [ ! -d /var/db/ntop ] && {
> echo "Reinstalling database directory"
> mkdir -p /var/db/ntop
> chown -R $userid:$userid /var/db/ntop
> }
> /usr/local/bin/ntop -u $userid -A || exit 1
> echo "Now we can start ntop!"
> }
> if [ -d $logdir ]; then
> touch ${logdir}/ntop.access.log
> chown $userid ${logdir}/ntop.access.log
> fi
> if [ -x /usr/local/bin/ntop ]; then
> /usr/local/bin/ntop $args > /dev/null 2>&1 &
> echo -n ' ntop'
> fi
> ;;
>stop)
> killall ntop > /dev/null 2>&1 && echo -n ' ntop'
> ;;
>*)
> echo "Usage: `basename $0` {start|stop}" >&2
> exit 64
> ;;
>esac
>
>exit 0
>
>
>
>And work fine for weeks, but yesterday ntop crash suddenly , this is my log:
>
>
>Jan 19 16:29:04 proxy ntop[61021]: ntop v.3.1 MT (SSL)
>Jan 19 16:29:04 proxy ntop[61021]: Configured on Dec 7 2005 19:30:06,
>built on Dec 7 2005 19:30:52.
>Jan 19 16:29:04 proxy ntop[61021]: Copyright 1998-2004 by Luca Deri
><deri at ntop.org>
>Jan 19 16:29:04 proxy ntop[61021]: Get the freshest ntop from
>http://www.ntop.org/
>Jan 19 16:29:04 proxy ntop[61021]: Initializing ntop
>Jan 19 16:29:04 proxy kernel: vr0: promiscuous mode enabled
>Jan 19 16:29:04 proxy ntop[61021]: Checking vr0 for additional devices
>Jan 19 16:29:04 proxy ntop[61021]: Resetting traffic statistics for
>device vr0
>Jan 19 16:29:04 proxy ntop[61021]: DLT: Device 0 [vr0] is 1, mtu 1514,
>header 14
>Jan 19 16:29:04 proxy kernel: vr1: promiscuous mode enabled
>Jan 19 16:29:04 proxy ntop[61021]: Checking vr1 for additional devices
>Jan 19 16:29:04 proxy ntop[61021]: Resetting traffic statistics for
>device vr1
>Jan 19 16:29:04 proxy ntop[61021]: DLT: Device 1 [vr1] is 1, mtu 1514,
>header 14
>Jan 19 16:29:04 proxy ntop[61021]: Initializing gdbm databases
>Jan 19 16:29:04 proxy ntop[61021]: VENDOR: Loading MAC address table.
>Jan 19 16:29:04 proxy ntop[61021]: VENDOR: Checking for MAC address
>table file
>Jan 19 16:29:04 proxy ntop[61021]: VENDOR: File
>'/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded
>Jan 19 16:29:04 proxy ntop[61021]: VENDOR: ntop continues ok
>Jan 19 16:29:04 proxy ntop[61021]: VENDOR: Checking for MAC address
>table file
>Jan 19 16:29:04 proxy ntop[61021]: VENDOR: File
>'/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded
>Jan 19 16:29:04 proxy ntop[61021]: VENDOR: ntop continues ok
>Jan 19 16:29:04 proxy ntop[61021]: Fingeprint: Loading signature file.
>Jan 19 16:29:04 proxy ntop[61021]: Fingeprint: ...loaded 1697 records
>Jan 19 16:29:04 proxy ntop[61021]: INIT: Parent process is exiting
>(this is normal)
>Jan 19 16:29:04 proxy ntop[61022]: INIT: Bye bye: I'm becoming a daemon...
>Jan 19 16:29:04 proxy ntop[61022]: Now running as a daemon
>Jan 19 16:29:04 proxy ntop[61022]: ASN: Checking for Autonomous System
>Number table file
>Jan 19 16:29:04 proxy ntop[61022]: **WARNING** ASN: Unable to open
>file 'AS-list.txt'
>Jan 19 16:29:04 proxy ntop[61022]: I18N: Default language (from ntop
>host) is 'C'
>Jan 19 16:29:04 proxy ntop[61022]: I18N: This instance of ntop
>supports 0 additional language(s)
>Jan 19 16:29:04 proxy ntop[61022]: IP2CC: Checking for IP address <->
>Country Code mapping file
>Jan 19 16:29:04 proxy ntop[61022]: IP2CC: Loading file
>'/usr/local/etc/ntop/p2c.opt.table.gz'
>Jan 19 16:29:04 proxy ntop[61022]: IP2CC: ...found 52395 lines
>Jan 19 16:29:04 proxy ntop[61022]: GDVERCHK: Guessing at libgd version
>Jan 19 16:29:04 proxy ntop[61022]: GDVERCHK: ... as 2.0.21+
>Jan 19 16:29:04 proxy ntop[61022]: Initializing external applications
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Started thread
>(134613504) for network packet analyser
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Started thread
>(134614016) for fingerprinting
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Started thread
>(134614528) for idle hosts detection
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Started thread
>(138002432) for DNS address resolution
>Jan 19 16:29:04 proxy ntop[61022]: Calling plugin start functions (if any)
>Jan 19 16:29:04 proxy ntop[61022]: SSL is present but https is
>disabled: use -W <https port> for enabling it
>Jan 19 16:29:04 proxy ntop[61022]: INITWEB: Initializing web server
>Jan 19 16:29:04 proxy ntop[61022]: INITWEB: Initializing tcp/ip socket
>connections for web server
>Jan 19 16:29:04 proxy ntop[61022]: INITWEB: Initialized socket, port
>3000, address (any)
>Jan 19 16:29:04 proxy ntop[61022]: INITWEB: Waiting for HTTP
>connections on port 3000
>Jan 19 16:29:04 proxy ntop[61022]: INITWEB: Starting web server
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Started thread
>(138002944) for web server
>Jan 19 16:29:04 proxy ntop[61022]: Listening on [vr0,vr1]
>Jan 19 16:29:04 proxy ntop[61022]: Loading Plugins
>Jan 19 16:29:04 proxy ntop[61022]: Searching for plugins in
>/usr/local/lib/ntop/plugins
>Jan 19 16:29:04 proxy ntop[61022]: ICMP: Welcome to icmpWatchPlugin.
>(C) 1999-2004 by Luca Deri
>Jan 19 16:29:04 proxy ntop[61022]: LASTSEEN: Welcome to
>LastSeenWatchPlugin. (C) 1999 by Andrea Marangoni
>Jan 19 16:29:04 proxy ntop[61022]: NETFLOW: Welcome to NetFlow.(C)
>2002-04 by Luca Deri
>Jan 19 16:29:04 proxy ntop[61022]: PDA: Welcome to PDAPlugin. (C)
>2001-2004 by L.Deri and W.Brock
>Jan 19 16:29:04 proxy ntop[61022]: RRD: Welcome to rrdPlugin. (C)
>2002-04 by Luca Deri.
>Jan 19 16:29:04 proxy ntop[61022]: SNMP: Welcome to snmpPlugin. (C)
>2004 by F.Fusco and G.Giardina
>Jan 19 16:29:04 proxy ntop[61022]: SFLOW: Welcome to sFlow.(C) 2002-04
>by Luca Deri
>Jan 19 16:29:04 proxy ntop[61022]: XML: Welcome to xmldump plugin. (C)
>2003-2004 by Burton Strauss
>Jan 19 16:29:04 proxy ntop[61022]: Calling plugin start functions (if any)
>Jan 19 16:29:04 proxy ntop[61022]: Now running as requested user
>'root' (0:0)
>Jan 19 16:29:04 proxy ntop[61022]: INIT: Created pid file
>(/var/run/ntop.pid)
>Jan 19 16:29:04 proxy ntop[61022]: Note: Reporting device initally set
>to 0 [vr0] (merged)
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Started thread
>(138003968) for network packet sniffing on vr0
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Started thread
>(138004480) for network packet sniffing on vr1
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Packet processor thread
>running...
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Fingerprint scan thread
>running...
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Idle host scan thread
>running...
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: Address resolution
>thread running...
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: web connections thread
>(61022) started...
>Jan 19 16:29:04 proxy ntop[61022]: Note: SIGPIPE handler set (ignore)
>Jan 19 16:29:04 proxy ntop[61022]: WEB: ntop's web server is now
>processing requests
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: pcapDispatch(vr0)
>thread running...
>Jan 19 16:29:04 proxy ntop[61022]: THREADMGMT: pcapDispatch(vr1)
>thread running...
>Jan 19 16:30:54 proxy kernel: pid 61022 (ntop), uid 0: exited on signal
>11 (core dumped)
>Jan 19 16:30:54 proxy kernel: vr0: promiscuous mode disabled Jan 19 16:30:54
>proxy kernel: vr1: promiscuous mode disabled Jan 19 16:31:15 proxy kernel:
>vr0: promiscuous mode enabled
>Jan 19 16:31:15 proxy ntop[61193]: ntop v.3.1 MT (SSL)
>Jan 19 16:31:15 proxy ntop[61193]: Configured on Dec 7 2005 19:30:06,
>built on Dec 7 2005 19:30:52.
>Jan 19 16:31:15 proxy ntop[61193]: Copyright 1998-2004 by Luca Deri
><deri at ntop.org>
>Jan 19 16:31:15 proxy ntop[61193]: Get the freshest ntop from
>http://www.ntop.org/
>Jan 19 16:31:15 proxy ntop[61193]: Initializing ntop
>Jan 19 16:31:15 proxy kernel: vr1: promiscuous mode enabled
>Jan 19 16:31:15 proxy ntop[61193]: Checking vr0 for additional devices
>Jan 19 16:31:15 proxy ntop[61193]: Resetting traffic statistics for
>device vr0
>Jan 19 16:31:15 proxy ntop[61193]: DLT: Device 0 [vr0] is 1, mtu 1514,
>header 14
>Jan 19 16:31:15 proxy ntop[61193]: Checking vr1 for additional devices
>Jan 19 16:31:15 proxy ntop[61193]: Resetting traffic statistics for
>device vr1
>Jan 19 16:31:15 proxy ntop[61193]: DLT: Device 1 [vr1] is 1, mtu 1514,
>header 14
>Jan 19 16:31:15 proxy ntop[61193]: Initializing gdbm databases
>Jan 19 16:31:15 proxy ntop[61193]: VENDOR: Loading MAC address table.
>Jan 19 16:31:15 proxy ntop[61193]: VENDOR: Checking for MAC address
>table file
>Jan 19 16:31:15 proxy ntop[61193]: VENDOR: File
>'/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded
>Jan 19 16:31:15 proxy ntop[61193]: VENDOR: ntop continues ok
>Jan 19 16:31:15 proxy ntop[61193]: VENDOR: Checking for MAC address
>table file
>Jan 19 16:31:15 proxy ntop[61193]: VENDOR: File
>'/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded
>Jan 19 16:31:15 proxy ntop[61193]: VENDOR: ntop continues ok
>Jan 19 16:31:15 proxy ntop[61193]: Fingeprint: Loading signature file.
>Jan 19 16:31:15 proxy ntop[61193]: Fingeprint: ...loaded 1697 records
>Jan 19 16:31:15 proxy ntop[61193]: INIT: Parent process is exiting
>(this is normal)
>Jan 19 16:31:15 proxy ntop[61194]: INIT: Bye bye: I'm becoming a daemon...
>Jan 19 16:31:15 proxy ntop[61194]: Now running as a daemon
>Jan 19 16:31:15 proxy ntop[61194]: ASN: Checking for Autonomous System
>Number table file
>Jan 19 16:31:15 proxy ntop[61194]: **WARNING** ASN: Unable to open
>file 'AS-list.txt'
>Jan 19 16:31:15 proxy ntop[61194]: I18N: Default language (from ntop
>host) is 'C'
>Jan 19 16:31:15 proxy ntop[61194]: I18N: This instance of ntop
>supports 0 additional language(s)
>Jan 19 16:31:15 proxy ntop[61194]: IP2CC: Checking for IP address <->
>Country Code mapping file
>Jan 19 16:31:15 proxy ntop[61194]: IP2CC: Loading file
>'/usr/local/etc/ntop/p2c.opt.table.gz'
>Jan 19 16:31:15 proxy ntop[61194]: IP2CC: ...found 52395 lines
>Jan 19 16:31:15 proxy ntop[61194]: GDVERCHK: Guessing at libgd version
>Jan 19 16:31:15 proxy ntop[61194]: GDVERCHK: ... as 2.0.21+
>Jan 19 16:31:15 proxy ntop[61194]: Initializing external applications
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Started thread
>(134613504) for network packet analyser
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Started thread
>(134614016) for fingerprinting
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Started thread
>(134614528) for idle hosts detection
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Started thread
>(138002432) for DNS address resolution
>Jan 19 16:31:15 proxy ntop[61194]: Calling plugin start functions (if any)
>Jan 19 16:31:15 proxy ntop[61194]: SSL is present but https is
>disabled: use -W <https port> for enabling it
>Jan 19 16:31:15 proxy ntop[61194]: INITWEB: Initializing web server
>Jan 19 16:31:15 proxy ntop[61194]: INITWEB: Initializing tcp/ip socket
>connections for web server
>Jan 19 16:31:15 proxy ntop[61194]: INITWEB: Initialized socket, port
>3000, address (any)
>Jan 19 16:31:15 proxy ntop[61194]: INITWEB: Waiting for HTTP
>connections on port 3000
>Jan 19 16:31:15 proxy ntop[61194]: INITWEB: Starting web server
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Started thread
>(138002944) for web server
>Jan 19 16:31:15 proxy ntop[61194]: Listening on [vr0,vr1]
>Jan 19 16:31:15 proxy ntop[61194]: Loading Plugins
>Jan 19 16:31:15 proxy ntop[61194]: Searching for plugins in
>/usr/local/lib/ntop/plugins
>Jan 19 16:31:15 proxy ntop[61194]: ICMP: Welcome to icmpWatchPlugin.
>(C) 1999-2004 by Luca Deri
>Jan 19 16:31:15 proxy ntop[61194]: LASTSEEN: Welcome to
>LastSeenWatchPlugin. (C) 1999 by Andrea Marangoni
>Jan 19 16:31:15 proxy ntop[61194]: NETFLOW: Welcome to NetFlow.(C)
>2002-04 by Luca Deri
>Jan 19 16:31:15 proxy ntop[61194]: PDA: Welcome to PDAPlugin. (C)
>2001-2004 by L.Deri and W.Brock
>Jan 19 16:31:15 proxy ntop[61194]: RRD: Welcome to rrdPlugin. (C)
>2002-04 by Luca Deri.
>Jan 19 16:31:15 proxy ntop[61194]: SNMP: Welcome to snmpPlugin. (C)
>2004 by F.Fusco and G.Giardina
>Jan 19 16:31:15 proxy ntop[61194]: SFLOW: Welcome to sFlow.(C) 2002-04
>by Luca Deri
>Jan 19 16:31:15 proxy ntop[61194]: XML: Welcome to xmldump plugin. (C)
>2003-2004 by Burton Strauss
>Jan 19 16:31:15 proxy ntop[61194]: Calling plugin start functions (if any)
>Jan 19 16:31:15 proxy ntop[61194]: Now running as requested user
>'root' (0:0)
>Jan 19 16:31:15 proxy ntop[61194]: INIT: Created pid file
>(/var/run/ntop.pid)
>Jan 19 16:31:15 proxy ntop[61194]: Note: Reporting device initally set
>to 0 [vr0] (merged)
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Started thread
>(138003968) for network packet sniffing on vr0
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Started thread
>(138004480) for network packet sniffing on vr1
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Packet processor thread
>running...
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Fingerprint scan thread
>running...
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Idle host scan thread
>running...
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: Address resolution
>thread running...
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: web connections thread
>(61194) started...
>Jan 19 16:31:15 proxy ntop[61194]: Note: SIGPIPE handler set (ignore)
>Jan 19 16:31:15 proxy ntop[61194]: WEB: ntop's web server is now
>processing requests
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: pcapDispatch(vr0)
>thread running...
>Jan 19 16:31:15 proxy ntop[61194]: THREADMGMT: pcapDispatch(vr1)
>thread running...
>Jan 19 16:35:55 proxy kernel: pid 61194 (ntop), uid 0: exited on signal
>11 (core dumped)
>Jan 19 16:35:55 proxy kernel: vr0: promiscuous mode disabled Jan 19 16:35:55
>proxy kernel: vr1: promiscuous mode disabled
>
>
>What should I do for solve this problem?
>
>Thanks in advance
>
>Best regards.
>
>Mario
>_______________________________________________
>Ntop mailing list
>Ntop at unipi.it
>http://listgateway.unipi.it/mailman/listinfo/ntop
>
>_______________________________________________
>Ntop mailing list
>Ntop at unipi.it
>http://listgateway.unipi.it/mailman/listinfo/ntop
>
>
>
More information about the Ntop
mailing list