No problem. Will try get it to you as soon as I can. In the meantime, you could maybe update the troubleshooting guide with a few things:
Error: "Floating Point Exception" when running "revert" under Debian Solution: Compile revert from source The "compile_revert_linux.sh" file I used looked like this: --- file ---- #!/bin/sh export VIX_INCLUDE="/usr/include/vmware-vix/" export VIX_LIB="/usr/lib/" echo $VIX_INCLUDE echo $VIX_LIB gcc -I $VIX_INCLUDE -o revert revert.c $VIX_LIB/libvmware-vix.so --- file ---- Error: "VIX Error on reverting to snapshot: The system returned an error. Communication with the virtual machine may have been interrupted" Cause: Broken or missing snapshot Solution: Recreate the snapshot Cheers On Fri, May 9, 2008 at 6:18 PM, Christian Seifert < [EMAIL PROTECTED]> wrote: > Jeremy, an install guide for Debian would be awesome. I can place it on the > Capture web site... > Christian > > > On Fri, May 9, 2008 at 9:04 AM, Joema404 <[EMAIL PROTECTED]> wrote: > >> Hi Christian, >> >> Found the issue. Seems my snapshot went for a walk and thats why it wasnt >> working :( >> >> Thanks for taking the time to reply though. >> >> Do you perhaps want installation howto's for different host OS's? >> If so, I may have some time to write up a Debian install guide. >> >> Thanks again >> >> Cheers >> On Fri, May 9, 2008 at 5:18 PM, Christian Seifert < >> [EMAIL PROTECTED]> wrote: >> >>> Jeremy, the state of the VM (as long as a snapshot does exist) should not >>> matter. >>> >>> One configuration option that is incorrct in your setup is the >>> client-path. It needs to be Progra~1 instead of Program Files. Although, I >>> dont think this matters as the error msg would be different. >>> >>> Sometimes, VMware is in a state in which a revert is not possible, so a >>> restart of the VMware service sometimes clears up issues. >>> >>> Let me know how it goes. >>> Christian >>> >>> On Fri, May 9, 2008 at 6:31 AM, Jeremy Du Bruyn <[EMAIL PROTECTED]> >>> wrote: >>> >>>> Hi all, >>>> >>>> My Setup: >>>> >>>> System specs: >>>> OS: Debian (etch) >>>> VMWare: VMware Server 1.0.4 build-56528 >>>> Capture Server: capture-server-2.1.0-300 >>>> >>>> Revert was rebuilt from source as I recieved a "Floating Point >>>> Exception" when executing the packaged one. >>>> >>>> Command used to invoke capture-server: >>>> >>>> java -Djava.net.preferIPv4Stack=true -jar >>>> /home/<user>/capture-server-2.1.0-300/CaptureServer.jar -s >>>> 192.168.1.80:7070 -f input_urls_example.txt >>>> >>>> Error received: >>>> >>>> Option added: server-listen-port => 7070 >>>> Option added: server-listen-address => 192.168.1.80 >>>> Option added: input_urls => input_urls_example.txt >>>> CaptureServer: Listening for connections >>>> Validating config.xml ... >>>> config.xml successfully validated >>>> Option added: capture-network-packets-benign => false >>>> Option added: capture-network-packets-malicious => false >>>> Option added: client-default-visit-time => 10 >>>> Option added: collect-modified-files => false >>>> Option added: p_m => 0.019 >>>> Option added: send-exclusion-lists => false >>>> ExclusionList: file - FileMonitor.exl: File not found >>>> ExclusionList: process - ProcessMonitor.exl: File not found >>>> ExclusionList: registry - RegistryMonitor.exl: File not found >>>> [192.168.1.80:902] VM added >>>> [May 9, 2008 3:10:53 PM-192.168.1.80:902-23764290] VMSetState: >>>> WAITING_TO_BE_REVERTED >>>> [May 9, 2008 3:10:53 PM-192.168.1.80:902-23764290] VMSetState: REVERTING >>>> VIX Error on reverting to snapshot: The system returned an error. >>>> Communication with the virtual machine may have been interrupted >>>> E Disconnected >>>> [May 9, 2008 3:10:55 PM 192.168.1.80:902-23764290] VMware error 255 >>>> [May 9, 2008 3:10:55 PM-192.168.1.80:902-23764290] VMSetState: ERROR >>>> >>>> AND >>>> >>>> ./revert 192.168.1.80 <username> <password> >>>> "/var/lib/vmware/VirtualMachines/XPProSP2-1/Windows XP Professional.vmx" >>>> "Administrator" "<password>" "cmd.exe" "/K C:\program >>>> files\capture\captureclient.bat -s 192.168.1.80 -p 7070 -a 1 -b 2" >>>> VIX Error on reverting to snapshot: The system returned an error. >>>> Communication with the virtual machine may have been interrupted >>>> E Disconnected >>>> >>>> *** username and password replaced by <username> and <password> >>>> repsectively, obviously :) *** >>>> >>>> A tcpdump shows traffic between the vmware-authd service and >>>> capture-server/revert: >>>> >>>> ---snip --- >>>> >>>> 15:10:19.596533 IP 192.168.1.80.60050 > 192.168.1.80.vmware-authd: S >>>> 3987959762:3987959762(0) win 32792 <mss 16396,sackOK,timestamp 123508 >>>> 0,nop,wscale 7> >>>> 15:10:19.630124 IP 192.168.1.80.vmware-authd > 192.168.1.80.60050: S >>>> 3994695723:3994695723(0) ack 3987959763 win 32768 <mss >>>> 16396,sackOK,timestamp 123508 123508,nop,wscale 7> >>>> 15:10:19.630160 IP 192.168.1.80.60050 > 192.168.1.80.vmware-authd: . ack >>>> 1 win 257 <nop,nop,timestamp 123508 123508> >>>> 15:10:19.601887 IP 192.168.1.80.vmware-authd > 192.168.1.80.60050: P >>>> 1:87(86) ack 1 win 256 <nop,nop,timestamp 123509 123508> >>>> 15:10:19.601935 IP 192.168.1.80.60050 > 192.168.1.80.vmware-authd: . ack >>>> 87 win 257 <nop,nop,timestamp 123509 123509> >>>> --- snip --- >>>> >>>> I am able to connect to the captures-server, via the vmware-console, >>>> both from localhost and remotely using the info in config.xml: >>>> >>>> --- snip --- >>>> >>>> <exclusion-list monitor="file" file="FileMonitor.exl" /> >>>> <exclusion-list monitor="process" file="ProcessMonitor.exl" /> >>>> <exclusion-list monitor="registry" file="RegistryMonitor.exl" /> >>>> >>>> <virtual-machine-server type="vmware-server" address=" >>>> 192.168.1.80" port="902" >>>> username="<user>" password="<password>"> >>>> <virtual-machine >>>> vm-path="/var/lib/vmware/VirtualMachines/XPProSP2-1/Windows XP >>>> Professional.vmx" >>>> client-path="C:\Program >>>> Files\Capture\CaptureClient.bat" >>>> username="<user>" >>>> password="<password>"/> >>>> -- snip --- >>>> >>>> *** username and password replaced by <username> and <password> >>>> repsectively, obviously :) *** >>>> >>>> Must the Guest OS be in an specifc state (on, suspended, off)? >>>> >>>> Any ideas or suggestions? >>>> >>>> Thanks in advance >>>> >>>> _______________________________________________ >>>> Capture-HPC mailing list >>>> Capture-HPC@public.honeynet.org >>>> https://public.honeynet.org/mailman/listinfo/capture-hpc >>>> >>>> >>> >>> >>> -- >>> ---- >>> Web: http://www.mcs.vuw.ac.nz/~cseifert >>> >>> PGP key >>> http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt >>> Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 >>> BAEF >>> _______________________________________________ >>> Capture-HPC mailing list >>> Capture-HPC@public.honeynet.org >>> https://public.honeynet.org/mailman/listinfo/capture-hpc >>> >>> >> >> _______________________________________________ >> Capture-HPC mailing list >> Capture-HPC@public.honeynet.org >> https://public.honeynet.org/mailman/listinfo/capture-hpc >> >> > > > -- > ---- > Web: http://www.mcs.vuw.ac.nz/~cseifert > > PGP key > http://www.mcs.vuw.ac.nz/~cseifert/pgpkey.txt > Primary key fingerprint: E979 0D9A 9187 D821 F86F B712 C8DB 0583 B046 BAEF > > _______________________________________________ > Capture-HPC mailing list > Capture-HPC@public.honeynet.org > https://public.honeynet.org/mailman/listinfo/capture-hpc > >
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
