First off, apologies for sending last email directly to you - not my
intention.
So I took your advice (why wouldn't I) regarding disabling daemon mode
in the config file. Unfortunately, still having problems. Here's the
latest:
(gdb) set args -u root -i eth0 @/etc/ntop.conf -K
(gdb) r
Starting program: /usr/local/bin/ntop -u root -i eth0 @/etc/ntop.conf -K
[Thread debugging using libthread_db enabled]
[New Thread -1208764736 (LWP 18351)]
Processing file /etc/ntop.conf for parameters...
Wed Dec 7 12:45:21 2005 NOTE: Interface merge enabled by default
Wed Dec 7 12:45:21 2005 Initializing gdbm databases
Wed Dec 7 12:45:21 2005 **ERROR** ....open of
/usr/share/ntop/prefsCache.db failed: File open error
Wed Dec 7 12:45:21 2005 Possible solution: please use '-P <directory>'
Wed Dec 7 12:45:21 2005 **FATAL_ERROR** GDBM open failed, ntop
shutting down...
Program received signal SIGINT, Interrupt.
[Switching to Thread -1208764736 (LWP 18351)]
0x002d07a2 in _dl_sysinfo_int80 () from /lib/ld-linux.so.2
---------
Here's the contents of the directory in question:
-={$:~}=-ls -al /usr/share/ntop/
total 3488
drwxr-xr-x 5 ntop ntop 4096 Dec 7 08:13 ./
drwxr-xr-x 234 root root 12288 Dec 6 09:03 ../
-rw-r--r-- 1 root root 225300 Dec 7 12:37 addressQueue.db
-rw-r--r-- 1 root root 2015232 Dec 7 12:37 dnsCache.db
-rw-r--r-- 1 root root 237568 Dec 7 08:13 fingerprint.db
drwxr-xr-x 3 root root 4096 Dec 5 08:34 html/
-rw-rw-r-- 1 root root 12288 Dec 7 08:13 LsWatch.db
-rw-r--r-- 1 root root 1110238 Dec 7 08:13 macPrefix.db
-rw------- 1 ntop ntop 6 Dec 7 08:13 ntop.pid
-rw-r--r-- 1 root root 12546 Dec 7 08:07 ntop_pw.db
drwxr-xr-x 2 root root 4096 Dec 7 08:06 olddb/
-rw-r--r-- 1 root root 13326 Dec 7 08:21 prefsCache.db
drwxr-xr-x 5 ntop ntop 4096 Dec 4 19:45 rrd/
As a test I tried moving the old db files to ./olddb and relaunching via
debugger to allow them to be recreated (in case there is a corruption).
Unfortunately, while run in debugger I was unable to view in browser.
The port responds, but no love from the browser. I then removed the
newly created db files again and launched again in daemon mode - NTOP
worked fine for awhile. I let it run and checked back a couple hours
later to find the following:
1. Accumulated view now just shows (x GlobalipProtocol distribution
chart) where image should be.
2. Historical view now just shows x where image should be.
These are the same symptoms as before. The next time I refreshed the
browser NTOP crashed. I suspect something is causing one of these db
files to get corrupted after a certain amount of data is collected...
but then again I really don't know what I'm talking about here which is
why I defer to you.
Let me know if you recommend any other steps for troubleshooting this
issue. Thank you very much for all your help thus far.
Todd Michael Bushnell, CISSP | Information Security Manager
DemandTec, Inc. | 1 Circle Star Way, Suite 200 | San Carlos, CA 94070
tel | +1.650.226.4708 cell | +1.415.271.3771 fax | +1.650.556.1190
www.demandtec.com
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of [EMAIL PROTECTED]
Sent: Wednesday, December 07, 2005 3:00 AM
To: [email protected]
Subject: Ntop-dev Digest, Vol 19, Issue 5
Send Ntop-dev mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Ntop-dev digest..."
Today's Topics:
1. RE: ntop-3.2-0.fc2 crashes (Burton Strauss)
----------------------------------------------------------------------
Message: 1
Date: Tue, 6 Dec 2005 12:34:56 -0600
From: "Burton Strauss" <[EMAIL PROTECTED]>
Subject: RE: [Ntop-dev] ntop-3.2-0.fc2 crashes
To: <[email protected]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
Please use the list, unless you are looking for fee-based support (which
I'm
happy to provide, btw).
gdb is a wonderful pit of arcana... you are right about run.
As you have done, you can try using ntop's -K switch ... that disables
the
fork() calls and other stuff, which is enough of a change that you don't
always see the same problems.
You can try adding the gdb parameter 'set follow-fork-mode child' before
the
run, e.g.:
gdb /usr/local/bin/ntop
...
(gdb) set args -u root -i eth0 @/etc/ntop.conf -K
(gdb) set follow-fork-mode child
(gdb) r
That should follow ntop through it's daemonizing process. Usually I
just
remove the daemonizing switch from the .conf file, however.
Inside gdb, you may also see it break on SIGPIPE ... that's something
that
just happens and can't be worked around, so if you see it, just type
cont
(continue) and it will continue... The bomb you are looking for is
probably
a SIGSEGV.
-----Burton
_____
From: Todd Bushnell [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 06, 2005 11:54 AM
To: [EMAIL PROTECTED]
Subject: RE: [Ntop-dev] ntop-3.2-0.fc2 crashes
Thanks for the guidance - sorry for not RTFM :-\
Forgive my gdb ignorance, but when I try running ntop via gdb using the
faq
instructions I'm unable to launch the browser (which I can do one time
(before crashing) when I run ntop regularly). I then assumed that it
was
implied that we need to do a "run" in gdb after setting the arguments.
When
I try this I get the following:
[EMAIL PROTECTED] pts -={09:40/06-Dec-05}=-
<snip />
Tue Dec 6 09:45:52 2005 Initializing gdbm databases
Detaching after fork from child process 14763.
Program exited normally.
Am I doing something wrong?
Todd Michael Bushnell, CISSP | Information Security Manager
DemandTec, Inc. | 1 Circle Star Way, Suite 200 | San Carlos, CA 94070
tel | +1.650.226.4708 cell | +1.415.271.3771 fax | +1.650.556.1190
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://listgateway.unipi.it/pipermail/ntop-dev/attachments/20051206/12a3
7550/attachment-0001.htm
------------------------------
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
End of Ntop-dev Digest, Vol 19, Issue 5
***************************************
<html>
<body>
<span
style="font-size:8.0pt;font-family:Arial">---------------------------------------------------------------------------------------------------------------------------------------------</span>
<span style="font-size:8.0pt;font-family:Arial">DEMANDTEC EMAIL NOTICE:</span>
<p><span style="font-size:8.0pt;font-family:Arial">NOTICE: This email
transmission and all attached files contain information intended for the
designated individual or entity to whom it is addressed and may contain
information that is proprietary, privileged and/or exempt from disclosure under
applicable law. If you are not the intended recipient or an employee or agent
responsible for delivering this message to the intended recipient, you are
hereby notified that any dissemination, distribution, copying, or other use of
this email or its attachments is strictly prohibited. If you have received
this email in error, please notify the sender immediately by replying to this
message and please delete the original message without making any copies.</span>
<p><span style="font-size:8.0pt;font-family:Arial">WARNING: Computer viruses
can be transmitted via email. The recipient should check this email and any
attachments for the presence of viruses. Although we have taken reasonable
precautions to ensure that this email and all attachments are free from
viruses, we accept no liability for any loss or damage arising from the use of
this email or its attachments.</span>
</body>
</html>
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
