I have found the cause of our (and apparently others) problems with ntop¹s interface becoming unusable after running for more than a day or so. This is also the source of the ³warning: can't get client address: Bad file descriptor² message.
In http.c, if built with TCP Wrappers, this code: request_init(&req, RQ_DAEMON, CONST_DAEMONNAME, RQ_FILE, myGlobals.newSock, NULL); fromhost(&req); This initializes TCP Wrappers and then the logic follows to block or allow. If I comment out the fromhost(&req), both issues above disappear. I tried substituting &from for the myGlobals.newSock, thinking the request_init function was looking for the client address not the stream. But apparently &from didn¹t contain the client address or wasn¹t in the correct format or I didn¹t specify the location of sin_addr inside &from. I also looked into replacing those two lines with hosts_ctl(). So far nothing worked. Any suggestions? Frank Eargle II Information Security Analyst SC Computer Incident Response Team The Division of State Information Technology (DSIT) 4430 Broad River Rd Columbia, SC 29210 803-896-1650 SC-ISAC Response Center 803-896-0711 Direct Line http://sc-isac.sc.gov <blocked::http://sc-isac.sc.gov>
_______________________________________________ Ntop-dev mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
