Thank You, I think this may not be part of my symptom. I have a long BPF string. It looks as though the first part of the string is not being enforced. If I use a shorter string it is. I thought the error may indicate the issue.
Is there a limitation to the length of a BPF filter? Is there a way to put it in a file? Matthew... From: [email protected] [mailto:[email protected]] On Behalf Of Burton Strauss III Sent: Monday, August 27, 2012 7:34 PM To: [email protected] Subject: Re: [Ntop] Filter String Limitation LEN_GENERAL_WORK_BUFFER is the buffer length len is the offset (the amount of the buffer already used) There should be a statement a little above that defines the buffer. You need to update that length and the references to it. Or you can just ignore it - the point of the safe_snprintf is that it won't overflow - you just lose the end of the output. ----Burton From: [email protected] [mailto:[email protected]] On Behalf Of Cabeza de Baca, Matthew Sent: Monday, August 27, 2012 10:10 AM To: '[email protected]' Subject: Re: [Ntop] Filter String Limitation Thank You. I don't see where to make the change... I am not a programmer but will make the change you suggest. I appreciate your help. 1429 if ((myGlobals.runningPref.currentFilterExpression != NULL) && 1430 (*myGlobals.runningPref.currentFilterExpression != '\0')) { 1431 safe_snprintf(__FILE__, __LINE__, &buf[len], LEN_GENERAL_WORK_BUFFER-len, 1432 "with kernel (libpcap) filtering expression </b>\"%s\"<br>\n", 1433 myGlobals.runningPref.currentFilterExpression); From: [email protected]<mailto:[email protected]> [mailto:[email protected]]<mailto:[mailto:[email protected]]> On Behalf Of Burton Strauss III Sent: Friday, August 24, 2012 3:49 PM To: [email protected]<mailto:[email protected]> Subject: Re: [Ntop] Filter String Limitation Pull down the source. Go to that line of the file (httpd.c line 1431) Increase the size of the buffer Recompile -----Burton From: [email protected]<mailto:[email protected]> [mailto:[email protected]]<mailto:[mailto:[email protected]]> On Behalf Of Cabeza de Baca, Matthew Sent: Friday, August 24, 2012 3:11 PM To: '[email protected]'; '[email protected]' Subject: [Ntop] Filter String Limitation Hello all. I am using NTOP and have a very long filter expression using the -B in an ntop.conf. Is there a limitation to this string? I am noticing in the logs: [util.c:3403] **ERROR** Buffer too short @ httpd.c:1431 (increase to at least 1318) [with kernel (libpcap) filtering expression </b> If so is there a workaround? Thank You. Matthew ________________________________ This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy the message. ________________________________ Think Green! Please do not print this e-mail unless you need to. Thank you. ________________________________ This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy the message. ________________________________ This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential or privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy the message.
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
