Re: [Ntop] Running ntop3.0 on FreeBSD-5.2.1, memory size grow up very quickly

User Janting Wed, 21 Apr 2004 17:35:48 -0700

On Wed, Apr 21, 2004 at 11:04:13AM +0200, Luca Deri wrote:

Yes,I use ntop on a border gateway.Using -m and -g to identify and trace 
my local ip is helping to slow down memory size. Ntop run very well.


thank you very much.  

Janting  
                                
> Hi,
> I believe you're using ntop on a border gateway so it's behaving 
> normally the way you started. Consider using -m and -g flags: they will 
> help a lot.
> 
> Cheers, Luca
> 
> 
> User Janting wrote:
> 
> >Running ntop3.0 on FreeBSD-5.2.1
> >My network bandwith is about 8Mbps,I use top command to 
> >monitor ntop running.I discover that Memory size grow up
> >about 3M/sec.It is terrible.It use too much memory and CPU time.
> >ntop process die in twenty min.
> >
> >I use rrd to save data in database,but not improve much.
> >
> >Following is my parameter.
> >ntop-d -L --set-pcap-nonblocking -i fxp0 -w 3000 -W 0 -a 
> >/var/log/ntop.access.log -u nobody -P /var/db/ntop -n -o
> >
> >Following messages is /var/log/messages
> >
> >Apr 21 07:48:51 ntop ntop[63373]:   ntop v.3.0 SourceForge .tgz MT (SSL)
> >Apr 21 07:48:51 ntop ntop[63373]:   Configured on Apr 21 2004  3:33:40, 
> >built on Apr 21 2004 03:35:55.
> >Apr 21 07:48:51 ntop ntop[63373]:   Copyright 1998-2004 by Luca Deri 
> ><[EMAIL PROTECTED]>
> >Apr 21 07:48:51 ntop ntop[63373]:   Get the freshest ntop from 
> >http://www.ntop.org/
> >Apr 21 07:48:51 ntop ntop[63373]:   Initializing ntop
> >Apr 21 07:48:51 ntop kernel: fxp0: promiscuous mode enabled
> >Apr 21 07:48:51 ntop ntop[63373]:   Checking fxp0 for additional devices
> >Apr 21 07:48:51 ntop ntop[63373]:   Resetting traffic statistics for 
> >device fxp0
> >Apr 21 07:48:51 ntop ntop[63373]:   DLT: Device 0 [fxp0] is 1, mtu 1514, 
> >header 14
> >Apr 21 07:48:51 ntop ntop[63373]:   Initializing gdbm databases
> >Apr 21 07:48:51 ntop ntop[63373]:   Now running as requested user 'nobody' 
> >(65534:65534)
> >Apr 21 07:48:51 ntop ntop[63373]:   VENDOR: Loading MAC address table.
> >Apr 21 07:48:51 ntop ntop[63373]:   VENDOR: Checking for MAC address table 
> >file
> >Apr 21 07:48:51 ntop ntop[63373]:   VENDOR: File 
> >'/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded
> >Apr 21 07:48:51 ntop ntop[63373]:   VENDOR: ntop continues ok
> >Apr 21 07:48:51 ntop ntop[63373]:   VENDOR: Checking for MAC address table 
> >file
> >Apr 21 07:48:51 ntop ntop[63373]:   VENDOR: File 
> >'/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded
> >Apr 21 07:48:51 ntop ntop[63373]:   VENDOR: ntop continues ok
> >Apr 21 07:48:51 ntop ntop[63373]:   INIT: Parent process is exiting (this 
> >is normal)
> >Apr 21 07:48:51 ntop ntop[63374]:   INIT: Bye bye: I'm becoming a daemon...
> >Apr 21 07:48:51 ntop ntop[63374]:   Now running as a daemon
> >Apr 21 07:48:51 ntop ntop[63374]:   OSFP: Checking for OS fingerprint 
> >table file
> >Apr 21 07:48:51 ntop ntop[63374]:   OSFP: Loading file 
> >'/usr/local/etc/ntop/etter.passive.os.fp.gz'
> >Apr 21 07:48:51 ntop ntop[63374]:   ASN: Checking for Autonomous System 
> >Number table file
> >Apr 21 07:48:51 ntop ntop[63374]:   **WARNING** ASN: Unable to open file 
> >'AS-list.txt'
> >Apr 21 07:48:51 ntop ntop[63374]:   I18N: This instance of ntop does not 
> >support multiple languages
> >Apr 21 07:48:51 ntop ntop[63374]:   IP2CC: Checking for IP address <-> 
> >Country Code mapping file
> >Apr 21 07:48:51 ntop ntop[63374]:   IP2CC: Loading file 
> >'/usr/local/etc/ntop/p2c.opt.table.gz'
> >Apr 21 07:48:54 ntop ntop[63374]:   IP2CC: ...found 52395 lines
> >Apr 21 07:48:54 ntop ntop[63374]:   GDVERCHK: Guessing at libgd version
> >Apr 21 07:48:54 ntop ntop[63374]:   GDVERCHK: ... as 2.0.21+
> >Apr 21 07:48:54 ntop ntop[63374]:   Initializing external applications
> >Apr 21 07:48:54 ntop ntop[63374]:   Initializing semaphores, mutexes and 
> >threads
> >Apr 21 07:48:54 ntop ntop[63374]:   THREADMGMT: Started thread (134577152) 
> >for network packet analyser
> >Apr 21 07:48:54 ntop ntop[63374]:   THREADMGMT: Started thread (137126912) 
> >for fingerprinting
> >Apr 21 07:48:54 ntop ntop[63374]:   THREADMGMT: Started thread (137127936) 
> >for idle hosts detection
> >Apr 21 07:48:54 ntop ntop[63374]:   Calling plugin start functions (if any)
> >Apr 21 07:48:54 ntop ntop[63374]:   Sniffying...
> >Apr 21 07:48:54 ntop ntop[63374]:   INIT: Created pid file 
> >(/var/db/ntop/ntop.pid)
> >Apr 21 07:48:55 ntop ntop[63374]:   Listening on [fxp0]
> >Apr 21 07:48:55 ntop ntop[63374]:   Now running as requested user 'nobody' 
> >(65534:65534)
> >Apr 21 07:48:55 ntop ntop[63374]:   Loading Plugins
> >Apr 21 07:48:55 ntop ntop[63374]:   Searching for plugins in 
> >/usr/local/lib/ntop/plugins
> >Apr 21 07:48:55 ntop ntop[63374]:   ICMP: Welcome to icmpWatchPlugin. (C) 
> >1999-2004 by Luca Deri
> >Apr 21 07:48:55 ntop ntop[63374]:   LASTSEEN: Welcome to 
> >LastSeenWatchPlugin. (C) 1999 by Andrea Marangoni
> >Apr 21 07:48:55 ntop ntop[63374]:   NETFLOW: Welcome to NetFlow.(C) 
> >2002-04 by Luca Deri
> >Apr 21 07:48:55 ntop ntop[63374]:   NFS: Welcome to nfsWatchPlugin. (C) 
> >1999-2004 by Luca Deri
> >Apr 21 07:48:55 ntop ntop[63374]:   PDA: Welcome to PDAPlugin. (C) 
> >2001-2004 by L.Deri and W.Brock
> >Apr 21 07:48:55 ntop ntop[63374]:   SFLOW: Welcome to sFlowPlugin. (C) 
> >2002-04 by Luca Deri
> >Apr 21 07:48:55 ntop ntop[63374]:   RRD: Welcome to rrdPlugin. (C) 2002-04 
> >by Luca Deri.
> >Apr 21 07:48:55 ntop ntop[63374]:   XML: Welcome to xmldump plugin. (C) 
> >2003-2004 by Burton Strauss
> >Apr 21 07:48:55 ntop ntop[63374]:   Calling plugin start functions (if any)
> >Apr 21 07:48:55 ntop ntop[63374]:   RRD: Welcome to the RRD plugin
> >Apr 21 07:48:55 ntop ntop[63374]:   RRD: Mask for new directories is 0700
> >Apr 21 07:48:55 ntop ntop[63374]:   RRD: Mask for new files is 0066
> >Apr 21 07:48:55 ntop ntop[63374]:   RRD: Started thread (137183232) for 
> >data collection.
> >Apr 21 07:48:55 ntop ntop[63374]:   NETFLOW: White list initialized to ''
> >Apr 21 07:48:55 ntop ntop[63374]:   NETFLOW: Black list initialized to ''
> >Apr 21 07:48:55 ntop ntop[63374]:   NETFLOW: Unable to create a socket - 
> >returned 0, error is 'Unknown error: 0'(22)
> >Apr 21 07:48:55 ntop ntop[63374]:   SSL is present but https is disabled: 
> >use -W <https port> for enabling it
> >Apr 21 07:48:55 ntop ntop[63374]:   Note: Reporting device initally set to 
> >0 [fxp0] (merged)
> >Apr 21 07:48:55 ntop ntop[63374]:   INITWEB: Initializing web server
> >Apr 21 07:48:55 ntop ntop[63374]:   INITWEB: Initializing tcp/ip socket 
> >connections for web server
> >Apr 21 07:48:55 ntop ntop[63374]:   INITWEB: Initialized socket, port 
> >3000, address (any)
> >Apr 21 07:48:55 ntop ntop[63374]:   INITWEB: Waiting for HTTP connections 
> >on port 3000
> >Apr 21 07:48:55 ntop ntop[63374]:   INITWEB: Starting web server
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: Started thread (137184256) 
> >for web server
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: Started thread (137185280) 
> >for network packet sniffing on fxp0
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: Packet processor thread 
> >running...
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: Fingerprint scan thread 
> >running...
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: Idle host scan thread 
> >running...
> >Apr 21 07:48:55 ntop ntop[63374]:   CHKVER: Checking current ntop version 
> >at version.ntop.org/version.xml
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: rrd thread (137183232) 
> >started
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: web connections thread 
> >(63374) started...
> >Apr 21 07:48:55 ntop ntop[63374]:   Note: SIGPIPE handler set (ignore)
> >Apr 21 07:48:55 ntop ntop[63374]:   WEB: ntop's web server is now 
> >processing requests
> >Apr 21 07:48:55 ntop ntop[63374]:   THREADMGMT: pcap dispatch thread 
> >running...
> >Apr 21 07:48:56 ntop ntop[63374]:   CHKVER: Version file is from 
> >'version.ntop.org'
> >Apr 21 07:48:56 ntop ntop[63374]:   CHKVER: as of date is 
> >'2004-03-22T04:30:00'
> >Apr 21 07:48:56 ntop ntop[63374]:   CHKVER: This version of ntop is the 
> >CURRENT stable version
> >
> >
> >This is my rrd database in /var/db/ntop/rrd/interface/xxx0
> >
> >body   nobody      35292 Apr 21 07:07 IGMP.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 20 22:47 
> >IP_DHCP-BOOTPBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 IP_DNSBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:07 IP_FTPBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 
> >IP_GnutellaBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 IP_HTTPBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 IP_KazaaBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 IP_MailBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 
> >IP_MessengerBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 
> >IP_NBios-IPBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 03:24 IP_NFSBytes.rrd
> >-rw-------    1 nobody   nobody      35292 Apr 21 07:49 IP_NFS_AFSBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 IP_NNTPBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:07 IP_SNMPBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:07 IP_SSHBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 IP_TelnetBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:07 IP_X11Bytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 IP_eDonkeyBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 
> >activeHostSendersNum.rrd
> >-rw-------    1 nobody   nobody      36080 Apr 21 04:08 arpRarpBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 broadcastPkts.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 ethernetBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 ethernetPkts.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 
> >fragmentedIpBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 icmpBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 03:24 igmpBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 ipBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 knownHostsNum.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:07 multicastPkts.rrd
> >-rw-------    1 nobody   nobody      35292 Apr 21 04:08 otherBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:07 otherIpBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 tcpBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 udpBytes.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 upTo1024Pkts.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 upTo128Pkts.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 upTo1518Pkts.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 upTo256Pkts.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 upTo512Pkts.rrd
> >-rw-rw-rw-    1 nobody   nobody      35292 Apr 21 07:49 upTo64Pkts.rrd
> >
> >
> >
> >Anyone can help me? Thank you.
> >
> >
> >
> >
> >_______________________________________________
> >Ntop mailing list
> >[EMAIL PROTECTED]
> >http://listgateway.unipi.it/mailman/listinfo/ntop
> > 
> >
> 
> 
> -- 
> Luca Deri <[EMAIL PROTECTED]> http://luca.ntop.org/
> Hacker: someone who loves to program and enjoys being
> clever about it - Richard Stallman
> 
> _______________________________________________
> Ntop mailing list
> [EMAIL PROTECTED]
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop

Re: [Ntop] Running ntop3.0 on FreeBSD-5.2.1, memory size grow up very quickly

Reply via email to