[Ntop] NTOP WEB SERVER

xcwillix Thu, 05 Aug 2004 12:31:35 -0700

I havn't changed anything, But after the issue started, I tried reinstalling the binaries, but I am sill getting the forked processes that wont die.

this is really killing me here,

What is there todo....

Would you like any other log file  or any new info.


Thanks in advance

xcwillix


On Aug 4, 2004, at 8:39 AM, [EMAIL PROTECTED] wrote:

Send Ntop mailing list submissions to
        [EMAIL PROTECTED]
To subscribe or unsubscribe via the World Wide Web, visit
        http://listgateway.unipi.it/mailman/listinfo/ntop
or, via email, send a message with subject or body 'help' to
        [EMAIL PROTECTED]
You can reach the person managing the list at
        [EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Ntop digest..."
Today's Topics:
1. NTOP WEB SERVER (xcwillix) 2. RE: NetFlow (the dumb newbie is back! Heh) (Jon Garlock) 3. RE: NetFlow (the dumb newbie is back! Heh) (Burton M. Strauss III) 4. RE: NTOP WEB SERVER (Burton M. Strauss III)
----------------------------------------------------------------------
Message: 1
Date: Wed, 4 Aug 2004 09:06:01 -0500
From: xcwillix <[EMAIL PROTECTED]>
Subject: [Ntop] NTOP WEB SERVER
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=US-ASCII; format=flowed
Hello ,
I have been using NTOP for about three monthes and am extremely happy
with my results, I am actullay using NTOP as a collector for billable
bandwidth, and it works quit well.
Here recently I noticed that when I click on a link inside the ntop gui
, it will start a whole new instance of NTOP.
Infact the day I noticed it was running nearly 30 instances.   I see
nothing strange in the logs, when I ran ntop in DEBUG mode , the issue
subsided.
Thanks in advance
xcwillix
SOME INFO
running options:
/usr/local/bin/ntop -d -L --set-pcap-nonblocking --ipv4 -m
x.x.x..0/255.255.254.0 -w 3000 -W 0 -a /var/log/ntop.access.log -u
nobody
OS
5.2.1-RELEASE-p7 FreeBSD 5.2.1-RELEASE-p7
NTOP VERSION
ntop v.3.0 SourceForge .tgz MT (SSL) (configured on Aug  2 2004
21:45:39, built on Aug  2 2004 21:46:22)
Copyright 1998-2004 by Luca Deri <[EMAIL PROTECTED]>.
Get the freshest ntop from http://www.ntop.org/
LOG
Aug 2 22:42:54 freebsdserver ntop[37338]: **WARNING** The web interface will be disabled Aug 2 22:42:54 freebsdserver ntop[37338]: If enabled, the rrd plugin will collect data Aug 2 22:42:54 freebsdserver ntop[37338]: If enabled, the netFlow and/or sFlow plugins will collect and/or transmit data Aug 2 22:42:54 freebsdserver ntop[37338]: This may or may not be what you want Aug 2 22:42:54 freebsdserver ntop[37338]: but without the web interface you can't set plugin parameters Aug 2 22:42:54 freebsdserver ntop[37338]: ntop v.3.0 SourceForge .tgz MT (SSL) Aug 2 22:42:54 freebsdserver ntop[37338]: Configured on Aug 2 2004 21:45:39, built on Aug 2 2004 21:46:22. Aug 2 22:42:54 freebsdserver ntop[37338]: Copyright 1998-2004 by Luca Deri <[EMAIL PROTECTED]> Aug 2 22:42:54 freebsdserver ntop[37338]: Get the freshest ntop from http://www.ntop.org/ Aug 2 22:42:54 freebsdserver ntop[37338]: Initializing ntop Aug 2 22:42:54 freebsdserver kernel: bge0: promiscuous mode enabled Aug 2 22:42:54 freebsdserver ntop[37338]: **WARNING** Truncated network size (device bge0) to 1024 hosts (real netmask 255.255.252.0) Aug 2 22:42:54 freebsdserver ntop[37338]: Checking bge0 for additional devices Aug 2 22:42:54 freebsdserver ntop[37338]: Resetting traffic statistics for device bge0 Aug 2 22:42:54 freebsdserver ntop[37338]: DLT: Device 0 [bge0] is 1, mtu 1514, header 14 Aug 2 22:42:54 freebsdserver ntop[37338]: Initializing gdbm databases Aug 2 22:42:54 freebsdserver ntop[37338]: Now running as requested user 'nobody' (65534:65534) Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: Loading MAC address table. Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: Checking for MAC address table file Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: ntop continues ok Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: Checking for MAC address table file Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: ntop continues ok Aug 2 22:42:54 freebsdserver ntop[37339]: INIT: Bye bye: I'm becoming a daemon... Aug 2 22:42:54 freebsdserver ntop[37338]: INIT: Parent process is exiting (this is normal) Aug 2 22:42:54 freebsdserver ntop[37339]: Now running as a daemon Aug 2 22:42:54 freebsdserver ntop[37339]: OSFP: Checking for OS fingerprint table file Aug 2 22:42:54 freebsdserver ntop[37339]: OSFP: Loading file '/usr/local/etc/ntop/etter.passive.os.fp.gz' Aug 2 22:42:54 freebsdserver ntop[37339]: ASN: Checking for Autonomous System Number table file Aug 2 22:42:54 freebsdserver ntop[37339]: **WARNING** ASN: Unable to open file 'AS-list.txt' Aug 2 22:42:54 freebsdserver ntop[37339]: I18N: Default language (from ntop host) is 'C' Aug 2 22:42:54 freebsdserver ntop[37339]: I18N: This instance of ntop supports 0 additional language(s) Aug 2 22:42:54 freebsdserver ntop[37339]: IP2CC: Checking for IP address <-> Country Code mapping file Aug 2 22:42:54 freebsdserver ntop[37339]: IP2CC: Loading file '/usr/local/etc/ntop/p2c.opt.table.gz' Aug 2 22:42:54 freebsdserver ntop[37339]: IP2CC: ...found 52395 lines Aug 2 22:42:54 freebsdserver ntop[37339]: GDVERCHK: Guessing at libgd version Aug 2 22:42:54 freebsdserver ntop[37339]: GDVERCHK: ... as 2.0.21+ Aug 2 22:42:54 freebsdserver ntop[37339]: Initializing external applications Aug 2 22:42:54 freebsdserver ntop[37339]: Initializing semaphores, mutexes and threads Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139956224) for network packet analyser Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139958272) for fingerprinting Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139959296) for idle hosts detection Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139960320) for DNS address resolution Aug 2 22:42:54 freebsdserver ntop[37339]: Calling plugin start functions (if any) Aug 2 22:42:54 freebsdserver ntop[37339]: Sniffying... Aug 2 22:42:54 freebsdserver ntop[37339]: INIT: Created pid file (/var/db/ntop/ntop.pid) Aug 2 22:42:54 freebsdserver ntop[37339]: Listening on [bge0] Aug 2 22:42:54 freebsdserver ntop[37339]: Now running as requested user 'nobody' (65534:65534) Aug 2 22:42:54 freebsdserver ntop[37339]: Loading Plugins Aug 2 22:42:54 freebsdserver ntop[37339]: Searching for plugins in /usr/local/lib/ntop/plugins Aug 2 22:42:54 freebsdserver ntop[37339]: ICMP: Welcome to icmpWatchPlugin. (C) 1999-2004 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: LASTSEEN: Welcome to LastSeenWatchPlugin. (C) 1999 by Andrea Marangoni Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Welcome to NetFlow.(C) 2002-04 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: NFS: Welcome to nfsWatchPlugin. (C) 1999-2004 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: PDA: Welcome to PDAPlugin. (C) 2001-2004 by L.Deri and W.Brock Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Welcome to rrdPlugin. (C) 2002-04 by Luca Deri. Aug 2 22:42:54 freebsdserver ntop[37339]: SFLOW: Welcome to sFlowPlugin. (C) 2002-04 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: XML: Welcome to xmldump plugin. (C) 2003-2004 by Burton Strauss Aug 2 22:42:54 freebsdserver ntop[37339]: Calling plugin start functions (if any) Aug 2 22:42:54 freebsdserver ntop[37339]: XML: Welcome to ntop xmldump Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Welcome to the RRD plugin Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Mask for new directories is 0700 Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Mask for new files is 0066 Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Started thread (139962368) for data collection. Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: White list initialized to '' Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Black list initialized to '' Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Created a socket (11) Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Collector listening on port 2055 Aug 2 22:42:54 freebsdserver ntop[37339]: Creating dummy interface, 'NetFlow-device' Aug 2 22:42:54 freebsdserver ntop[37339]: SSL is present but https is disabled: use -W <https port> for enabling it Aug 2 22:42:54 freebsdserver ntop[37339]: Note: Reporting device initally set to 1 [NetFlow-device] Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (135287808) for network packet sniffing on bge0 Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Packet processor thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Fingerprint scan thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Idle host scan thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Address resolution thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: CHKVER: Checking current ntop version at version.ntop.org/version.xml Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: rrd thread (139962368) started Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: netFlow thread(135286784) started Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: pcap dispatch thread running... Aug 2 22:42:55 freebsdserver ntop[37339]: CHKVER: Version file is from 'version.ntop.org' Aug 2 22:42:55 freebsdserver ntop[37339]: CHKVER: as of date is '2004-03-22T04:30:00' Aug 2 22:42:55 freebsdserver ntop[37339]: CHKVER: This version of ntop is the CURRENT stable version Aug 2 22:59:02 freebsdserver ntop[37339]: **WARNING** Address resolution queue is full [4096 slots] Aug 2 22:59:02 freebsdserver ntop[37339]: Addresses in excess won't be resolved - ntop continues
------------------------------
Message: 2
Date: Wed, 4 Aug 2004 09:05:28 -0400
From: "Jon Garlock" <[EMAIL PROTECTED]>
Subject: RE: [Ntop] NetFlow (the dumb newbie is back! Heh)
To: <[EMAIL PROTECTED]>
Message-ID:
        <[EMAIL PROTECTED]>
Content-Type: text/plain;       charset="us-ascii"
As soon as I activate the NetFlow plug-in, interface merging is
disabled.  I just popped into the Switch NIC page on another NTOP
install we have, and it says:
Note that the NetFlow and sFlow plugins - if enabled - force -M to be
set (i.e. they disable interface merging).
Thanks,
Jon.
-----Original Message-----
From: Burton M. Strauss III [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 5:19 PM
To: [EMAIL PROTECTED]
Subject: RE: [Ntop] NetFlow (the dumb newbie is back! Heh)
Actually the default handling of netFlow is to merge them all.  Luca
just committed to the cvs the ability to handle multiple distinct
netFlow's, but I assume the old merge behavior remains available.
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Jon Garlock
Sent: Tuesday, August 03, 2004 3:39 PM
To: [EMAIL PROTECTED]
Subject: [Ntop] NetFlow (the dumb newbie is back! Heh)
First off, thanks to everyone on the list for the help in the past.
I've now got 6 linux machines running ntop at 6 sites here at our org.
That could never have happened without your help :)  Between MRTG and
NTOP, this has been one hell of a year.  It's damned nice to know
what's going on ..
Anyways, enough ass kissing.  But I felt it necessary to prep as I've
got a couple of dumb newbie questions.  Not so much how-to questions,
but .. eh, you'll see.
Now that we're up, running, collecting and reporting with ntop, I'd
like to shake things up by testing working with netflow.  We're
cisco-everywhere, so it shouldn't be a problem.
I've read through the "NTop, NetFlow and Cisco Routers" document by
Jonathan Feldman (sorry, no URL handy).  Using that doc, I've been
able to collect and report on netflow statistics.  Great! :)
Now for my question (and I probably could have just jumped right
here):
is it possible to merge netflow statistics?  I know, by default, it's
not.  Simply activating the netflow plug-in forces all interfaces to
be reported seperately.  Is there some type of workaround?
This is why I'm asking: at our primary site, we have 3 major WAN
links.
As it stands now, I'm sniffing that data with the ntop box which has
an interface on each of those critical segments (core to primary WAN
router (frame relay), core to secodnary WAN router (collection of
point to point t1's) and core to firewall).
With ntop now, I merge all this traffic and get a great "complete
picture" of what folks are up to.
If I were to switch to 3 NetFlow's, I'd have to constantly switch
between them to get a good idea of what's going on.  It has to do with
the way our network passes traffic.  For example, a user in a remote
office requests a web page.  His local router decides that traffic is
best routed over the t1.  It arrives at HQ on the secondary router and
hops directly over to the firewall, as it's the gateway of last
resort.
Internet magic happens, and the data from the users request comes back
in.  The router in HQ decides to send it over frame relay.
I'd have to look at 3 separate netflow interfaces to get the
"complete"
picture .. at  least from here at HQ.
Is this making sense? Am I overlooking something stupid that makes my
question moot? Is this something that's in my newbieness I missed was
asked each week for the last 30 weeks in the archive?  Heh.  I hope
not
:)
Thanks and sorry for the freakin' BOOK of an email for a simple
question.
Thanks,
Jon.
--------------------------------------------------------
The information in this transmission is privileged and confidential
and intended only for the recipient listed above. If you are not the
intended recipient, please advise the sender immediately by reply
e-mail and delete this message and any attachments without retaining a
copy. If you are not the intended recipient, you are hereby notified
that any disclosure, copying or distribution of this message, or the
taking of any action based upon it, is strictly prohibited.
Thank you.
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
------------------------------
Message: 3
Date: Wed, 4 Aug 2004 08:36:53 -0500
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
Subject: RE: [Ntop] NetFlow (the dumb newbie is back! Heh)
To: <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain;       charset="US-ASCII"
I haven't looked @ Luca's code - I don't know whether he changed this and forgot to update the docs or what... it certainly used to be true (netFlow data went into myGlobals.device[0].xxxxx).
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Jon Garlock
Sent: Wednesday, August 04, 2004 8:05 AM
To: [EMAIL PROTECTED]
Subject: RE: [Ntop] NetFlow (the dumb newbie is back! Heh)
As soon as I activate the NetFlow plug-in, interface merging is
disabled.  I just popped into the Switch NIC page on another NTOP
install we have, and it says:
Note that the NetFlow and sFlow plugins - if enabled - force -M to be
set (i.e. they disable interface merging).
Thanks,
Jon.
-----Original Message-----
From: Burton M. Strauss III [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 03, 2004 5:19 PM
To: [EMAIL PROTECTED]
Subject: RE: [Ntop] NetFlow (the dumb newbie is back! Heh)
Actually the default handling of netFlow is to merge them all.  Luca
just committed to the cvs the ability to handle multiple distinct
netFlow's, but I assume the old merge behavior remains available.
-----Burton
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
Jon Garlock
Sent: Tuesday, August 03, 2004 3:39 PM
To: [EMAIL PROTECTED]
Subject: [Ntop] NetFlow (the dumb newbie is back! Heh)
First off, thanks to everyone on the list for the help in the past. I've now got 6 linux machines running ntop at 6 sites here at our org. That could never have happened without your help :) Between MRTG and NTOP, this has been one hell of a year. It's damned nice to know what's going on ..
Anyways, enough ass kissing.  But I felt it necessary to prep as I've
got a couple of dumb newbie questions.  Not so much how-to questions,
but .. eh, you'll see.
Now that we're up, running, collecting and reporting with ntop, I'd
like to shake things up by testing working with netflow.  We're
cisco-everywhere, so it shouldn't be a problem.
I've read through the "NTop, NetFlow and Cisco Routers" document by
Jonathan Feldman (sorry, no URL handy).  Using that doc, I've been
able to collect and report on netflow statistics.  Great! :)
Now for my question (and I probably could have just jumped right
here):
is it possible to merge netflow statistics?  I know, by default, it's
not.  Simply activating the netflow plug-in forces all interfaces to
be reported seperately.  Is there some type of workaround?
This is why I'm asking: at our primary site, we have 3 major WAN
links.
As it stands now, I'm sniffing that data with the ntop box which has
an interface on each of those critical segments (core to primary WAN
router (frame relay), core to secodnary WAN router (collection of
point to point t1's) and core to firewall).
With ntop now, I merge all this traffic and get a great "complete
picture" of what folks are up to.
If I were to switch to 3 NetFlow's, I'd have to constantly switch between them to get a good idea of what's going on. It has to do with
the way our network passes traffic. For example, a user in a remote office requests a web page. His local router decides that traffic is best routed over the t1. It arrives at HQ on the secondary router and

hops directly over to the firewall, as it's the gateway of last
resort.
Internet magic happens, and the data from the users request comes back
in.  The router in HQ decides to send it over frame relay.
I'd have to look at 3 separate netflow interfaces to get the
"complete"
picture .. at  least from here at HQ.
Is this making sense? Am I overlooking something stupid that makes my
question moot? Is this something that's in my newbieness I missed was
asked each week for the last 30 weeks in the archive?  Heh.  I hope
not
:)
Thanks and sorry for the freakin' BOOK of an email for a simple
question.
Thanks, Jon. -------------------------------------------------------- The information in this transmission is privileged and confidential and intended only for the recipient listed above. If you are not the intended recipient, please advise the sender immediately by reply e-mail and delete this message and any attachments without retaining a
copy. If you are not the intended recipient, you are hereby notified
that any disclosure, copying or distribution of this message, or the
taking of any action based upon it, is strictly prohibited.
Thank you.
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
------------------------------
Message: 4
Date: Wed, 4 Aug 2004 08:36:51 -0500
From: "Burton M. Strauss III" <[EMAIL PROTECTED]>
Subject: RE: [Ntop] NTOP WEB SERVER
To: <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain;       charset="US-ASCII"
I'm pretty sure it's normal - ntop fork()s a child process to create most of the web pages (debug mode skips the fork() call).

Why they're not terminating cleanly is not so obvious - there have been some zombie issues before - search the back traffic on this list. What did you change? OS version??
-----Burton
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
xcwillix
Sent: Wednesday, August 04, 2004 9:06 AM
To: [EMAIL PROTECTED]
Subject: [Ntop] NTOP WEB SERVER
Hello ,
I have been using NTOP for about three monthes and am extremely happy
with my results, I am actullay using NTOP as a collector for billable
bandwidth, and it works quit well.
Here recently I noticed that when I click on a link inside the ntop gui , it will start a whole new instance of NTOP. Infact the day I noticed it was running nearly 30 instances. I see nothing strange in the logs, when I ran ntop in DEBUG mode , the issue subsided.
Thanks in advance
xcwillix
SOME INFO
running options:
/usr/local/bin/ntop -d -L --set-pcap-nonblocking --ipv4 -m
x.x.x..0/255.255.254.0 -w 3000 -W 0 -a /var/log/ntop.access.log -u
nobody
OS
5.2.1-RELEASE-p7 FreeBSD 5.2.1-RELEASE-p7
NTOP VERSION
ntop v.3.0 SourceForge .tgz MT (SSL) (configured on Aug  2 2004
21:45:39, built on Aug  2 2004 21:46:22)
Copyright 1998-2004 by Luca Deri <[EMAIL PROTECTED]>.
Get the freshest ntop from http://www.ntop.org/
LOG
Aug 2 22:42:54 freebsdserver ntop[37338]: **WARNING** The web interface will be disabled Aug 2 22:42:54 freebsdserver ntop[37338]: If enabled, the rrd plugin will collect data Aug 2 22:42:54 freebsdserver ntop[37338]: If enabled, the netFlow and/or sFlow plugins will collect and/or transmit data Aug 2 22:42:54 freebsdserver ntop[37338]: This may or may not be what you want Aug 2 22:42:54 freebsdserver ntop[37338]: but without the web interface you can't set plugin parameters Aug 2 22:42:54 freebsdserver ntop[37338]: ntop v.3.0 SourceForge .tgz MT (SSL) Aug 2 22:42:54 freebsdserver ntop[37338]: Configured on Aug 2 2004 21:45:39, built on Aug 2 2004 21:46:22. Aug 2 22:42:54 freebsdserver ntop[37338]: Copyright 1998-2004 by Luca Deri <[EMAIL PROTECTED]> Aug 2 22:42:54 freebsdserver ntop[37338]: Get the freshest ntop from http://www.ntop.org/ Aug 2 22:42:54 freebsdserver ntop[37338]: Initializing ntop Aug 2 22:42:54 freebsdserver kernel: bge0: promiscuous mode enabled Aug 2 22:42:54 freebsdserver ntop[37338]: **WARNING** Truncated network size (device bge0) to 1024 hosts (real netmask 255.255.252.0) Aug 2 22:42:54 freebsdserver ntop[37338]: Checking bge0 for additional devices Aug 2 22:42:54 freebsdserver ntop[37338]: Resetting traffic statistics for device bge0 Aug 2 22:42:54 freebsdserver ntop[37338]: DLT: Device 0 [bge0] is 1, mtu 1514, header 14 Aug 2 22:42:54 freebsdserver ntop[37338]: Initializing gdbm databases Aug 2 22:42:54 freebsdserver ntop[37338]: Now running as requested user 'nobody' (65534:65534) Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: Loading MAC address table. Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: Checking for MAC address table file Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: ntop continues ok Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: Checking for MAC address table file Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded Aug 2 22:42:54 freebsdserver ntop[37338]: VENDOR: ntop continues ok Aug 2 22:42:54 freebsdserver ntop[37339]: INIT: Bye bye: I'm becoming a daemon... Aug 2 22:42:54 freebsdserver ntop[37338]: INIT: Parent process is exiting (this is normal) Aug 2 22:42:54 freebsdserver ntop[37339]: Now running as a daemon Aug 2 22:42:54 freebsdserver ntop[37339]: OSFP: Checking for OS fingerprint table file Aug 2 22:42:54 freebsdserver ntop[37339]: OSFP: Loading file '/usr/local/etc/ntop/etter.passive.os.fp.gz' Aug 2 22:42:54 freebsdserver ntop[37339]: ASN: Checking for Autonomous System Number table file Aug 2 22:42:54 freebsdserver ntop[37339]: **WARNING** ASN: Unable to open file 'AS-list.txt' Aug 2 22:42:54 freebsdserver ntop[37339]: I18N: Default language (from ntop host) is 'C' Aug 2 22:42:54 freebsdserver ntop[37339]: I18N: This instance of ntop supports 0 additional language(s) Aug 2 22:42:54 freebsdserver ntop[37339]: IP2CC: Checking for IP address <-> Country Code mapping file Aug 2 22:42:54 freebsdserver ntop[37339]: IP2CC: Loading file '/usr/local/etc/ntop/p2c.opt.table.gz' Aug 2 22:42:54 freebsdserver ntop[37339]: IP2CC: ...found 52395 lines Aug 2 22:42:54 freebsdserver ntop[37339]: GDVERCHK: Guessing at libgd version Aug 2 22:42:54 freebsdserver ntop[37339]: GDVERCHK: ... as 2.0.21+ Aug 2 22:42:54 freebsdserver ntop[37339]: Initializing external applications Aug 2 22:42:54 freebsdserver ntop[37339]: Initializing semaphores, mutexes and threads Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139956224) for network packet analyser Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139958272) for fingerprinting Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139959296) for idle hosts detection Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (139960320) for DNS address resolution Aug 2 22:42:54 freebsdserver ntop[37339]: Calling plugin start functions (if any) Aug 2 22:42:54 freebsdserver ntop[37339]: Sniffying... Aug 2 22:42:54 freebsdserver ntop[37339]: INIT: Created pid file (/var/db/ntop/ntop.pid) Aug 2 22:42:54 freebsdserver ntop[37339]: Listening on [bge0] Aug 2 22:42:54 freebsdserver ntop[37339]: Now running as requested user 'nobody' (65534:65534) Aug 2 22:42:54 freebsdserver ntop[37339]: Loading Plugins Aug 2 22:42:54 freebsdserver ntop[37339]: Searching for plugins in /usr/local/lib/ntop/plugins Aug 2 22:42:54 freebsdserver ntop[37339]: ICMP: Welcome to icmpWatchPlugin. (C) 1999-2004 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: LASTSEEN: Welcome to LastSeenWatchPlugin. (C) 1999 by Andrea Marangoni Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Welcome to NetFlow.(C) 2002-04 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: NFS: Welcome to nfsWatchPlugin. (C) 1999-2004 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: PDA: Welcome to PDAPlugin. (C) 2001-2004 by L.Deri and W.Brock Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Welcome to rrdPlugin. (C) 2002-04 by Luca Deri. Aug 2 22:42:54 freebsdserver ntop[37339]: SFLOW: Welcome to sFlowPlugin. (C) 2002-04 by Luca Deri Aug 2 22:42:54 freebsdserver ntop[37339]: XML: Welcome to xmldump plugin. (C) 2003-2004 by Burton Strauss Aug 2 22:42:54 freebsdserver ntop[37339]: Calling plugin start functions (if any) Aug 2 22:42:54 freebsdserver ntop[37339]: XML: Welcome to ntop xmldump Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Welcome to the RRD plugin Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Mask for new directories is 0700 Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Mask for new files is 0066 Aug 2 22:42:54 freebsdserver ntop[37339]: RRD: Started thread (139962368) for data collection. Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: White list initialized to '' Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Black list initialized to '' Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Created a socket (11) Aug 2 22:42:54 freebsdserver ntop[37339]: NETFLOW: Collector listening on port 2055 Aug 2 22:42:54 freebsdserver ntop[37339]: Creating dummy interface, 'NetFlow-device' Aug 2 22:42:54 freebsdserver ntop[37339]: SSL is present but https is disabled: use -W <https port> for enabling it Aug 2 22:42:54 freebsdserver ntop[37339]: Note: Reporting device initally set to 1 [NetFlow-device] Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Started thread (135287808) for network packet sniffing on bge0 Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Packet processor thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Fingerprint scan thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Idle host scan thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: Address resolution thread running... Aug 2 22:42:54 freebsdserver ntop[37339]: CHKVER: Checking current ntop version at version.ntop.org/version.xml Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: rrd thread (139962368) started Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: netFlow thread(135286784) started Aug 2 22:42:54 freebsdserver ntop[37339]: THREADMGMT: pcap dispatch thread running... Aug 2 22:42:55 freebsdserver ntop[37339]: CHKVER: Version file is from 'version.ntop.org' Aug 2 22:42:55 freebsdserver ntop[37339]: CHKVER: as of date is '2004-03-22T04:30:00' Aug 2 22:42:55 freebsdserver ntop[37339]: CHKVER: This version of ntop is the CURRENT stable version Aug 2 22:59:02 freebsdserver ntop[37339]: **WARNING** Address resolution queue is full [4096 slots] Aug 2 22:59:02 freebsdserver ntop[37339]: Addresses in excess won't be resolved - ntop continues
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
------------------------------
_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop
End of Ntop Digest, Vol 3, Issue 6
**********************************


_______________________________________________
Ntop mailing list
[EMAIL PROTECTED]
http://listgateway.unipi.it/mailman/listinfo/ntop

[Ntop] NTOP WEB SERVER

Reply via email to