Code 5 means you are requesting a file type (xml in this
case) that ntop doesn't understand. It will only understand xml if you
build the xmldump plugin. If you didn't build w/ xmldump, you
shouldn't ask for it (there is special case code in http.c around line
1700)...
Basically the answer is: "Don't do
that".
-----Burton
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeremiah Bright
Sent: Friday, December 02, 2005 12:43 PM
To: [email protected]
Subject: Re: [Ntop] Ntop + procurve
I don't know why my browser is trying to do an xmldump but there it is. For now I have to stop and start ntop to get back in.
On 12/2/05, Burton
Strauss <[EMAIL PROTECTED]>
wrote:
You can't - it has to timeout... it's our anti-attack protection - ntop rejects urls with ..s and other non-friendly characters..You could disable it via the setting in globals-defines.h ... (look for 'BAD_GUY' or is it 'BADGUY'?).The real ? is why are you generating a bad url and what's in it. It's usually misconfiguration. But you need to capture the actual HTTP request (since we know it's bad, we don't log it to prevent that as an attack vector).There is some writeup on URL security in docs/FAQ (available on your ntop instance off the left most menu item). And a coment block in the code (grep -i URLSecurity should find it).-----Burton
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jeremiah Bright
Sent: Friday, December 02, 2005 12:20 PM
To: [email protected]
Subject: Re: [Ntop] Ntop + procurve<snip />
Upon inspection of my /var/log/messages I see
**ERROR** Rejected request from address 10.0.1.233 (it previously sent ntop a bad request)
How do I tell ntop to ignore "bad requests" from myself, and if the answer for the graphs isn't under the rrdplugin configuration how do I get that correct if you know?
<snip />
_______________________________________________
Ntop mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop
--
Jeremiah Bright
Senior Network Engineer/Network Security/Unix Administrator
Gateway Funding - Diversified Mortgage Services
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
