subject:"Re\: \[Ntop\] radius\/diameter plugins broken after update"

Re: [Ntop] radius/diameter plugins broken after update

2018-05-17 Thread Milad Arabi

please see this
https://asciinema.org/a/182023

On Thu, May 17, 2018 at 2:13 PM, Milad Arabi  wrote:

> Hi Luca
> I try this:
>
> tcpdump -w radius.pcap -i ens192f0 port radius or port radius-acct or port
>> radius-dynauth
>
>
> and radius.pcap file is healthy and readable in wireshark.(except a few
> packets )
> I think this issue related to new updates.
>
>
> On Wed, May 16, 2018 at 1:25 AM, Luca Deri  wrote:
>
>> Hi Milad
>> the error you have is related to fragments. Please check (with wireshark)
>> if the packets you are receiving are correct or there are fragment issues
>>
>> Regards Luca
>>
>> On 15 May 2018, at 22:43, Milad Arabi  wrote:
>>
>> Hi there
>> I hope I'm not wrong,I have libradiusPlugin-8.5.180504.so
>>  and it almost works.
>> but after update to new version they are broke and they are not create
>> any new log file.
>>
>> Welcome to nProbe v.8.5.180515 (r6155) for x86_64-unknown-linux-gnu
>>> Build OS:  CentOS Linux release 7.4.1708 (Core)
>>
>> PF_RING Version  : 7.1.0 (dev:8b9dc8a258dea71e2af471174
>>> f99b30014277783)
>>
>>
>>
>> I use nprobe.conf with this config:
>>
>> -i=zc:ens192f0
>>> -t=60
>>> -d=15
>>> -P=/ipdr/connection
>>> -V=10
>>> --max-log-lines=1000
>>> --cpu-affinity=0
>>> --radius-dump-dir=/ipdr/radius
>>> --diameter-dump-dir=/ipdr/diameter
>>> -T="%IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_DST_PORT %L4_SRC_PORT %IN_BYTES
>>> %OUT_BYTES %FLOW_START_MILLISECONDS %FLOW_END_MILLISECONDS %L7_PROTO_NAME
>>> %IN_SRC_MAC %OUT_DST_MAC %SRC_AS %DST_AS"
>>
>>
>> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57 [util.c:465]
>>> GeoIP: loaded AS config file /usr/share/ntopng/httpdocs/geo
>>> ip/GeoIPASNum.dat
>>> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57 [util.c:476]
>>> GeoIP: loaded AS IPv6 config file /usr/share/ntopng/httpdocs/geo
>>> ip/GeoIPASNumv6.dat
>>> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57
>>> [pro/pf_ring.c:356] Initializing PF_RING socket on device zc:ens192f0..
>>> May 16 01:10:58 ipdr2 nprobe[2630]: 16/May/2018 01:10:58
>>> [pro/pf_ring.c:398] Dumping traffic statistics on
>>> /proc/net/pf_ring/stats/2630-ens192f0.7
>>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59
>>> [pro/pf_ring.c:469] PF_RING enabled on zc:ens192f0
>>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [util.c:3629]
>>> nProbe changed user to 'nobody'
>>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [plugin.c:924]
>>> Enabling plugin Diameter Protocol
>>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [plugin.c:924]
>>> Enabling plugin Radius Protocol
>>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [nprobe.c:8926]
>>> nProbe started successfully
>>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59
>>> [pro/pf_ring.c:214] Packet copy enabled
>>
>>
>> both command line and .conf usage are not work.
>>
>> and some errors are in service status:
>>
>> May 16 00:44:35 ipdr2 nprobe[2483]: 16/May/2018 00:44:35 [nprobe.c:1737]
>>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>>> 21792[fragmentId: 29441]
>>> May 16 00:44:47 ipdr2 nprobe[2483]: 16/May/2018 00:44:47 [nprobe.c:1737]
>>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>>> 16430[fragmentId: 6742]
>>> May 16 00:44:47 ipdr2 nprobe[2483]: 16/May/2018 00:44:47 [nprobe.c:1737]
>>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>>> 16430[fragmentId: 6742]
>>> May 16 00:44:48 ipdr2 nprobe[2483]: 16/May/2018 00:44:48 [nprobe.c:1737]
>>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>>> 16430[fragmentId: 6743]
>>
>>
>>
>> Does anybody have this issue?
>>
>> any comment would be appreciate
>> ___
>> Ntop mailing list
>> Ntop@listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>>
>>
>> ___
>> Ntop mailing list
>> Ntop@listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>
>
___
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Re: [Ntop] radius/diameter plugins broken after update

2018-05-17 Thread Milad Arabi

Hi Luca
I try this:

tcpdump -w radius.pcap -i ens192f0 port radius or port radius-acct or port
> radius-dynauth


and radius.pcap file is healthy and readable in wireshark.(except a few
packets )
I think this issue related to new updates.


On Wed, May 16, 2018 at 1:25 AM, Luca Deri  wrote:

> Hi Milad
> the error you have is related to fragments. Please check (with wireshark)
> if the packets you are receiving are correct or there are fragment issues
>
> Regards Luca
>
> On 15 May 2018, at 22:43, Milad Arabi  wrote:
>
> Hi there
> I hope I'm not wrong,I have libradiusPlugin-8.5.180504.so
>  and it almost works.
> but after update to new version they are broke and they are not create any
> new log file.
>
> Welcome to nProbe v.8.5.180515 (r6155) for x86_64-unknown-linux-gnu
>> Build OS:  CentOS Linux release 7.4.1708 (Core)
>
> PF_RING Version  : 7.1.0 (dev:8b9dc8a258dea71e2af471174f99b3
>> 0014277783)
>
>
>
> I use nprobe.conf with this config:
>
> -i=zc:ens192f0
>> -t=60
>> -d=15
>> -P=/ipdr/connection
>> -V=10
>> --max-log-lines=1000
>> --cpu-affinity=0
>> --radius-dump-dir=/ipdr/radius
>> --diameter-dump-dir=/ipdr/diameter
>> -T="%IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_DST_PORT %L4_SRC_PORT %IN_BYTES
>> %OUT_BYTES %FLOW_START_MILLISECONDS %FLOW_END_MILLISECONDS %L7_PROTO_NAME
>> %IN_SRC_MAC %OUT_DST_MAC %SRC_AS %DST_AS"
>
>
> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57 [util.c:465]
>> GeoIP: loaded AS config file /usr/share/ntopng/httpdocs/
>> geoip/GeoIPASNum.dat
>> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57 [util.c:476]
>> GeoIP: loaded AS IPv6 config file /usr/share/ntopng/httpdocs/
>> geoip/GeoIPASNumv6.dat
>> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57
>> [pro/pf_ring.c:356] Initializing PF_RING socket on device zc:ens192f0..
>> May 16 01:10:58 ipdr2 nprobe[2630]: 16/May/2018 01:10:58
>> [pro/pf_ring.c:398] Dumping traffic statistics on
>> /proc/net/pf_ring/stats/2630-ens192f0.7
>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59
>> [pro/pf_ring.c:469] PF_RING enabled on zc:ens192f0
>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [util.c:3629]
>> nProbe changed user to 'nobody'
>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [plugin.c:924]
>> Enabling plugin Diameter Protocol
>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [plugin.c:924]
>> Enabling plugin Radius Protocol
>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [nprobe.c:8926]
>> nProbe started successfully
>> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59
>> [pro/pf_ring.c:214] Packet copy enabled
>
>
> both command line and .conf usage are not work.
>
> and some errors are in service status:
>
> May 16 00:44:35 ipdr2 nprobe[2483]: 16/May/2018 00:44:35 [nprobe.c:1737]
>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>> 21792[fragmentId: 29441]
>> May 16 00:44:47 ipdr2 nprobe[2483]: 16/May/2018 00:44:47 [nprobe.c:1737]
>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>> 16430[fragmentId: 6742]
>> May 16 00:44:47 ipdr2 nprobe[2483]: 16/May/2018 00:44:47 [nprobe.c:1737]
>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>> 16430[fragmentId: 6742]
>> May 16 00:44:48 ipdr2 nprobe[2483]: 16/May/2018 00:44:48 [nprobe.c:1737]
>> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment
>> 16430[fragmentId: 6743]
>
>
>
> Does anybody have this issue?
>
> any comment would be appreciate
> ___
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
>
>
> ___
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>
___
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Re: [Ntop] radius/diameter plugins broken after update

2018-05-15 Thread Luca Deri

Hi Milad
the error you have is related to fragments. Please check (with wireshark) if 
the packets you are receiving are correct or there are fragment issues

Regards Luca

> On 15 May 2018, at 22:43, Milad Arabi  wrote:
> 
> Hi there
> I hope I'm not wrong,I have libradiusPlugin-8.5.180504.so 
>  and it almost works.
> but after update to new version they are broke and they are not create any 
> new log file.
> 
> Welcome to nProbe v.8.5.180515 (r6155) for x86_64-unknown-linux-gnu
> Build OS:  CentOS Linux release 7.4.1708 (Core)
> PF_RING Version  : 7.1.0 
> (dev:8b9dc8a258dea71e2af471174f99b30014277783) 
> 
> 
> I use nprobe.conf with this config:
> 
> -i=zc:ens192f0
> -t=60
> -d=15
> -P=/ipdr/connection
> -V=10
> --max-log-lines=1000
> --cpu-affinity=0
> --radius-dump-dir=/ipdr/radius
> --diameter-dump-dir=/ipdr/diameter
> -T="%IPV4_SRC_ADDR %IPV4_DST_ADDR %L4_DST_PORT %L4_SRC_PORT %IN_BYTES 
> %OUT_BYTES %FLOW_START_MILLISECONDS %FLOW_END_MILLISECONDS %L7_PROTO_NAME 
> %IN_SRC_MAC %OUT_DST_MAC %SRC_AS %DST_AS"
> 
> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57 [util.c:465] GeoIP: 
> loaded AS config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNum.dat
> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57 [util.c:476] GeoIP: 
> loaded AS IPv6 config file /usr/share/ntopng/httpdocs/geoip/GeoIPASNumv6.dat
> May 16 01:10:57 ipdr2 nprobe[2630]: 16/May/2018 01:10:57 [pro/pf_ring.c:356] 
> Initializing PF_RING socket on device zc:ens192f0..
> May 16 01:10:58 ipdr2 nprobe[2630]: 16/May/2018 01:10:58 [pro/pf_ring.c:398] 
> Dumping traffic statistics on /proc/net/pf_ring/stats/2630-ens192f0.7
> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [pro/pf_ring.c:469] 
> PF_RING enabled on zc:ens192f0
> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [util.c:3629] nProbe 
> changed user to 'nobody'
> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [plugin.c:924] 
> Enabling plugin Diameter Protocol
> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [plugin.c:924] 
> Enabling plugin Radius Protocol
> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [nprobe.c:8926] 
> nProbe started successfully
> May 16 01:10:59 ipdr2 nprobe[2630]: 16/May/2018 01:10:59 [pro/pf_ring.c:214] 
> Packet copy enabled
> 
> both command line and .conf usage are not work.
> 
> and some errors are in service status:
> 
> May 16 00:44:35 ipdr2 nprobe[2483]: 16/May/2018 00:44:35 [nprobe.c:1737] 
> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment 21792[fragmentId: 
> 29441]
> May 16 00:44:47 ipdr2 nprobe[2483]: 16/May/2018 00:44:47 [nprobe.c:1737] 
> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment 16430[fragmentId: 
> 6742]
> May 16 00:44:47 ipdr2 nprobe[2483]: 16/May/2018 00:44:47 [nprobe.c:1737] 
> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment 16430[fragmentId: 
> 6742]
> May 16 00:44:48 ipdr2 nprobe[2483]: 16/May/2018 00:44:48 [nprobe.c:1737] 
> ERROR: [FRAGMENT][FIRST] Received invalid initial fragment 16430[fragmentId: 
> 6743]
> 
> 
> Does anybody have this issue?
> 
> any comment would be appreciate
> ___
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop

___
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Re: [Ntop] radius/diameter plugins broken after update

Re: [Ntop] radius/diameter plugins broken after update

Re: [Ntop] radius/diameter plugins broken after update

3 matches

Site Navigation

Mail list logo

Footer information