ses
> - especially in the area of security and forensics - and hence i'm
> open to feedback.
>
> Cheers,
> Paolo
>
> On Mon, Jul 20, 2015 at 09:54:51PM +0200, Johannes Formann wrote:
>> Hi,
>>
>> I have a question: how are the different Flags stored in
Hi,
I have a question: how are the different Flags stored in the tcp_flags column
of the mysql-Database (int(4))?
The common mapping (SYN=2, ACK=16) doesn’t seem to match. I get these TCP-Flags
for 90% of the traffic: 27, 223, 31
That means 90% of the traffic have SYN, ACK AND FIN set…
Am I ma
he „aggregate_filter[TMPflowSRC]:
udp“ which is kind of strange since the aggregate TMPflowDST uses the same
without problems.
Ideas? Running without the aggregate_filter is a good quick workaround but
seems a strange error to me.
regards
Johannes
> On Tue, Apr 08, 2014 at 05:50:50PM +0200, Joh
Hi,
I have a strange problem again. I already tested the newest CVS version but it
persists:
I use four aggregates:
- inbound: incoming traffic for local IPs
- outbound: outgoing traffic for local ips
- TMPflowSRC: short time local outgoing udp traffic (with a short port list)
- TMPflowDST:
them to the operating system…
The following commands disable these functions, and after that the results are
reasonable again.
/sbin/ethtool -K eth0 tso off
/sbin/ethtool -K eth0 gso off
/sbin/ethtool -K eth0 gro off
cheers
Johannes
Am 26.02.2014 um 20:25 schrieb Johannes Formann :
> Hi Pa
access for a bit of debugging?
>
> Cheers,
> Paolo
>
> On Tue, Feb 25, 2014 at 11:46:31PM +0100, Johannes Formann wrote:
>> Hello,
>>
>> I try to run pmacct on a debian 7 box.
>> Basically everything runs fine, except sometimes pmacctd mud miscount the
>
Hello,
I try to run pmacct on a debian 7 box.
Basically everything runs fine, except sometimes pmacctd mud miscount the
traffic, since the average packetize goes over 1500 (latest size observed about
7.000) wich is not possible (MTU-Limit of 1500 bytes).
Same problem with the debian packages an
Hello,
I have a small problem with the current pmacct-Version, on every secound Insert
into the databases I'll get the following message:
Aug 5 00:10:06 pmacctd[21416]: ERROR ( inbound/mysql ): Duplicate entry
'2009-08-05 00:05:00-' for key 1#012
Aug 5 00:10:11 pmacctd[21417]: ERROR ( outbo
Paolo Lucente wrote:
Hi Paolo,
> * The SEGV appears to be in a pthread_getspecific() call while the MySQL
> plugin does not do any pthread-related call. Also a simple inet_ntoa()
> should not do that. Did you by any chance compile the package with the
> --enable-threads option? I don't thi
Chris Wilson wrote:
> On Mon, 13 Apr 2009, Johannes Formann wrote:
Hi Chris,
> >>>> Apr 13 17:20:01 server1 pmacctd[12419]: ERROR ( default/mysql ):
> >>>> Duplicate entry
> >>>> '0-00:1b:8f:61:55:c9-00:1c:c0:ab:8a:48-0-91.22.172.35-84.38.74
Johannes Formann wrote:
Hi Chris,
> >> Apr 13 17:20:01 server1 pmacctd[12419]: ERROR ( default/mysql ):
> >> Duplicate entry
> >> '0-00:1b:8f:61:55:c9-00:1c:c0:ab:8a:48-0-91.22.172.35-84.38.74.24' for
> >> key 1
> >
> > As this crash
Johannes Formann wrote:
Hello,
> I'll get this kind of error:
> Apr 13 15:27:15 server pmacctd[1341]: ERROR ( default/mysql ): Duplicate
> entry '0-00:1c:c0:74:5b:e9-00:00:0c:07:ac:6a-0-84.38.64.216-79.221.203.'
> for key 1
> Apr 13 15:27:15 server kernel: pmacc
Chris Wilson wrote:
Hi Chris,
> >> Paolo, this looks weird to me. pthread_getspecific() should not crash,
> >> that makes me think that the heap has been trashed (stack looks
> >> generally OK as the backtrace is OK). Perhaps a Valgrind is in order?
> >> Any static or fixed-size buffers in th
Chris Wilson wrote:
> On Mon, 13 Apr 2009, Johannes Formann wrote:
>
> >>> Apr 13 15:27:15 server kernel: pmacctd[1341]: segfault at f7002991 ip
> >>> f7bfa9ca sp ffb88334 error 4 in
> >>> libpthread-2.3.6.so[f7bf2000+e000]
> >
Chris Wilson wrote:
> On Mon, 13 Apr 2009, Johannes Formann wrote:
Hi Chris,
> >>> Apr 13 15:27:15 server kernel: pmacctd[1341]: segfault at f7002991 ip
> >>> f7bfa9ca sp ffb88334 error 4 in
> >>> libpthread-2.3.6.so[f7bf2000+e000]
>
Chris Wilson wrote:
> On Mon, 13 Apr 2009, Johannes Formann wrote:
Hi Chris,
> >>> I'll get this kind of error: Apr 13 15:27:15 server pmacctd[1341]:
> >>> ERROR ( default/mysql ): Duplicate entry
> >>> '0-00:1c:c0:74:5b:e9-00:00:0c:07:
Hi Chris,
> > Apr 13 15:27:15 server kernel: pmacctd[1341]: segfault at f7002991 ip
> > f7bfa9ca sp ffb88334 error 4 in
> > libpthread-2.3.6.so[f7bf2000+e000]
>
> And that should definitely not happen. Where did you get pmacct from? Did
> you compile it yourself? Can you build a v
Hello,
> > I'll get this kind of error:
> > Apr 13 15:27:15 server pmacctd[1341]: ERROR ( default/mysql ): Duplicate
> > entry '0-00:1c:c0:74:5b:e9-00:00:0c:07:ac:6a-0-84.38.64.216-79.221.203.'
> > for key 1
>
> I get this as well. It means that the primary key is not long enough to
> make the re
Hello,
I'll get this kind of error:
Apr 13 15:27:15 server pmacctd[1341]: ERROR ( default/mysql ): Duplicate
entry '0-00:1c:c0:74:5b:e9-00:00:0c:07:ac:6a-0-84.38.64.216-79.221.203.'
for key 1
Apr 13 15:27:15 server kernel: pmacctd[1341]: segfault at f7002991 ip
f7bfa9ca sp ffb883
19 matches
Mail list logo
