[Ntop-dev] NST integration with ntop v3.3.9

ntop-dev at wilber.pointclark.net ntop-dev at wilber.pointclark.net
Sat Nov 22 05:38:29 CET 2008 

While doing a 2nd compile of svn 3627 to check for a different matter I noticed this when autogen.sh was compiling GeoIP:
Making all in libGeoIP
make[1]: Entering directory `/root/ntopchecksctp/ntop/GeoIP-1.4.5/libGeoIP'
/bin/sh ../libtool --mode=compile
gcc -DPACKAGE_NAME=\"\" -DPACKAGE_TARNAME=\"\" -DPACKAGE_VERSION=\"\" -DPACKAGE_STRING=\"\" -DPACKAGE_BUGREP
ORT=\"\" -DPACKAGE=\"GeoIP\" -DVERSION=\"1.4.5\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_
STRING_H=1
 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DHAVE_USHORT_TYPEDEF
=1 -DHAVE_
ULONG_TYPEDEF=1 -DLITTLE_ENDIAN_HOST=1 -DHAVE_STDINT_H=1 -DHAVE_ZLIB_H=1 -DHAVE_GETHOSTBYNAME=1 -DHAVE_GETHOSTBYNAME_R=1 -DGETHOSTBY
NAME_R_RET
URNS_INT=1 -DDEFAULT_DBDIR=\"NONE/share/GeoIP\"  -I. -I.   -DGEOIPDATADIR=\"/usr/local/share/GeoIP\" -Wall   -g -O2 -c GeoIP.c

and I wondered if the reason why ntop isn't producing an error message about the GeoIP.dat file is because ntop is looking for it in
either:
/usr/local/share/GeoIP
/usr/share/GeoIP
/share/GeoIP

While I don't have either:
/usr/local/share/GeoIP
or
/share/GeoIP
I do have a /usr/share/GeoIP and the files in it are very, very old:
[root at wilber ~]# ls -alh /usr/share/GeoIP
total 26M
drwxr-xr-x   2 root root 4.0K Nov 24  2006 .
drwxr-xr-x  91 root root 4.0K Jun  8 15:30 ..
-rw-r--r--   1 root root 849K Jul 18  2006 GeoIP.dat
-rw-r--r--   1 root root  25M Aug  5  2006 GeoLiteCity.dat
[root at wilber ~]#


Should ntop during the make install stage copy GeoIPASNum.dat, GeoLiteCity.dat, and GeoIP-1.4.5/data/GeoIP.dat into one or more of
these directories:
/usr/local/share/GeoIP
/usr/share/GeoIP
/share/GeoIP

and/or into its own private directory:
/usr/local/etc/ntop/




----- Original Message ----- 
From: <ntop-dev at wilber.pointclark.net>
To: <ntop-dev at unipi.it>
Sent: Saturday, November 22, 2008 2:15 PM
Subject: Re: [Ntop-dev] NST integration with ntop v3.3.9


> Gday Ronald,
>
> I'm running svn: 3627 and I also received the same error messages:
> Error Opening file ./GeoLiteCity.dat
> Error Opening file /usr/local/etc/ntop/GeoLiteCity.dat
> Error Opening file /usr/local/etc/ntop/GeoLiteCity.dat
> Error Opening file /etc/GeoLiteCity.dat
> Sat Nov 22 13:53:42 2008  **ERROR** GeoIP: unable to load file GeoLiteCity.dat
> Error Opening file ./GeoIPASNum.dat
> Error Opening file /usr/local/etc/ntop/GeoIPASNum.dat
> Error Opening file /usr/local/etc/ntop/GeoIPASNum.dat
> Error Opening file /etc/GeoIPASNum.dat
> Sat Nov 22 13:53:42 2008  **ERROR** GeoIP: unable to load ASN file GeoIPASNum.dat
> Sat Nov 22 13:53:42 2008  Database support not compiled into ntop
> ^^ I wonder why the error messages don't mention the GeoIP.dat file.
>
>
> BTW with svn 3627 I noticed that the GeoIP data sets were downloaded automatically during the make stage.
>
>
> I think the error is caused by leaving the GeoIP data sets in the compile directory i.e. they were not installed:
> ntop-revision3627/ntop/GeoIPASNum.dat
> ntop-revision3627/ntop/GeoLiteCity.dat
> ntop-revision3627/ntop/GeoIP-1.4.5/data/GeoIP.dat
> ^^ Copying these 3 files into /usr/local/etc/ntop/ reduces the error messages down to:
> Error Opening file ./GeoLiteCity.dat
> Sat Nov 22 14:12:11 2008  GeoIP: loaded config file /usr/local/etc/ntop/GeoLiteCity.dat
> Error Opening file ./GeoIPASNum.dat
> Sat Nov 22 14:12:11 2008  GeoIP: loaded ASN config file /usr/local/etc/ntop/GeoIPASNum.dat
> Sat Nov 22 14:12:11 2008  Database support not compiled into ntop
> ^^ Again no mention of the GeoIP.dat file.
>
> I hope this helps you with some of your problems.
>
> Hooroo.
>
>
>
> ----- Original Message ----- 
> From: "Ronald W. Henderson" <rwhalb at nycap.rr.com>
> To: <ntop-dev at unipi.it>
> Sent: Saturday, November 22, 2008 12:57 PM
> Subject: [Ntop-dev] NST integration with ntop v3.3.9
>
>
> > Luca:
> >
> > I have been working hard on integrating your latest ntop v3.3.9 svn: 3327
> > into NST (network security toolkit) for pending release v1.8.1. You have
> > done a very nice job with the GeoIP integration. I now download the GeoIP
> > data sets if requested by the user for ntop.
> >
> > I have created a web interface in the NST WUI to start up and
> > monitor ntop.
> >
> > I am having the following issues:
> >
> > 1) I can not control the sticky state. The Hosts keep getting purged.
> >    I use the "-c" command line value and have selected the web interface
> > value in Startup Options: Sticky Hosts (-c) to "Yes".
> >    The ntop.stickyHosts value in Preferences is set to "1"
> > Then I restart ntop and hosts keep getting purged.
> >
> > 2) On start up even if ntop has found the GeoIP data sets it will still
> > issue a error message:
> > Error Opening file ./GeoLiteCity.dat
> > Error Opening file /usr/local/etc/ntop/GeoLiteCity.dat
> > Error Opening file /usr/local/etc/ntop/GeoLiteCity.dat
> > Error Opening file ./GeoIPASNum.dat
> > Error Opening file /usr/local/etc/ntop/GeoIPASNum.dat
> > Error Opening file /usr/local/etc/ntop/GeoIPASNum.dat
> >
> > Hopefully you can help...
> >
> > Ronald W. Henderson
> >
> > - CoAuthor of NST...
> >
> > _______________________________________________
> > Ntop-dev mailing list
> > Ntop-dev at unipi.it
> > http://listgateway.unipi.it/mailman/listinfo/ntop-dev
> _______________________________________________
> Ntop-dev mailing list
> Ntop-dev at unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop-dev

More information about the Ntop-dev mailing list