[Ntop] Ntop issue - GeoIP
Luca Deri
deri at ntop.org
Fri Jan 15 20:34:53 CET 2010
Ervison
please do
make clean
./autogen.sh -p
./autogen.sh --disable-ipv6
make
I believe you are still using the previously built ntop.
Please use the code that's in SVN
Luca
On Jan 15, 2010, at 7:28 PM, Ervison Lima wrote:
> Hi Luca,
>
> It's a pleasure talk with you. Congratulations! Ntop is a great tool.
>
> Luca, I have to change version because I installed ntop on my linux router
> My system: Linux Debian 5.0, Kernel 2.6.26-2-amd64.
>
> >From the beginning:
>
> Following Gary's advice I did IPV6 deactivation and I did ntop compilation using ./autogen.sh --disable-ipv6 because a error regards GeioIp occured. Message below:
>
> firewallpix:~/ntop/ntop# ntop
> Thu Jan 14 15:04:49 2010 NOTE: Interface merge enabled by default
> Thu Jan 14 15:04:49 2010 Initializing gdbm databases
> Thu Jan 14 15:04:49 2010 ntop will be started as user nobody
> Thu Jan 14 15:04:49 2010 ntop v.3.4-pre (64 bit)
> Thu Jan 14 15:04:49 2010 Configured on Jan 13 2010 15:06:07, built on
> Jan 13 2010 15:06:10.
> Thu Jan 14 15:04:49 2010 Copyright 1998-2010 by Luca Deri <deri at ntop.org>
> Thu Jan 14 15:04:49 2010 Get the freshest ntop from http://www.ntop.org/
> Thu Jan 14 15:04:49 2010 NOTE: ntop is running from 'ntop'
> Thu Jan 14 15:04:49 2010 NOTE: (but see warning on man page for the
> --instance parameter)
> Thu Jan 14 15:04:49 2010 NOTE: ntop libraries are in '/lib'
> Thu Jan 14 15:04:49 2010 Initializing ntop
> Thu Jan 14 15:04:50 2010 Checking eth1 for additional devices
> Thu Jan 14 15:04:50 2010 Resetting traffic statistics for device eth1
> Thu Jan 14 15:04:50 2010 Initializing device eth1 (0)
> Thu Jan 14 15:04:50 2010 DLT: Device 0 [eth1] is 1, mtu 1514, header 14
> Thu Jan 14 15:04:50 2010 Initialized events [mask: 0][path: ]
> Thu Jan 14 15:04:50 2010 Initializing gdbm databases
> Thu Jan 14 15:04:50 2010 VENDOR: Loading MAC address table.
> Thu Jan 14 15:04:50 2010 VENDOR: Checking for MAC address table file
> Thu Jan 14 15:04:50 2010 VENDOR: File './specialMAC.txt.gz' does not
> need to be reloaded
> Thu Jan 14 15:04:50 2010 VENDOR: ntop continues ok
> Thu Jan 14 15:04:50 2010 VENDOR: Checking for MAC address table file
> Thu Jan 14 15:04:50 2010 VENDOR: File './oui.txt.gz' does not need to
> be reloaded
> Thu Jan 14 15:04:50 2010 VENDOR: ntop continues ok
> Thu Jan 14 15:04:50 2010 Fingerprint: Loading signature file
> Thu Jan 14 15:04:50 2010 Fingerprint: Checking for Fingerprint file... file
> Thu Jan 14 15:04:50 2010 Fingerprint: Loading file './etter.finger.os.gz'
> Thu Jan 14 15:04:50 2010 Fingerprint: ...loaded 1765 records
> Thu Jan 14 15:04:50 2010 INIT: Parent process is exiting (this is normal)
> Thu Jan 14 15:04:50 2010 INIT: Bye bye: I'm becoming a daemon...
> firewallpix:~/ntop/ntop# ntop: symbol lookup error:
> /lib/libntop-3.4-pre.so: undefined symbol: GeoIP_name_by_ipnum_v6
>
> After that I tried to start ntop but after "SECURITY: Loading items table" line a seg fault message appears whithout any reason and ntop dies. I started ntop whith "-u root".
>
>
> Thanks
>
>
> Ervison Lima
> Suporte Técnico
>
>
>
>
> Em 15/1/2010 15:45, Luca Deri escreveu:
>> Ervison
>> if ntop svn does not work you have to help me understanding why. Please debug or at least trace the error.
>>
>> Luca
>>
>> On Jan 15, 2010, at 6:16 PM, Ervison Lima wrote:
>>
>>>
>>> Hi,
>>>
>>> I removed ntop svn version from my Linux. I installed stable version and now ntop works, but the message bellow appears all the time:
>>>
>>> Fri Jan 15 15:14:32 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:14:32 2010 **WARNING** packet truncated (14654->8232)
>>> Fri Jan 15 15:14:32 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:14:32 2010 **WARNING** packet truncated (11734->8232)
>>> Fri Jan 15 15:14:32 2010 **WARNING** packet truncated (20494->8232)
>>> Fri Jan 15 15:14:32 2010 **WARNING** packet truncated (20494->8232)
>>> Fri Jan 15 15:14:38 2010 **WARNING** packet truncated (11734->8232)
>>> Fri Jan 15 15:15:13 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:13 2010 **WARNING** packet truncated (23414->8232)
>>> Fri Jan 15 15:15:13 2010 **WARNING** packet truncated (10274->8232)
>>> Fri Jan 15 15:15:13 2010 **WARNING** packet truncated (11734->8232)
>>> Fri Jan 15 15:15:13 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:31 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:31 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:31 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:31 2010 **WARNING** packet truncated (29254->8232)
>>> Fri Jan 15 15:15:31 2010 **WARNING** packet truncated (10274->8232)
>>> Fri Jan 15 15:15:31 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:31 2010 **WARNING** packet truncated (13194->8232)
>>> Fri Jan 15 15:15:41 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:41 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:41 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:41 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:15:46 2010 **WARNING** packet truncated (26334->8232)
>>> Fri Jan 15 15:15:46 2010 **WARNING** packet truncated (10274->8232)
>>> Fri Jan 15 15:16:12 2010 **WARNING** packet truncated (8814->8232)
>>> Fri Jan 15 15:16:12 2010 **WARNING** packet truncated (23414->8232)
>>> Fri Jan 15 15:16:12 2010 **WARNING** packet truncated (26334->8232)
>>> Fri Jan 15 15:16:12 2010 **WARNING** packet truncated (19034->8232)
>>> Fri Jan 15 15:16:12 2010 **WARNING** packet truncated (14654->8232)
>>> Fri Jan 15 15:16:12 2010 **WARNING** packet truncated (13194->8232)
>>> Fri Jan 15 15:16:12 2010 **WARNING** packet truncated (13194->8232)
>>> Fri Jan 15 15:16:36 2010 **WARNING** packet truncated (8754->8232)
>>>
>>>
>>> I started ntop using "ntop -u root -w 192.168.1.1:3000 -s -i eth1"
>>>
>>> Thats a normal behavior?
>>>
>>> Thanks a lot
>>>
>>>
>>> Ervison Lima
>>>
>>>
>>>
>>> Em 14/1/2010 18:08, Ervison Lima escreveu:
>>>>
>>>> Gary,
>>>>
>>>> Thanks dor your help, but now a new problem occurs:
>>>>
>>>> I deleted ntop installation and svn source. I followed your advice (./autogen.sh --disable-ipv6) but now when I tryed to start ntop whith "ntop -4" a segmentation fault is showed and ntop dies. So I tried to start without any parameters and this message accurs (BOLD):
>>>>
>>>> firewallpix:~/ntop/ntop# ntop
>>>> Thu Jan 14 18:11:17 2010 NOTE: Interface merge enabled by default
>>>> Thu Jan 14 18:11:17 2010 Initializing gdbm databases
>>>> Thu Jan 14 18:11:17 2010 ntop will be started as user nobody
>>>> Thu Jan 14 18:11:17 2010 ntop v.3.4-pre (64 bit)
>>>> Thu Jan 14 18:11:17 2010 Configured on Jan 14 2010 17:49:47, built on Jan 14 2010 17:51:02.
>>>> Thu Jan 14 18:11:17 2010 Copyright 1998-2010 by Luca Deri <deri at ntop.org>
>>>> Thu Jan 14 18:11:17 2010 Get the freshest ntop from http://www.ntop.org/
>>>> Thu Jan 14 18:11:17 2010 NOTE: ntop is running from 'ntop'
>>>> Thu Jan 14 18:11:17 2010 NOTE: (but see warning on man page for the --instance parameter)
>>>> Thu Jan 14 18:11:17 2010 NOTE: ntop libraries are in '/lib'
>>>> Thu Jan 14 18:11:17 2010 Initializing ntop
>>>> Thu Jan 14 18:11:17 2010 Checking eth1 for additional devices
>>>> Thu Jan 14 18:11:17 2010 Resetting traffic statistics for device eth1
>>>> Thu Jan 14 18:11:17 2010 Initializing device eth1 (0)
>>>> Thu Jan 14 18:11:18 2010 DLT: Device 0 [eth1] is 1, mtu 1514, header 14
>>>> Thu Jan 14 18:11:18 2010 Initialized events [mask: 0][path: ]
>>>> Thu Jan 14 18:11:18 2010 Initializing gdbm databases
>>>> Thu Jan 14 18:11:18 2010 VENDOR: Loading MAC address table.
>>>> Thu Jan 14 18:11:18 2010 VENDOR: Checking for MAC address table file
>>>> Thu Jan 14 18:11:18 2010 VENDOR: File './specialMAC.txt.gz' does not need to be reloaded
>>>> Thu Jan 14 18:11:18 2010 VENDOR: ntop continues ok
>>>> Thu Jan 14 18:11:18 2010 VENDOR: Checking for MAC address table file
>>>> Thu Jan 14 18:11:18 2010 VENDOR: File './oui.txt.gz' does not need to be reloaded
>>>> Thu Jan 14 18:11:18 2010 VENDOR: ntop continues ok
>>>> Thu Jan 14 18:11:18 2010 Fingerprint: Loading signature file
>>>> Thu Jan 14 18:11:18 2010 Fingerprint: Checking for Fingerprint file... file
>>>> Thu Jan 14 18:11:18 2010 Fingerprint: Loading file './etter.finger.os.gz'
>>>> Thu Jan 14 18:11:18 2010 Fingerprint: ...loaded 1765 records
>>>> Thu Jan 14 18:11:18 2010 Database support not compiled into ntop
>>>> Thu Jan 14 18:11:18 2010 Initializing external applications
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1089739088]: SFP: Started thread for fingerprinting
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1089739088]: SFP: Fingerprint scan thread starting [p19421]
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1098131792]: SIH: Started thread for idle hosts detection
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1098131792]: SIH: Idle host scan thread starting [p19421]
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1112508752]: DNSAR(1): Started thread for DNS address resolution
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1112508752]: DNSAR(1): Address resolution thread running
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1120901456]: DNSAR(2): Started thread for DNS address resolution
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1120901456]: DNSAR(2): Address resolution thread running
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1129294160]: DNSAR(3): Started thread for DNS address resolution
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1129294160]: DNSAR(3): Address resolution thread running
>>>> Thu Jan 14 18:11:18 2010 Calling plugin start functions (if any)
>>>> Thu Jan 14 18:11:18 2010 GeoIP: loaded config file ./GeoLiteCity.dat
>>>> Thu Jan 14 18:11:18 2010 GeoIP: loaded ASN config file ./GeoIPASNum.dat
>>>> Thu Jan 14 18:11:18 2010 SSL is present but https is disabled: use -W <https port> for enabling it
>>>> Thu Jan 14 18:11:18 2010 INITWEB: Initializing web server
>>>> Thu Jan 14 18:11:18 2010 INITWEB: Initializing TCP/IP socket connections for web server
>>>> Thu Jan 14 18:11:18 2010 INITWEB: Initialized socket, port 3000, address (any)
>>>> Thu Jan 14 18:11:18 2010 INITWEB: Waiting for HTTP connections on port 3000
>>>> Thu Jan 14 18:11:18 2010 INITWEB: Starting web server
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1137686864]: INITWEB: Started thread for web server
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1137686864]: WEB: Server connection thread starting [p19421]
>>>> Thu Jan 14 18:11:18 2010 Note: SIGPIPE handler set (ignore)
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1137686864]: WEB: Server connection thread running [p19421]
>>>> Thu Jan 14 18:11:18 2010 WEB: ntop's web server is now processing requests
>>>> Thu Jan 14 18:11:18 2010 Listening on [eth1]
>>>> Thu Jan 14 18:11:18 2010 Loading Plugins
>>>> Thu Jan 14 18:11:18 2010 Searching for plugins in ./plugins
>>>> Thu Jan 14 18:11:18 2010 SFLOW: Welcome to sFlow.(C) 2002-10 by Luca Deri
>>>> Thu Jan 14 18:11:18 2010 ICMP: Welcome to ICMP Watch. (C) 1999-2005 by Luca Deri
>>>> Thu Jan 14 18:11:18 2010 RRD: Welcome to Round-Robin Database. (C) 2002-10 by Luca Deri.
>>>> Thu Jan 14 18:11:18 2010 CPACKET: Welcome to cPacket.(C) 2008 by Luca Deri
>>>> Thu Jan 14 18:11:18 2010 NETFLOW: Welcome to NetFlow.(C) 2002-10 by Luca Deri
>>>> Thu Jan 14 18:11:18 2010 Calling plugin start functions (if any)
>>>> Thu Jan 14 18:11:18 2010 RRD: Welcome to the RRD plugin
>>>> Thu Jan 14 18:11:18 2010 RRD: Mask for new directories is 0700
>>>> Thu Jan 14 18:11:18 2010 RRD: Mask for new files is 0066
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: Parameters:
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpInterval 300 seconds
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpShortInterval 10 seconds
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpHours 72 hours by 300 seconds
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpDays 90 days by hour
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpMonths 36 months by day
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpDomains no
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpFlows no
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpSubnets no
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpHosts no
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpInterfaces yes
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpASs no
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpMatrix no
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: dumpDetail medium
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: hostsFilter
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: rrdPath /usr/local/var/ntop/rrd [normal]
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: rrdPath /usr/local/var/ntop/rrd [dynamic/volatile]
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: umask 0066
>>>> Thu Jan 14 18:11:18 2010 RRD_DEBUG: DirPerms 0700
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT: RRD: Started thread (t1146079568) for data collection
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1146079568]: RRD: Data collection thread starting [p19421]
>>>> Thu Jan 14 18:11:18 2010 INIT: Created pid file (/var/run/ntop.pid)
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t140322929428192]: ntop RUNSTATE: INITNONROOT(3)
>>>> Thu Jan 14 18:11:18 2010 Now running as requested user 'nobody' (65534:65534)
>>>> Thu Jan 14 18:11:18 2010 Note: Reporting device initally set to 0 [eth1] (merged)
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t140322929428192]: ntop RUNSTATE: RUN(4)
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1154472272]: NPS(1): Started thread for network packet sniffing [eth1]
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1098131792]: SIH: Idle host scan thread running [p19421]
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1089739088]: SFP: Fingerprint scan thread running [p19421]
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1154472272]: NPS(eth1): pcapDispatch thread starting [p19421]
>>>> Thu Jan 14 18:11:18 2010 THREADMGMT[t1154472272]: NPS(eth1): pcapDispatch thread running [p19421]
>>>> Thu Jan 14 18:11:23 2010 CHKVER: Checking current ntop version at version.ntop.org/version.xml
>>>> Thu Jan 14 18:11:24 2010 CHKVER: Version file is from 'version.ntop.org'
>>>> Thu Jan 14 18:11:24 2010 CHKVER: as of date is '2009-05-22T01:12:25'
>>>> Thu Jan 14 18:11:24 2010 CHKVER: This version of ntop is a new DEVELOPMENT version - Be careful!
>>>> Thu Jan 14 18:11:28 2010 THREADMGMT[t1137686864]: WEB: Server connection thread terminated [p19421]
>>>> Thu Jan 14 18:11:28 2010 **ERROR** RRD: Disabled - unable to create directory (err 13, /usr/local/var/ntop/rrd/graphics)
>>>> Thu Jan 14 18:11:32 2010 **WARNING** packet truncated (10274->8232)
>>>>
>>>>
>>>> Using -u root this message occurs too
>>>>
>>>>
>>>> firewallpix:~/ntop/ntop# ntop -4
>>>> Thu Jan 14 17:57:02 2010 NOTE: Interface merge enabled by default
>>>> Thu Jan 14 17:57:02 2010 Initializing gdbm databases
>>>> Thu Jan 14 17:57:02 2010 ntop will be started as user nobody
>>>> Thu Jan 14 17:57:02 2010 ntop v.3.4-pre (64 bit)
>>>> Thu Jan 14 17:57:02 2010 Configured on Jan 14 2010 17:49:47, built on Jan 14 2010 17:51:02.
>>>> Thu Jan 14 17:57:02 2010 Copyright 1998-2010 by Luca Deri <deri at ntop.org>
>>>> Thu Jan 14 17:57:02 2010 Get the freshest ntop from http://www.ntop.org/
>>>> Thu Jan 14 17:57:02 2010 NOTE: ntop is running from 'ntop'
>>>> Thu Jan 14 17:57:02 2010 NOTE: (but see warning on man page for the --instance parameter)
>>>> Thu Jan 14 17:57:02 2010 NOTE: ntop libraries are in '/lib'
>>>> Thu Jan 14 17:57:02 2010 Initializing ntop
>>>> Thu Jan 14 17:57:02 2010 Checking eth1 for additional devices
>>>> Thu Jan 14 17:57:02 2010 Resetting traffic statistics for device eth1
>>>> Thu Jan 14 17:57:02 2010 Initializing device eth1 (0)
>>>> Thu Jan 14 17:57:02 2010 DLT: Device 0 [eth1] is 1, mtu 1514, header 14
>>>> Thu Jan 14 17:57:02 2010 Initialized events [mask: 0][path: ]
>>>> Thu Jan 14 17:57:02 2010 Initializing gdbm databases
>>>> Thu Jan 14 17:57:02 2010 VENDOR: Loading MAC address table.
>>>> Thu Jan 14 17:57:02 2010 VENDOR: Checking for MAC address table file
>>>> Thu Jan 14 17:57:02 2010 VENDOR: File './specialMAC.txt.gz' does not need to be reloaded
>>>> Thu Jan 14 17:57:02 2010 VENDOR: ntop continues ok
>>>> Thu Jan 14 17:57:02 2010 VENDOR: Checking for MAC address table file
>>>> Thu Jan 14 17:57:02 2010 VENDOR: File './oui.txt.gz' does not need to be reloaded
>>>> Thu Jan 14 17:57:02 2010 VENDOR: ntop continues ok
>>>> Thu Jan 14 17:57:02 2010 Fingerprint: Loading signature file
>>>> Thu Jan 14 17:57:02 2010 Fingerprint: Checking for Fingerprint file... file
>>>> Thu Jan 14 17:57:02 2010 Fingerprint: Loading file './etter.finger.os.gz'
>>>> Thu Jan 14 17:57:02 2010 Fingerprint: ...loaded 1765 records
>>>> Thu Jan 14 17:57:02 2010 Database support not compiled into ntop
>>>> Thu Jan 14 17:57:02 2010 Initializing external applications
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1100548432]: SFP: Started thread for fingerprinting
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1108941136]: SIH: Idle host scan thread starting [p19318]
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1100548432]: SFP: Fingerprint scan thread starting [p19318]
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1108941136]: SIH: Started thread for idle hosts detection
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1117333840]: DNSAR(1): Address resolution thread running
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1117333840]: DNSAR(1): Started thread for DNS address resolution
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1125726544]: DNSAR(2): Address resolution thread running
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1125726544]: DNSAR(2): Started thread for DNS address resolution
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1134119248]: DNSAR(3): Address resolution thread running
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1134119248]: DNSAR(3): Started thread for DNS address resolution
>>>> Thu Jan 14 17:57:02 2010 Calling plugin start functions (if any)
>>>> Thu Jan 14 17:57:02 2010 GeoIP: loaded config file ./GeoLiteCity.dat
>>>> Thu Jan 14 17:57:02 2010 GeoIP: loaded ASN config file ./GeoIPASNum.dat
>>>> Thu Jan 14 17:57:02 2010 SSL is present but https is disabled: use -W <https port> for enabling it
>>>> Thu Jan 14 17:57:02 2010 INITWEB: Initializing web server
>>>> Thu Jan 14 17:57:02 2010 INITWEB: Initializing TCP/IP socket connections for web server
>>>> Thu Jan 14 17:57:02 2010 INITWEB: Initialized socket, port 3000, address (any)
>>>> Thu Jan 14 17:57:02 2010 INITWEB: Waiting for HTTP connections on port 3000
>>>> Thu Jan 14 17:57:02 2010 INITWEB: Starting web server
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1142511952]: WEB: Server connection thread starting [p19318]
>>>> Thu Jan 14 17:57:02 2010 Note: SIGPIPE handler set (ignore)
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1142511952]: WEB: Server connection thread running [p19318]
>>>> Thu Jan 14 17:57:02 2010 WEB: ntop's web server is now processing requests
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1142511952]: INITWEB: Started thread for web server
>>>> Thu Jan 14 17:57:02 2010 Listening on [eth1]
>>>> Thu Jan 14 17:57:02 2010 Loading Plugins
>>>> Thu Jan 14 17:57:02 2010 Searching for plugins in ./plugins
>>>> Thu Jan 14 17:57:02 2010 SFLOW: Welcome to sFlow.(C) 2002-10 by Luca Deri
>>>> Thu Jan 14 17:57:02 2010 ICMP: Welcome to ICMP Watch. (C) 1999-2005 by Luca Deri
>>>> Thu Jan 14 17:57:02 2010 RRD: Welcome to Round-Robin Database. (C) 2002-10 by Luca Deri.
>>>> Thu Jan 14 17:57:02 2010 CPACKET: Welcome to cPacket.(C) 2008 by Luca Deri
>>>> Thu Jan 14 17:57:02 2010 NETFLOW: Welcome to NetFlow.(C) 2002-10 by Luca Deri
>>>> Thu Jan 14 17:57:02 2010 Calling plugin start functions (if any)
>>>> Thu Jan 14 17:57:02 2010 RRD: Welcome to the RRD plugin
>>>> Thu Jan 14 17:57:02 2010 RRD: Mask for new directories is 0700
>>>> Thu Jan 14 17:57:02 2010 RRD: Mask for new files is 0066
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: Parameters:
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpInterval 300 seconds
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpShortInterval 10 seconds
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpHours 72 hours by 300 seconds
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpDays 90 days by hour
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpMonths 36 months by day
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpDomains no
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpFlows no
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpSubnets no
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpHosts no
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpInterfaces yes
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpASs no
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpMatrix no
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: dumpDetail medium
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: hostsFilter
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: rrdPath /usr/local/var/ntop/rrd [normal]
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: rrdPath /usr/local/var/ntop/rrd [dynamic/volatile]
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: umask 0066
>>>> Thu Jan 14 17:57:02 2010 RRD_DEBUG: DirPerms 0700
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1150904656]: RRD: Data collection thread starting [p19318]
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT: RRD: Started thread (t1150904656) for data collection
>>>> Thu Jan 14 17:57:02 2010 INIT: Created pid file (/var/run/ntop.pid)
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t139776151213792]: ntop RUNSTATE: INITNONROOT(3)
>>>> Thu Jan 14 17:57:02 2010 Now running as requested user 'nobody' (65534:65534)
>>>> Thu Jan 14 17:57:02 2010 Note: Reporting device initally set to 0 [eth1] (merged)
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t139776151213792]: ntop RUNSTATE: RUN(4)
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1159297360]: NPS(eth1): pcapDispatch thread starting [p19318]
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1159297360]: NPS(eth1): pcapDispatch thread running [p19318]
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1108941136]: SIH: Idle host scan thread running [p19318]
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1100548432]: SFP: Fingerprint scan thread running [p19318]
>>>> Thu Jan 14 17:57:02 2010 THREADMGMT[t1159297360]: NPS(1): Started thread for network packet sniffing [eth1]
>>>> Thu Jan 14 17:57:07 2010 CHKVER: Checking current ntop version at version.ntop.org/version.xml
>>>> Thu Jan 14 17:57:07 2010 CHKVER: Version file is from 'version.ntop.org'
>>>> Thu Jan 14 17:57:07 2010 CHKVER: as of date is '2009-05-22T01:12:25'
>>>> Thu Jan 14 17:57:07 2010 CHKVER: This version of ntop is a new DEVELOPMENT version - Be careful!
>>>> Segmentation Fault
>>>>
>>>>
>>>>
>>>> Do you hava any other sugestion?
>>>> Thanks
>>>>
>>>>
>>>> Ervison Lima
>>>>
>>>>
>>>>
>>>> Em 14/1/2010 16:48, Gary Gatten escreveu:
>>>>> Looks like something with IPv6. Maybe try disabling IPv6 with startup args. If that doesn't work try removing IPv6 with configure args and rebuild the binaries.
>>>>>
>>>>> ----- Original Message -----
>>>>> From: ntop-bounces at listgateway.unipi.it <ntop-bounces at listgateway.unipi.it>
>>>>> To: ntop at listgateway.unipi.it <ntop at listgateway.unipi.it>
>>>>> Sent: Thu Jan 14 12:22:27 2010
>>>>> Subject: [Ntop] Ntop issue - GeoIP
>>>>>
>>>>> Hi everyone;
>>>>>
>>>>> I'm new in ntop and I've tried to install ntop im may linux gateway.
>>>>>
>>>>> All erros on compilation were solved. After "make install" command, I
>>>>> tried to start ntop, but an erro regards GeoIp was showed and Ntop shutdown
>>>>>
>>>>> Any help is appreciated.
>>>>>
>>>>> The outpup screen:
>>>>>
>>>>> firewallpix:~/ntop/ntop# ntop -d
>>>>> Thu Jan 14 15:04:49 2010 NOTE: Interface merge enabled by default
>>>>> Thu Jan 14 15:04:49 2010 Initializing gdbm databases
>>>>> Thu Jan 14 15:04:49 2010 ntop will be started as user nobody
>>>>> Thu Jan 14 15:04:49 2010 ntop v.3.4-pre (64 bit)
>>>>> Thu Jan 14 15:04:49 2010 Configured on Jan 13 2010 15:06:07, built on
>>>>> Jan 13 2010 15:06:10.
>>>>> Thu Jan 14 15:04:49 2010 Copyright 1998-2010 by Luca Deri <deri at ntop.org>
>>>>> Thu Jan 14 15:04:49 2010 Get the freshest ntop from http://www.ntop.org/
>>>>> Thu Jan 14 15:04:49 2010 NOTE: ntop is running from 'ntop'
>>>>> Thu Jan 14 15:04:49 2010 NOTE: (but see warning on man page for the
>>>>> --instance parameter)
>>>>> Thu Jan 14 15:04:49 2010 NOTE: ntop libraries are in '/lib'
>>>>> Thu Jan 14 15:04:49 2010 Initializing ntop
>>>>> Thu Jan 14 15:04:50 2010 Checking eth1 for additional devices
>>>>> Thu Jan 14 15:04:50 2010 Resetting traffic statistics for device eth1
>>>>> Thu Jan 14 15:04:50 2010 Initializing device eth1 (0)
>>>>> Thu Jan 14 15:04:50 2010 DLT: Device 0 [eth1] is 1, mtu 1514, header 14
>>>>> Thu Jan 14 15:04:50 2010 Initialized events [mask: 0][path: ]
>>>>> Thu Jan 14 15:04:50 2010 Initializing gdbm databases
>>>>> Thu Jan 14 15:04:50 2010 VENDOR: Loading MAC address table.
>>>>> Thu Jan 14 15:04:50 2010 VENDOR: Checking for MAC address table file
>>>>> Thu Jan 14 15:04:50 2010 VENDOR: File './specialMAC.txt.gz' does not
>>>>> need to be reloaded
>>>>> Thu Jan 14 15:04:50 2010 VENDOR: ntop continues ok
>>>>> Thu Jan 14 15:04:50 2010 VENDOR: Checking for MAC address table file
>>>>> Thu Jan 14 15:04:50 2010 VENDOR: File './oui.txt.gz' does not need to
>>>>> be reloaded
>>>>> Thu Jan 14 15:04:50 2010 VENDOR: ntop continues ok
>>>>> Thu Jan 14 15:04:50 2010 Fingerprint: Loading signature file
>>>>> Thu Jan 14 15:04:50 2010 Fingerprint: Checking for Fingerprint file... file
>>>>> Thu Jan 14 15:04:50 2010 Fingerprint: Loading file './etter.finger.os.gz'
>>>>> Thu Jan 14 15:04:50 2010 Fingerprint: ...loaded 1765 records
>>>>> Thu Jan 14 15:04:50 2010 INIT: Parent process is exiting (this is normal)
>>>>> Thu Jan 14 15:04:50 2010 INIT: Bye bye: I'm becoming a daemon...
>>>>> firewallpix:~/ntop/ntop# ntop: symbol lookup error:
>>>>> /lib/libntop-3.4-pre.so: undefined symbol: GeoIP_name_by_ipnum_v6
>>>>>
>>>>>
>>>>>
>>>>> Thanks a lot.
>>>>>
>>>>>
>>>>> *Ervison Lima*
>>>>>
>>>>>
>>>>>
>>>>> ------------------------------------------------------------------------
>>>>>
>>>>> _______________________________________________
>>>>> Ntop mailing list
>>>>> Ntop at listgateway.unipi.it
>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>>>>
>>>>> "This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system."
>>>>>
>>>>> _______________________________________________
>>>>> Ntop mailing list
>>>>>
>>>>> Ntop at listgateway.unipi.it
>>>>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>>>>
>>>>>
>>>>>
>>>>
>>>> _______________________________________________
>>>> Ntop mailing list
>>>>
>>>> Ntop at listgateway.unipi.it
>>>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>>>
>>>>
>>>>
>>> _______________________________________________
>>> Ntop mailing list
>>> Ntop at listgateway.unipi.it
>>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>> ---
>> If you can not measure it, you can not improve it - Lord Kelvin
>>
>>
>> _______________________________________________
>> Ntop mailing list
>>
>> Ntop at listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>>
>>
> _______________________________________________
> Ntop mailing list
> Ntop at listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
---
We can't solve problems by using the same kind of thinking we used when we created them - Albert Einstein
More information about the Ntop
mailing list