Hi, Since 2 years, I work on a big project to scan and measure network traffic. I have decided to use flowtools tools to capture and export Netflow file. These procedures works perfectly.
But, I have choose to use several flowtools like flow-cat, flow-filter and flow-export to filter an Traffic day. Flow capture stock for example my rawfile in /var/raw/metronet/2008/2008-01/2008-01-17/ft*. My goal here is to concat files of 2008-01-2007 and to apply a filter on srcaddr OR dstaddr. Moreover the result of that must be write on disk with ASCII-CSV. /opt/flowtools/bin/flow-cat /var/raw/metronet/2008/2008-01/2008-01-17/ft-v05.2008-01-17* | /opt/flowtools/bin/flow-filter -f /var/www/metronet/raw/test.acl -Srech -o -Drech | /opt/flowtools/bin/flow-export -f2 -m0xC383061 > /dev/shm/flow_export.csv le contenu de test.acl ip access-list standard rech permit xxx.xxx.xxx.xxx << (adresse IP que je recherche) I have made a shell script and a perl script to create CSV file and to insert result in a PGSQL database. When a launch command in terminal all is good and I haven't any error. But when I adapt this in a PHP script, I have a big segmentation fault (apparently on flow-export). The CSV file is create correctly but it not finish properly. See the apache message (error_log): 2555 Done /opt/flowtools/bin/flow-cat /var/raw/metronet/2008/2008-01/2008-01-17/ft-v05.2008-01-17* 2556 | /opt/flowtools/bin/flow-filter -f /var/www/metronet/raw/test.acl -Srech -o -Drech 2557 Segmentation fault | /opt/flowtools/bin/flow-export -f2 -m0xC383061 >/dev/shm/flow_export.csv [Thu Jan 17 11:34:30 2008] [error] [client 10.253.1.86] PHP Warning: pg_query() [<a href='function.pg-query'>function.pg-query</a>]: Query failed: ERROR: invalid input syntax for type inet: "209.1"\nCONTEXT: COPY tmp_gberna100p_17012008_113218, line 40700, column dstaddr: "209.1" in /var/www/metronet/recherche.php on line 599, referer: http://oss117.u-bordeaux2.fr/index.php When the file is write on hard disk, a SQL copy is launch by PHP script. Error precise a missing column or and invalid syntax. This is due to a csv file troncated. An tail -f on this CSV return: 1199919578,11,769,193.50.104.121,64.239.149.125,45407,25,6,0,0 1199919578,13,989,64.239.149.125,193.50.104.121,25,45407,6,0,0 1199919578,12,646,193.50.104.121,198.185.2.86,43956,25,6,0,0 1199919578,9,777,198.185.2.86,193.50.104.121,25,43956,6,0,0 1199919578,7,487,193.50.104.121,209.183. Below a look on my php script: $return=""; $outpout=array(); $cmdCSV = "/opt/flowtools/bin/flow-cat /var/raw/metronet/2008/2008-01/2008-01-17/ft-v05.2008-01-17* | /opt/flowtools/bin/flow-filter -f /var/www/metronet/raw/test.acl -Srech -o -Drech | /opt/flowtools/bin/flow-export -f2 -m0xC383061 > /dev/shm/flow_export.csv"; exec($cmdCSV,$outpout,$returne); exec("sync"); echo "<br>returne:".$returne."<br>"; print_r($outpout); // Ajout droit LECTURE/ECRITURE/EXECUTION pour proprietaire if (file_exists("/dev/shm/flow_export.csv")) { chmod("/dev/shm/flow_export.csv", 0755); } $SQLcopy = "COPY $nomTABLE (unix_secs,dpkts,doctets,srcaddr,dstaddr,srcport,dstport,prot,src_as,dst_as) FROM '/dev/shm/flow_export.csv' WITH DELIMITER AS ',' CSV HEADER"; $result_COPYtmp = pg_query ($id_connexion, $SQLcopy); I don't understand why these errors when I do with PHP and not inline terminal. So I have check php.ini to change like: max_execution_time = 3000 ; Maximum execution time of each script, in seconds max_input_time = 1200 ; Maximum amount of time each script may spend parsing request data memory_limit = 80M Can you help me? Créez votre adresse électronique [EMAIL PROTECTED] 1 Go d'espace de stockage, anti-spam et anti-virus intégrés.
_______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
