Googling about indicates that a lot of people have problems getting gd2 to compile under Tiger. It certainly took me a few attempts, and I have some doubts about the quality of the result. Note: I am an infrastructure engineer, not a programmer, and I have no illusions that expertise in one area translates to expertise in another: it is entirely possible that I have compiled something inherently broken.
If no one can suggest a way forward, I appear to have two options: reload my spare Powerbook with Panther, and run ntop 3.1, or get ntop going under Solaris (which was, as I recall, simple 6 years ago). For various reasons I would prefer to get a stable build on Tiger, and I am prepared to expend some effort on that (and document the results, if it is deemed helpful), if someone can suggest a way forward.
Hoping to hear from you soon....
rgds
Melodie
On 1/14/06, Burton Strauss <[EMAIL PROTECTED]
> wrote:
(1) The shared versions of libgd can be odd beasties. I'd suggest working from the source so that whatever type of dynamic library it finds during compile on your machine is in fact the same one it should find at run time. Otherwise, what you are really trying to do is to replicate the machine configuration of whomever packaged the binary software...(2) Nope, that's a dumb way to do things. Pretty generally it's a dumb idea and with ntop especially so. ntop is explicitly constructed to shed privs - and trying to run as root past that point (-u root) merely ensures that databases (and 1000s of .rrd files if you get that far) will be created that the proper execution user can't write to later on. Always start with least priv and add only the minimum that you need.(3) There is no command line shutdown. There's no terminal to issue it, once ntop daemonizes... There are programs that eat SIGHUP to stop, we use sighup in it's other common metaphor - to cause loging of some status data. To shut down, just use things like wget http://127.0.0.1:3000/shutdown.html (to invoke the shutdown page).-----Burton
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Melodie Neal
Sent: Friday, January 13, 2006 3:18 PM
To: [email protected]
Subject: Re: [Ntop-dev] Problem with Mac version of NtopHi Burton
For some reason I don't have libgd.so.2. I have libgd.2.0.0.dylib and libgd.dylib, and quite a few other library files which came along with gd2, but not the one ntop wants. I'll dig into gd2, and see if it really installed correctly.
I feel properly foolish over misreading the man page, which does indeed say "restart". Blame it on a long day spent loading too much software. However, I CANNOT stop ntop from the web browser: if I do, the whole machine crashes (see previous error messages). I can't send you a screen shot, because the OS hangs, and the "you must restart" message appears. The only thing that works after that is the OFF switch. I've never seen my Mac get into that state before.
I know that running ntop as root is a dumb idea: I was pursuing the "get it going as root and then get it going as a less privileged user" approach.
So I have two problems: can't find libgd.so.2, and ntop will not stop properly. The two don't seem related. What exactly does the web browser do when you try to use it to stop ntop? What is the equivalent that I can run from the command line, so I can try to work out what is going wrong? I presume it should close the databases gracefully, and then stop ntop. At what point is it hosing my operating system?
I'll tinker with this some more later in the day.
rgds
Melodie
On 1/14/06, Burton Strauss <[EMAIL PROTECTED]> wrote:It looks like two problems - missing libgd and a user error...ntop will run if it can't find libgd, but it won't be able to create the graphical pages - which are most of the interesting ones...The error messages from the second run:Fri Jan 13 17:48:27 2006 **ERROR** ....open of /usr/local/ntop-3.2/var/ntop/prefsCache.db failed: File open error
Fri Jan 13 17:48:27 2006 Possible solution: please use '-P <directory>'Usually mean pretty much what they says... ntop wasn't able to open prefsCache.db. If that is the directory you expect ntop to be using, then check the permissions.Smack yourself. Because when you did this:Ntop continues to run:
Melodie-Neals-Computer:/usr/local/ntop-3.2/var/ntop melodie$ ntop -AIt wasn't ntop continuing to run, it was YOU starting ntop a second time and with a different parameter set... Oh, and not starting as root (sudo remember), which would explain why you couldn't open the .db file.So really, you haven't shown us any problems here. You started ntop and it reached it's normal working point:Fri Jan 13 17:44:19 2006 THREADMGMT[t2684415336]: ntop RUNSTATE: RUN(4)At that point you should be able to connect to the web server, see data, etc. So, other than not being able to load libgd (which is something you need to fix, probably via seting LD_LIBRARY_PATH before invoking ntop), what's wrong???BTW:(1) Shutting ntop down via kill is suboptimal. Best way is to connect to the internal web server and use the shutdown command.(2) Running as -u root is a bad idea.-----Burton
From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Melodie Neal
Sent: Friday, January 13, 2006 1:31 AM
To: [email protected]
Subject: [Ntop-dev] Problem with Mac version of NtopGentlebeings
I have a Powerbook running Mac OS 10.4.3, with the latest patches. I have installed Ntop and (I believe) all the bits of additional software which it requires. I don't seem to be able to stop Ntop cleanly: it crashes my machine. Sequence of events is as follows.....
Ntop appears to start normally, apart from a gd error. The web server can be accessed, and data is collected and displayed. I have gd2 2.0.33-2 installed.
The contents of the startup file are:
-u root -i en0 -w 3000 -P /usr/local/ntop-3.2/var/ntop
Melodie-Neals-Computer:~ melodie$ sudo ntop @ntop_startup
Processing file ntop_startup for parameters...
Fri Jan 13 17:44:05 2006 NOTE: Interface merge enabled by default
Fri Jan 13 17:44:05 2006 Initializing gdbm databases
Fri Jan 13 17:44:05 2006 ntop v.3.2
Fri Jan 13 17:44:05 2006 Configured on Oct 22 2005 11:51:47, built on Oct 22 2005 11:55:17.
Fri Jan 13 17:44:05 2006 Copyright 1998-2005 by Luca Deri < [EMAIL PROTECTED]>
Fri Jan 13 17:44:05 2006 Get the freshest ntop from http://www.ntop.org/
Fri Jan 13 17:44:05 2006 NOTE: ntop is running from '/usr/local/ntop- 3.2/bin'
Fri Jan 13 17:44:05 2006 NOTE: (but see warning on man page for the --instance parameter)
Fri Jan 13 17:44:05 2006 Initializing ntop
Fri Jan 13 17:44:05 2006 Checking en0 for additional devices
Fri Jan 13 17:44:05 2006 Resetting traffic statistics for device en0
Fri Jan 13 17:44:05 2006 DLT: Device 0 [en0] is 1, mtu 1514, header 14
Fri Jan 13 17:44:05 2006 Initializing gdbm databases
Fri Jan 13 17:44:05 2006 VENDOR: Loading MAC address table.
Fri Jan 13 17:44:05 2006 VENDOR: Checking for MAC address table file
Fri Jan 13 17:44:05 2006 VENDOR: Loading newer file '/usr/local/ntop-3.2/etc/ntop/specialMAC.txt.gz'
Fri Jan 13 17:44:05 2006 VENDOR: ...found 61 lines
Fri Jan 13 17:44:05 2006 VENDOR: ...loaded 59 records
Fri Jan 13 17:44:05 2006 VENDOR: Checking for MAC address table file
Fri Jan 13 17:44:05 2006 VENDOR: Loading newer file '/usr/local/ntop-3.2/etc/ntop/oui.txt.gz'
Fri Jan 13 17:44:05 2006 VENDOR: ...found 48541 lines
Fri Jan 13 17:44:05 2006 VENDOR: ...loaded 7853 records
Fri Jan 13 17:44:05 2006 Fingeprint: Loading signature file.
Fri Jan 13 17:44:05 2006 Fingeprint: ...loaded 1697 records
Fri Jan 13 17:44:05 2006 ASN: Checking for Autonomous System Number table file
Fri Jan 13 17:44:05 2006 **WARNING** ASN: Unable to open file 'AS-list.txt'
Fri Jan 13 17:44:05 2006 I18N: This instance of ntop does not support multiple languages
Fri Jan 13 17:44:05 2006 IP2CC: Checking for IP address <-> Country Code mapping file
Fri Jan 13 17:44:05 2006 IP2CC: Loading file '/usr/local/ntop-3.2/etc/ntop/p2c.opt.table.gz'
Fri Jan 13 17:44:06 2006 IP2CC: ...found 52395 lines
Fri Jan 13 17:44:06 2006 GDVERCHK: Guessing at libgd version
Fri Jan 13 17:44:06 2006 **WARNING** GDVERCHK: Unable to load gd, message is 'dlopen(libgd.so, 2): image not found'
Fri Jan 13 17:44:06 2006 GDVERCHK: ... as 2.x
Fri Jan 13 17:44:06 2006 Initializing external applications
Fri Jan 13 17:44:06 2006 THREADMGMT[t50852864]: NPA: network packet analyzer (packet processor) thread running [p279]
Fri Jan 13 17:44:06 2006 THREADMGMT[t50852864]: NPA: Started thread for network packet analyzer
Fri Jan 13 17:44:06 2006 THREADMGMT[t50803712]: SFP: Fingerprint scan thread starting [p279]
Fri Jan 13 17:44:06 2006 THREADMGMT[t50803712]: SFP: Started thread for fingerprinting
Fri Jan 13 17:44:06 2006 THREADMGMT[t50362880]: SIH: Idle host scan thread starting [p279]
Fri Jan 13 17:44:06 2006 THREADMGMT[t50362880]: SIH: Started thread for idle hosts detection
Fri Jan 13 17:44:06 2006 THREADMGMT[t50334208]: DNSAR(1): Address resolution thread running [p279]
Fri Jan 13 17:44:06 2006 THREADMGMT[t50334208]: DNSAR(1): Started thread for DNS address resolution
Fri Jan 13 17:44:06 2006 Calling plugin start functions (if any)
Fri Jan 13 17:44:06 2006 SSL is present but https is disabled: use -W <https port> for enabling it
Fri Jan 13 17:44:06 2006 INITWEB: Initializing web server
ntop startup - waiting for user response!
Please enter the password for the admin user:
Please enter the password again:
Fri Jan 13 17:44:18 2006 Admin user password has been set
Fri Jan 13 17:44:18 2006 INITWEB: Initializing tcp/ip socket connections for web server
Fri Jan 13 17:44:18 2006 INITWEB: Initialized socket, port 3000, address (any)
Fri Jan 13 17:44:18 2006 INITWEB: Waiting for HTTP connections on port 3000
Fri Jan 13 17:44:18 2006 INITWEB: Starting web server
Fri Jan 13 17:44:18 2006 THREADMGMT[t51689472]: INITWEB: Started thread for web server
Fri Jan 13 17:44:18 2006 Listening on [en0]
Fri Jan 13 17:44:18 2006 Loading Plugins
Fri Jan 13 17:44:18 2006 THREADMGMT[t51689472]: WEB: Server connection thread starting [p279]
Fri Jan 13 17:44:18 2006 Note: SIGPIPE handler set (ignore)
Fri Jan 13 17:44:18 2006 THREADMGMT[t51689472]: WEB: Server connection thread running [p279]
Fri Jan 13 17:44:18 2006 WEB: ntop's web server is now processing requests
Fri Jan 13 17:44:18 2006 Searching for plugins in /usr/local/ntop-3.2/lib/ntop/plugins
Fri Jan 13 17:44:18 2006 ICMP: Welcome to ICMP Watch. (C) 1999-2005 by Luca Deri
Fri Jan 13 17:44:18 2006 LASTSEEN: Welcome to Host Last Seen. (C) 1999 by Andrea Marangoni
Fri Jan 13 17:44:18 2006 NETFLOW: Welcome to NetFlow.(C) 2002-05 by Luca Deri
Fri Jan 13 17:44:18 2006 PDA: Welcome to PDA. (C) 2001-2005 by L.Deri and W.Brock
Fri Jan 13 17:44:18 2006 RRD: Welcome to Round-Robin Databases. (C) 2002-04 by Luca Deri.
Fri Jan 13 17:44:18 2006 SFLOW: Welcome to sFlow.(C) 2002-04 by Luca Deri
Fri Jan 13 17:44:18 2006 SNMP: Welcome to SNMP. (C) 2004 by F.Fusco and G.Giardina
Fri Jan 13 17:44:18 2006 XMLDUMP: Welcome to XML data dump. (C) 2003-2004 by Burton Strauss
Fri Jan 13 17:44:19 2006 Calling plugin start functions (if any)
Fri Jan 13 17:44:19 2006 RRD: Welcome to the RRD plugin
Fri Jan 13 17:44:19 2006 RRD: Mask for new directories is 0700
Fri Jan 13 17:44:19 2006 RRD: Mask for new files is 0066
Fri Jan 13 17:44:19 2006 THREADMGMT: RRD: Started thread (t52116992) for data collection
Fri Jan 13 17:44:19 2006 Now running as requested user 'root' (0:0)
Fri Jan 13 17:44:19 2006 THREADMGMT[t52116992]: RRD: Data collection thread starting [p279]
Fri Jan 13 17:44:19 2006 INIT: Created pid file (/var/run/ntop.pid)
Fri Jan 13 17:44:19 2006 Note: Reporting device initally set to 0 [en0] (merged)
Fri Jan 13 17:44:19 2006 THREADMGMT[t2684415336]: ntop RUNSTATE: RUN(4)
Fri Jan 13 17:44:19 2006 THREADMGMT[t52118016]: NPS(1): Started thread for network packet sniffing
Fri Jan 13 17:44:19 2006 THREADMGMT[t50803712]: SFP: Fingerprint scan thread running [p279]
Fri Jan 13 17:44:19 2006 THREADMGMT[t50362880]: SIH: Idle host scan thread running [p279]
Fri Jan 13 17:44:19 2006 THREADMGMT[t52118016]: NPS(1,en0): pcapDispatch thread starting [p279]
Fri Jan 13 17:44:19 2006 THREADMGMT[t52118016]: NPS(1,en0): pcapDispatch thread running [p279]
Fri Jan 13 17:44:29 2006 RRD: Created base directory (/usr/local/ntop- 3.2/var/ntop/rrd)
Fri Jan 13 17:44:29 2006 RRD: Created directory (/usr/local/ntop-3.2/var/ntop/rrd/graphics)
Fri Jan 13 17:44:29 2006 RRD: Created directory (/usr/local/ntop-3.2/var/ntop/rrd/flows)
Fri Jan 13 17:44:29 2006 RRD: Created directory (/usr/local/ntop- 3.2/var/ntop/rrd/interfaces)
Fri Jan 13 17:44:29 2006 THREADMGMT[t52956160]: RRD: Started thread for throughput data collection
Fri Jan 13 17:44:29 2006 THREADMGMT[t52116992]: RRD: Data collection thread running [p279]
Fri Jan 13 17:44:29 2006 THREADMGMT[t52956160]: RRD: Throughput data collection: Thread starting [p279]
Fri Jan 13 17:44:29 2006 THREADMGMT[t52956160]: RRD: Throughput data collection: Thread running [p279]
Attempting to stop Ntop from another window appears to work, but in reality, Ntop continues to run:
Melodie-Neals-Computer:/usr/local/ntop-3.2/var/ntop melodie$ ntop -A
Fri Jan 13 17:48:27 2006 NOTE: Interface merge enabled by default
Fri Jan 13 17:48:27 2006 Initializing gdbm databases
Fri Jan 13 17:48:27 2006 **ERROR** ....open of /usr/local/ntop-3.2/var/ntop/prefsCache.db failed: File open error
Fri Jan 13 17:48:27 2006 Possible solution: please use '-P <directory>'
Fri Jan 13 17:48:27 2006 **FATAL_ERROR** GDBM open failed, ntop shutting down...
Fri Jan 13 17:48:27 2006 CLEANUP[t2684415336]: ntop caught signal 2
Fri Jan 13 17:48:27 2006 THREADMGMT[t2684415336]: ntop RUNSTATE: SHUTDOWN(7)
Fri Jan 13 17:48:27 2006 CLEANUP[t2684415336] catching thread is MAIN
Fri Jan 13 17:48:27 2006 CLEANUP: Running threads
Fri Jan 13 17:48:27 2006 CLEANUP: Locking purge mutex (may block for a little while)
Fri Jan 13 17:48:27 2006 CLEANUP: Locked purge mutex, continuing shutdown
Fri Jan 13 17:48:27 2006 CLEANUP: Continues
Fri Jan 13 17:48:27 2006 PLUGIN_TERM: Unloading plugins (if any)
Fri Jan 13 17:48:27 2006 CLEANUP: Clean up complete
Fri Jan 13 17:48:27 2006 THREADMGMT[t2684415336]: ntop RUNSTATE: TERM(8)
Fri Jan 13 17:48:27 2006 ===================================
Fri Jan 13 17:48:27 2006 ntop is shutdown...
Fri Jan 13 17:48:27 2006 ===================================
Melodie-Neals-Computer:/usr/local/ntop-3.2/var/ntop melodie$ ps -a
PID TT STAT TIME COMMAND
201 p1 Ss 0:00.02 login -pf melodie
202 p1 S 0:00.13 -bash
279 p1 S+ 0:02.01 ntop @ntop_startup
252 p2 Ss 0:00.02 login -pf melodie
253 p2 S 0:00.07 -bash
284 p2 R+ 0:00.01 ps -a
34 ?? S+ 0:00.00 /usr/libexec/ipfwloggerd
And the files in the <INSTALL>/var/ntop seem OK:
-rw-r--r-- 1 root wheel 12288 Jan 13 17:44 LsWatch.db
-rw-r--r-- 1 root wheel 12337 Jan 13 17:48 addressQueue.db
-rw-r--r-- 1 root wheel 12703 Jan 13 17:48 dnsCache.db
-rw-r--r-- 1 root wheel 230381 Jan 13 17:44 fingerprint.db
-rw-r--r-- 1 root wheel 1056990 Jan 13 17:44 macPrefix.db
-rw-r--r-- 1 root wheel 12546 Jan 13 17:44 ntop_pw.db
-rw-r--r-- 1 root wheel 12907 Jan 13 17:44 prefsCache.db
drwx------ 5 root wheel 170 Jan 13 17:44 rrd
Any attempt to force Ntop to stop, either with CTRL-C on the command line, or through the web interface crashes the machine completely, and on reboot I get this report:
Unresolved kernel trap(cpu 0): 0x300 - Data access DAR=0x0000000000000006 PC=0x00000000000ACDE0
Latest crash info for cpu 0:
Exception state (sv=0x2D721A00)
PC=0x000ACDE0; MSR=0x00009030; DAR=0x00000006; DSISR=0x40000000; LR=0x000AB718; R1=0x17903A60; XCP=0x0000000C (0x300 - Data access)
Backtrace:
0x000AB6D4 0x00271994 0x00118010 0x00108170 0x000FBC24 0x000F516C
0x0027CD4C 0x0027C9B8 0x002A9BF4 0x000ABE30 0x65793E43
Proceeding back via exception chain:
Exception state (sv=0x2D721A00)
previously dumped as "Latest" state. skipping...
Exception state (sv=0x2D859500)
PC=0x9001422C; MSR=0x0000D030; DAR=0x00545FFF; DSISR=0x40000000; LR=0x9B1276A0; R1=0xF0386D10; XCP=0x00000030 (0xC00 - System call)
Kernel version:
Darwin Kernel Version 8.3.0: Mon Oct 3 20:04:04 PDT 2005; root:xnu-792.6.22.obj~2/RELEASE_PPC
panic(cpu 0 caller 0xFFFF0003): 0x300 - Data access
Latest stack backtrace for cpu 0:
Backtrace:
0x00095698 0x00095BB0 0x0002683C 0x000A8304 0x000ABC80
Proceeding back via exception chain:
Exception state (sv=0x2D721A00)
PC=0x000ACDE0; MSR=0x00009030; DAR=0x00000006; DSISR=0x40000000; LR=0x000AB718; R1=0x17903A60; XCP=0x0000000C (0x300 - Data access)
Backtrace:
0x000AB6D4 0x00271994 0x00118010 0x00108170 0x000FBC24 0x000F516C
0x0027CD4C 0x0027C9B8 0x002A9BF4 0x000ABE30 0x65793E43
Exception state (sv=0x2D859500)
PC=0x9001422C; MSR=0x0000D030; DAR=0x00545FFF; DSISR=0x40000000; LR=0x9B1276A0; R1=0xF0386D10; XCP=0x00000030 (0xC00 - System call)
Kernel version:
Darwin Kernel Version 8.3.0: Mon Oct 3 20:04:04 PDT 2005; root:xnu-792.6.22.obj~2/RELEASE_PPC
Model: PowerBook5,6, BootROM 4.9.1f1, 1 processors, PowerPC G4 (1.2), 1.67 GHz, 1 GB
Graphics: ATI Mobility Radeon 9700, ATY,RV360M11, AGP, 64 MB
Memory Module: SODIMM0/J25LOWER, 1 GB, DDR SDRAM, PC2700U-25330
AirPort: AirPort Extreme, 402.6 (3.90.34.0.p13)
Modem: Jump, , V.92, Version 1.0,
Bluetooth: Version 1.6.6f22, 2 service, 1 devices, 1 incoming serial ports
Network Service: Built-in Ethernet, Ethernet, en0
PCI Card: TXN,PCIXXXX-00, cardbus, PC Card
Parallel ATA Device: MATSHITADVD-R UJ-835E,
Parallel ATA Device: ST9100823A, 93.16 GB
USB Device: Bluetooth HCI, , Up to 12 Mb/sec, 500 mA
USB Device: Apple Internal Keyboard/Trackpad, Apple Computer, Up to 12 Mb/sec, 500 mA
USB Device: Keyspan USA-19H, Keyspan, a division of InnoSys Inc., Up to 12 Mb/sec, 500 mA
And this corrupts one or more databases. If I remove all the files in /usr/local/ntop- 3.2/var/ntop, I can restart Ntop. Stopping Ntop with a kill -9 avoids the ugly crash, and does not corrupt the databases.
Is there any other information that I should supply? Has anyone else encountered this problem? For the record, my previous experience with Ntop was about 6 years ago, on Solaris, and things have moved on considerably with Ntop in the intervening years (you guys must have been busy)! If I have made some painfully obvious error, please tell me gently.
rgds
Melodie
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
_______________________________________________
Ntop-dev mailing list
[email protected]
http://listgateway.unipi.it/mailman/listinfo/ntop-dev
_______________________________________________ Ntop-dev mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop-dev
