Session tracking no longer works??
below I see two instances for -z
one shows disabled
the otherone shows enabled by default??
I ran it ntop -u daemon for testing purposes to verify this.
ntop version.....2.1.52
Built on.....11/14/02 09:50:25 AM
OS.....i686-pc-linux-gnu
Process Id.....18827
Command line
Started as....ntop
-u
daemon
Command line parameters are:
-a | --access-log-path.....(default) (nil)
-b | --disable-decoders.....(default) No
-c | --sticky-hosts.....(default) No
-d | --daemon.....No
-e | --max-table-rows.....(default) 128
-f | --traffic-dump-file.....(default) (nil)
-g | --track-local-hosts.....(default) Track all hosts
-o | --no-mac.....(default) Trust MAC Addresses
-i | --interface (effective).....(default) (nil)
-k | --filter-expression-in-extra-frame.....(default) No
-l | --pcap-log.....(default) (nil)
-m | --local-subnets (effective).....
-n | --numeric-ip-addresses.....(default) No
-p | --protocols.....(default) internal list
-q | --create-suspicious-packets.....(default) Disabled
-r | --refresh-time.....(default) 120
-s | --no-promiscuous.....(default) No
-t | --trace-level.....(default) 3
-u | --user.....daemon (uid=2, gid=2)
-z | --disable-sessions.....(default) No
-w | --http-server.....(default) Active, all interfaces, port 3000
-z | --disable-sessions.....(default) Enabled
-B | --filter-expression.....(default) none
-D | --domain.....localdomain
-E | --enable-external-tools.....(default) No
-F | --flow-spec.....(default) none
-K | --enable-debug.....(default) No
-L | --use-syslog.....daemon
-M | --no-interface-merge (effective).....(default) (Merging Interfaces) Yes
-N | --no-nmap (effective).....No (nmap will not be used)
-O | --pcap-file-path.....(default) /usr/local/var/ntop
-P | --db-file-path.....(default) /usr/local/var/ntop
-U | --mapper.....(default) (nil)
-W | --https-server.....Uninitialized
--throughput-chart-type.....(default) Area
--ignore-sigpipe.....(default) No
--ssl-watchdog.....(default) No
--dynamic-purge-limits.....(default) No
Note: (effective) means that this is the value after ntop has processed the parameter.
(default) means this is the default value, usually (but not always) set by a #define in globals.h.
Run time/Internal
External tool: lsof.....(no -E parameter): Disabled
External tool: nmap.....(no -E parameter): Disabled
Web server URL.....http://<any>:3000
SSL Web server (https://).....Not Active
GDBM version.....This is GDBM version 1.8.0, as of May 19, 1999.
OpenSSL Version.....OpenSSL 0.9.6b [engine] 9 Jul 2001
zlib version.....1.1.4
Protocol Decoders.....Enabled
Fragment Handling.....Enabled
Tracking only local hosts.....No
# IP Protocols Being Monitored.....17
# Protocol slots.....950
# IP Ports Being Monitored.....953
# Ports slots.....1906
# Handled SIGPIPE Errors.....0
# Handled HTTP Requests.....59
Host Memory Cache Size.....0
Devices (Network Interfaces).....1
Domain name (short).....localdomain
Packet queue
Queued to Process.....0
Maximum queue.....0
Host Hash counts
Actual Hash Size.....512
Stored hosts.....151 [29 %]
Purge idle hosts.....Enabled
Purged hosts.....0
Maximum hosts to purge per cycle.....512
NTOP_DEFAULT_MAXIMUM_IDLE_PURGE.....512
TCP Session counts
Sessions.....0
Max Num. Sessions.....0
Terminated.....0
Address counts
Current Queue.....0
Maximum Queued.....17
Total Queued.....71
Resolved with DNS.....6
Kept Numeric.....65
Found in Cache.....0
DNS responses sniffed.....0
Thread counts
Active.....5
Dequeue.....1
Children (active).....29
Directory (search) order
Data Files......<br>/usr/local/share/ntop<br>
Config Files......<br>/usr/local/etc/ntop<br>/etc<br>
Plugins....../plugins<br>/usr/local/lib/ntop/plugins<br>
Compile Time: ./configure
./configure parameters.....--no-create --no-recursion
Built on (Host).....i686-pc-linux-gnu
Built for (Target).....i686-pc-linux-gnu
compiler (cflags).....gcc -g -O2 -Wshadow -Wpointer-arith -Wmissing-prototypes -Wmissing-declarations -Wnested-externs -fPIC -DHAVE_CONFIG_H
include path.....-I/usr/include -I/usr/include -I/root/ntop-current/gdchart0.94c -I/root/ntop-current/gdchart0.94c/gd-1.8.3/libpng-1.2.4
system libraries.....-lpthread -lresolv -lnsl -lgd -lc -lm -lz -lssl -lpcap -lgdbm -lcrypto -ldl -lc -lc -lc -lcrypt -L/usr/lib -lpcap -L/usr/lib -lgdbm -L/root/ntop-current/gdchart0.94c -lgdchart -L/root/ntop-current/gdchart0.94c/gd-1.8.3/libpng-1.2.4 -lpng
install path...../usr/local
GNU C (gcc) version.....3.2 20020903 (Red Hat Linux 8.0 3.2-7) (3.2.0)
Compile Time: Debug settings in ntop.h
DEBUG.....no
ADDRESS_DEBUG.....no
DNS_DEBUG.....no
DNS_SNIFF_DEBUG.....no
FRAGMENT_DEBUG.....no
FTP_DEBUG.....no
GDBM_DEBUG.....no
HASH_DEBUG.....no
HOST_FREE_DEBUG.....no
HTTP_DEBUG.....no
LSOF_DEBUG.....no
MEMORY_DEBUG.....no
NETFLOW_DEBUG.....no
PACKET_DEBUG.....no
SEMAPHORE_DEBUG.....no
SESSION_TRACE_DEBUG.....no
SSLWATCHDOG_DEBUG.....no
STORAGE_DEBUG.....no
UNKNOWN_PACKET_DEBUG.....no
PRINT_ALL_SESSIONS.....no
PRINT_RETRANSMISSION_DATA.....no
FORK_CHILD_PROCESS.....yes (normal)
Compile Time: Debug settings in ntop.h
DEBUG.....no
ADDRESS_DEBUG.....no
DNS_DEBUG.....no
DNS_SNIFF_DEBUG.....no
FTP_DEBUG.....no
GDBM_DEBUG.....no
HASH_DEBUG.....no
HOST_FREE_DEBUG.....no
HTTP_DEBUG.....no
IDLE_PURGE_DEBUG.....no
MEMORY_DEBUG.....no
NETFLOW_DEBUG.....no
SEMAPHORE_DEBUG.....no
SESSION_TRACE_DEBUG.....no
STORAGE_DEBUG.....no
UNKNOWN_PACKET_DEBUG.....no
PRINT_ALL_SESSIONS.....no
PRINT_RETRANSMISSION_DATA.....no
FORK_CHILD_PROCESS.....yes (normal)
Compile Time: config.h
ASYNC_ADDRESS_RESOLUTION.....yes
CONFIGFILE_DIR - config file directory...../usr/local/etc/ntop
DATAFILE_DIR - data file directory...../usr/local/share/ntop
DBFILE_DIR - database file directory...../usr/local/var/ntop
DEBUG.....no
SUPPORT_SSLV3.....no
HAVE_ALLOCA_H.....present
HAVE_ARPA_INET_H.....present
HAVE_ARPA_NAMESER_H.....present
HAVE_BACKTRACE.....present
HAVE_CRYPT_H.....present
HAVE_CTIME_R.....present
HAVE_DIRENT_H.....present
HAVE_DLFCN_H.....present
HAVE_DL_H.....absent
HAVE_ERRNO_H.....present
HAVE_ETHERTYPE_H.....absent
HAVE_FCNTL_H.....present
HAVE_GDBM_H.....present
HAVE_GDCHART.....present
HAVE_GETIPNODEBYADDR.....absent
HAVE_GETOPT_LONG.....present
HAVE_IF_H.....absent
HAVE_INTxx_T Signed ints.....64 present, 32 present, 16 present,8 present
HAVE_U_INTxx_T Unsigned ints.....64 present, 32 present, 16 present,8 present
HAVE_LIBC.....present
HAVE_LIBC_R.....absent
HAVE_LIBDL.....present
HAVE_LIBGDBM.....present
HAVE_LIBKSTAT.....absent
HAVE_LIBNSL.....present
HAVE_LIBPCAP.....present
HAVE_LIBPOSIX4.....absent
HAVE_LIBPTHREAD.....present
HAVE_LIBPTHREADS.....absent
HAVE_LIBRESOLV.....present
HAVE_LIBSOCKET.....absent
HAVE_LIBWRAP (TCP Wrappers).....absent
HAVE_LOCALTIME_R.....present
HAVE_NCURSES_H.....present
HAVE_NETDB_H.....present
HAVE_NETINET_IF_ETHER_H.....present
HAVE_NETINET_IN_H.....present
HAVE_NETINET_IN_SYSTM_H.....present
HAVE_NETINET_IP_H.....present
HAVE_NETINET_IP_ICMP_H.....present
HAVE_NETINET_TCP_H.....present
HAVE_NETINET_UDP_H.....present
HAVE_NET_BPF_H.....present
HAVE_NET_ETHERNET_H.....present
HAVE_NET_IF_H.....present
HAVE_OPENSSL.....present
HAVE_PTHREAD_H.....present
HAVE_PWD_H.....present
HAVE_READLINE.....absent
HAVE_READLINE_READLINE_H.....present
HAVE_REGEX.....present
HAVE_SCHED_H.....absent
HAVE_SECURITY_PAM_APPL_H.....present
HAVE_SEMAPHORE_H.....present
HAVE_SHADOW_H.....present
HAVE_SIGNAL_H.....absent
HAVE_SNPRINTF.....present
HAVE_STDIO_H.....present
HAVE_STDLIB_H.....present
HAVE_STRING_H.....present
HAVE_STRSEP.....absent
HAVE_STRTOK_R.....present
HAVE_SYSLOG_H / HAVE_SYS_SYSLOG_H.....present / present
HAVE_SYS_IOCTL.....absent
HAVE_SYS_LDR_H.....absent
HAVE_SYS_SCHED_H.....absent
HAVE_SYS_SELECT_H.....present
HAVE_SYS_SOCKET_H.....present
HAVE_SYS_SOCKIO_H.....absent
HAVE_SYS_STAT_H.....present
HAVE_SYS_TIME_H.....present
HAVE_SYS_TYPES_H.....present
HAVE_SYS_UN_H.....present
HAVE_SYS_WAIT_H.....present
HAVE_TCPD_H.....present
HAVE_UNISTD_H.....present
HAVE_ZLIB (HTTP gzip compression).....present
HAVE_ZLIB_H.....present
MULTITHREADED.....yes
YES_IGNORE_SIGPIPE.....no
USE_SSLWATCHDOG.....no
PARM_SSLWATCHDOG (derived).....yes
NEED_GETDOMAINNAME (getdomainname(2) function).....yes
NEED_INET_ATON.....no
NTOP_xxxxxx_ENDIAN (Hardware Endian).....little
PLUGIN_DIR (plugin file directory...../usr/local/lib/ntop/plugins
RUN_DIR (run file directory)...../usr/local/var/ntop
STDC_HEADERS (ANSI C header files).....yes
Compile Time: Switches, Limits, etc. (various #defines)
CGI Scripts.....globals.h: #define USE_CGI
Alternate row colors.....globals.h: #undef USE_COLOR
Buggy gethostbyaddr() - use alternate implementation.....globals.h: #undef USE_HOST
Chart Format.....globals-report.h: #define CHART_FORMAT ".png"
Bad IP Address table size.....globals.h: #define MAX_NUM_BAD_IP_ADDRESSES 3
Bad IP Address timeout (seconds).....ntop.h: #define NTOP_DEFAULT_BAD_ACCESS_TIMEOUT 300
Hosts Cache table size.....ntop.h: #define MAX_HOSTS_CACHE_LEN 512
Minimum refresh interval (seconds).....ntop.h: #define MIN_REFRESH_TIME 15
Maximum # of Protocols to show in graphs.....ntop.h: #define MAX_NUM_PROTOS 64
Maximum # of routers (Local Subnet Routers report).....ntop.h: #define MAX_NUM_ROUTERS 512
Maximum # of network interface devices.....ntop.h: #define MAX_NUM_DEVICES 32
Maximum # of processes for lsof report.....ntop.h: #define MAX_NUM_PROCESSES 1024
Maximum network size (hosts per interface).....ntop.h: #define MAX_SUBNET_HOSTS 1024
Allocated # of passive FTP sessions.....ntop.h: #define NUM_SESSION_INFO 384
Maximum # of passive FTP sessions (not used).....ntop.h: #define MAX_NUM_SESSION_INFO 768
Inactive passive FTP session timeout (seconds).....ntop.h: #define PASSIVE_SESSION_PURGE_TIMEOUT 60
Compile Time: Hash Table Sizes
Initial size.....ntop.h: #define HASH_INITIAL_SIZE 32
After 1st extend.....ntop.h: #define HASH_MINIMUM_SIZE 512
Intermediate increase factor.....ntop.h: #define HASH_INCREASE_FACTOR 2
Factor growth until.....ntop.h: #define HASH_FACTOR_MAXIMUM 4096
Then grow (linearly) by.....ntop.h: #define HASH_TERMINAL_INCREASE 4096
