Howdy, I'm trying to add a filter to exclude the traffic between a firewall and its management station, and have the following problem.
ntop.sh with the following line works just fine (without the surrounding double quotes): "additional_args='-U -a -o -P /home/ntop/ntop -m 192.168.8.0/24'" ntop.sh with the following line (again, without the surrounding double quotes) dies - logs below my sig: "additional_args='-U -a -o -P /home/ntop/ntop -m 192.168.8.0/24 -B not ((src host 192.168.8.2 and dst host 192.168.10.88) or (src host 192.168.10.88 and dst host 192.168.8.2))'" If I put more single quotes after -B, it dies an even worse death, talking about mismatched parens, and suchlike. Anyone have a clue for me? I'm running FreeBSD 6.0-RELEASE, ntop 3.2, from ports Kurt Apr 25 12:14:41 zntop ntop[51624]: CLEANUP[t147189248]: ntop caught signal 15 Apr 25 12:14:41 zntop ntop[51624]: THREADMGMT[t147189248]: ntop RUNSTATE: SHUTDOWN(7) Apr 25 12:14:41 zntop ntop[51624]: CLEANUP[t147189248] catching thread is unknown Apr 25 12:14:41 zntop ntop[51624]: CLEANUP: Running threads NPA SFP SIH WEB DNSAR1 NPS1 Apr 25 12:14:41 zntop ntop[51624]: THREADMGMT[t134613504]: NPA: network packet analyzer (packet pr ocessor) thread terminated [p51624] Apr 25 12:14:41 zntop ntop[51624]: THREADMGMT[t147185664]: DNSAR(1): Address resolution thread ter minated [p51624] Apr 25 12:14:41 zntop ntop[51624]: STATS: 892,356 packets received by filter on xl0 Apr 25 12:14:41 zntop ntop[51624]: STATS: 3,304 packets dropped (according to libpcap) Apr 25 12:14:41 zntop ntop[51624]: STATS: 0 packets dropped (by ntop) Apr 25 12:14:41 zntop kernel: xl0: promiscuous mode disabled Apr 25 12:14:41 zntop ntop[51624]: THREADMGMT[t147187200]: NPS(1,xl0): pcapDispatch thread termina ted [p51624] Apr 25 12:14:41 zntop ntop[51624]: CLEANUP: Locking purge mutex (may block for a little while) Apr 25 12:14:41 zntop ntop[51624]: CLEANUP: Locked purge mutex, continuing shutdown Apr 25 12:14:41 zntop ntop[51624]: CLEANUP: Continues (still running SFP SIH WEB) Apr 25 12:14:41 zntop ntop[51624]: FREE_HOST: Start, 2 device(s) Apr 25 12:14:41 zntop ntop[51624]: FREE_HOST: End, freed 1228 Apr 25 12:14:41 zntop ntop[51624]: FREE_HOST: Start, 2 device(s) Apr 25 12:14:41 zntop ntop[51624]: FREE_HOST: End, freed 0 Apr 25 12:14:41 zntop ntop[51624]: PLUGIN_TERM: Unloading plugins (if any) Apr 25 12:14:41 zntop ntop[51624]: LASTSEEN: Thanks for using LsWatch Apr 25 12:14:42 zntop ntop[51624]: LASTSEEN: Done Apr 25 12:14:42 zntop ntop[51624]: ICMP: Thanks for using icmpWatch Apr 25 12:14:42 zntop ntop[51624]: ICMP: Done Apr 25 12:14:42 zntop ntop[51624]: NETFLOW: Terminating NetFlow Apr 25 12:14:42 zntop ntop[51624]: NETFLOW: terminating device NetFlow-device.2 Apr 25 12:14:42 zntop ntop[51624]: NETFLOW: Thanks for using ntop NetFlow Apr 25 12:14:42 zntop ntop[51624]: NETFLOW: Done Apr 25 12:14:42 zntop ntop[51624]: RRD: Shutting down, locking mutex (may block for a little while ) Apr 25 12:14:42 zntop ntop[51624]: RRD: Locked mutex, continuing shutdown Apr 25 12:14:42 zntop ntop[51624]: THREADMGMT[t147189248]: RRD: killThread(rrdThread) succeeded Apr 25 12:14:42 zntop ntop[51624]: THREADMGMT[t147189248]: RRD: killThread(rrdTrafficThread) succe eded Apr 25 12:14:42 zntop ntop[51624]: THREADMGMT[t147189248]: RRD: Waiting 12 seconds for threads to stop Apr 25 12:14:48 zntop ntop[51624]: THREADMGMT[t134614528]: SIH: Idle host scan thread terminated [ p51624] Apr 25 12:14:49 zntop ntop[51624]: THREADMGMT[t134610944]: Main thread shutting down Apr 25 12:14:50 zntop ntop[51624]: THREADMGMT[t134614016]: SFP: Fingerprint scan thread terminated [p51624] Apr 25 12:14:50 zntop ntop[51624]: THREADMGMT[t147186176]: WEB: Server connection thread terminate d [p51624] Apr 25 12:14:50 zntop ntop[51624]: THREADMGMT[t147186688]: RRD: Data collection thread stopping [p 51624] State>RUN Apr 25 12:14:50 zntop ntop[51624]: THREADMGMT[t147186688]: RRD: Data collection thread terminated [p51624] Apr 25 12:14:54 zntop ntop[51624]: THREADMGMT[t147189248]: RRD: Plugin shutdown continuing Apr 25 12:14:54 zntop ntop[51624]: RRD: Thanks for using the rrdPlugin Apr 25 12:14:54 zntop ntop[51624]: RRD: Done Apr 25 12:14:55 zntop ntop[51624]: CLEANUP: Freeing device xl0 (idx=0) Apr 25 12:14:55 zntop ntop[51624]: CLEANUP: Freeing device NetFlow-device.2 (idx=1) Apr 25 12:14:55 zntop ntop[51624]: TERM: Removed pid file (/home/ntop/ntop/ntop.pid) Apr 25 12:14:55 zntop ntop[51624]: CLEANUP: Clean up complete Apr 25 12:14:55 zntop ntop[51624]: THREADMGMT[t147189248]: ntop RUNSTATE: TERM(8) Apr 25 12:14:55 zntop ntop[51624]: =================================== Apr 25 12:14:55 zntop ntop[51624]: ntop is shutdown... Apr 25 12:14:55 zntop ntop[51624]: =================================== Apr 25 12:15:02 zntop ntop[51726]: THREADMGMT[t134610944]: ntop RUNSTATE: PREINIT(1) Apr 25 12:15:02 zntop ntop[51726]: THREADMGMT[t134610944]: ntop RUNSTATE: INIT(2) Apr 25 12:17:59 zntop ntop[51736]: THREADMGMT[t134610944]: ntop RUNSTATE: PREINIT(1) Apr 25 12:17:59 zntop ntop[51736]: THREADMGMT[t134610944]: ntop RUNSTATE: INIT(2) _______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
