Re: Troubles with Bro
"dan (ddp)" wrote: > On Wed, Oct 9, 2019 at 2:06 PM Predrag Punosevac > wrote: > > > > Hi Ports, > > > > I am fully aware that this is very late in a release cycle so hopefully > > this works as expected on 6.6 which I didn't test > > > > iris# uname -a > > OpenBSD iris.int.autonsys.com 6.5 GENERIC.MP#5 amd64 > > iris# syspatch -l > > 001_rip6cksum > > 002_srtp > > 003_mds > > 004_bgpd > > 005_libssl > > 006_tcpsack > > 007_smtpd > > 008_swapgs > > 009_resume > > 010_frag6ecn > > 011_expat > > 012_sysupgrade > > 013_unbound > > 014_dhcpd > > > > iris# /usr/local/bin/broctl deploy > > checking configurations ... > > bro scripts failed. > > error in /usr/local/share/bro/base/protocols/dce-rpc/./main.bro, line > > 51: "redef" used but not previously defined (DPD::ignore_violations) > > > > > > Notice that I only change the name of the interface in > > /etc/bro/node.cfg per /usr/local/share/doc/pkg-readmes/bro > > > > iris# /usr/local/bin/broctl start > > Warning: broctl node config has changed (run the broctl "deploy" > > command) > > starting bro ... > > Error: bro terminated immediately after starting; check output with > > "diag" > > > > iris# /usr/local/bin/broctl status > > Warning: broctl node config has changed (run the broctl "deploy" > > command) > > Name Type Host StatusPidStarted > > bro standalone localhost stopped > > > > > > > > iris# /usr/local/bin/broctl diag > > Warning: broctl node config has changed (run the broctl "deploy" > > command) > > [bro] > > > > No core file found and egdb is not installed. It is recommended to > > install egdb so that BroControl can output a backtrace if Bro crashes. > > > > Bro 2.6.4 > > OpenBSD 6.5 > > > > Bro plugins: (none found) > > > > No reporter.log > > > > stderr.log > > error in /usr/local/share/bro/base/protocols/dce-rpc/./main.bro, line > > 51: "redef" used but not previously defined (DPD::ignore_violations) > > > > stdout.log > > max memory size (kbytes, -m) unlimited > > data seg size (kbytes, -d) 33554432 > > core file size (blocks, -c) unlimited > > > > .cmdline > > -i em0 -U .status -p broctl -p broctl-live -p standalone -p local -p bro > > local.bro broctl broctl/standalone broctl/auto > > > > .env_vars > > PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/sbin:/usr/local/bin > > BROPATH=/var/spool/bro/installed-scripts-do-not-touch/site::/var/spool/bro/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site > > CLUSTER_NODE= > > > > .status > > TERMINATED [atexit] > > > > No prof.log > > > > No packet_filter.log > > > > No loaded_scripts.log > > > > > > > > Also > > > > Cron /usr/local/bin/broctl cron > > > > Error: cannot start bro; check output of "diag" > > Error: env: bash: No such file or directory > > > > starting bro ... > > > > This used to work as expected in 6.4 I shut down my installation as I > > didn't need at that time but I now needed badly. I will upgrade to 6.6 > > as soon as it is released. > > > > I've had similar errors after upgrading the package. I usually have to > uninstall and re-install it. > Copying the configuration out of etc and replacing it after the > re-install has worked fine for me. > I haven't had time to look into the issue at all, so I don't have any > clues as to why it actually happens. > Sure enough uninstalling and re-installing fixed for me as well. Thank you so much for quick heads-up. Predrag > > > > Best, > > Predrag > > > >
Re: Troubles with Bro
On Wed, Oct 9, 2019 at 2:06 PM Predrag Punosevac wrote: > > Hi Ports, > > I am fully aware that this is very late in a release cycle so hopefully > this works as expected on 6.6 which I didn't test > > iris# uname -a > OpenBSD iris.int.autonsys.com 6.5 GENERIC.MP#5 amd64 > iris# syspatch -l > 001_rip6cksum > 002_srtp > 003_mds > 004_bgpd > 005_libssl > 006_tcpsack > 007_smtpd > 008_swapgs > 009_resume > 010_frag6ecn > 011_expat > 012_sysupgrade > 013_unbound > 014_dhcpd > > iris# /usr/local/bin/broctl deploy > checking configurations ... > bro scripts failed. > error in /usr/local/share/bro/base/protocols/dce-rpc/./main.bro, line > 51: "redef" used but not previously defined (DPD::ignore_violations) > > > Notice that I only change the name of the interface in > /etc/bro/node.cfg per /usr/local/share/doc/pkg-readmes/bro > > iris# /usr/local/bin/broctl start > Warning: broctl node config has changed (run the broctl "deploy" > command) > starting bro ... > Error: bro terminated immediately after starting; check output with > "diag" > > iris# /usr/local/bin/broctl status > Warning: broctl node config has changed (run the broctl "deploy" > command) > Name Type Host StatusPidStarted > bro standalone localhost stopped > > > > iris# /usr/local/bin/broctl diag > Warning: broctl node config has changed (run the broctl "deploy" > command) > [bro] > > No core file found and egdb is not installed. It is recommended to > install egdb so that BroControl can output a backtrace if Bro crashes. > > Bro 2.6.4 > OpenBSD 6.5 > > Bro plugins: (none found) > > No reporter.log > > stderr.log > error in /usr/local/share/bro/base/protocols/dce-rpc/./main.bro, line > 51: "redef" used but not previously defined (DPD::ignore_violations) > > stdout.log > max memory size (kbytes, -m) unlimited > data seg size (kbytes, -d) 33554432 > core file size (blocks, -c) unlimited > > .cmdline > -i em0 -U .status -p broctl -p broctl-live -p standalone -p local -p bro > local.bro broctl broctl/standalone broctl/auto > > .env_vars > PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/sbin:/usr/local/bin > BROPATH=/var/spool/bro/installed-scripts-do-not-touch/site::/var/spool/bro/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site > CLUSTER_NODE= > > .status > TERMINATED [atexit] > > No prof.log > > No packet_filter.log > > No loaded_scripts.log > > > > Also > > Cron /usr/local/bin/broctl cron > > Error: cannot start bro; check output of "diag" > Error: env: bash: No such file or directory > > starting bro ... > > This used to work as expected in 6.4 I shut down my installation as I > didn't need at that time but I now needed badly. I will upgrade to 6.6 > as soon as it is released. > I've had similar errors after upgrading the package. I usually have to uninstall and re-install it. Copying the configuration out of etc and replacing it after the re-install has worked fine for me. I haven't had time to look into the issue at all, so I don't have any clues as to why it actually happens. > > Best, > Predrag > >
Troubles with Bro
Hi Ports, I am fully aware that this is very late in a release cycle so hopefully this works as expected on 6.6 which I didn't test iris# uname -a OpenBSD iris.int.autonsys.com 6.5 GENERIC.MP#5 amd64 iris# syspatch -l 001_rip6cksum 002_srtp 003_mds 004_bgpd 005_libssl 006_tcpsack 007_smtpd 008_swapgs 009_resume 010_frag6ecn 011_expat 012_sysupgrade 013_unbound 014_dhcpd iris# /usr/local/bin/broctl deploy checking configurations ... bro scripts failed. error in /usr/local/share/bro/base/protocols/dce-rpc/./main.bro, line 51: "redef" used but not previously defined (DPD::ignore_violations) Notice that I only change the name of the interface in /etc/bro/node.cfg per /usr/local/share/doc/pkg-readmes/bro iris# /usr/local/bin/broctl start Warning: broctl node config has changed (run the broctl "deploy" command) starting bro ... Error: bro terminated immediately after starting; check output with "diag" iris# /usr/local/bin/broctl status Warning: broctl node config has changed (run the broctl "deploy" command) Name Type Host StatusPidStarted bro standalone localhost stopped iris# /usr/local/bin/broctl diag Warning: broctl node config has changed (run the broctl "deploy" command) [bro] No core file found and egdb is not installed. It is recommended to install egdb so that BroControl can output a backtrace if Bro crashes. Bro 2.6.4 OpenBSD 6.5 Bro plugins: (none found) No reporter.log stderr.log error in /usr/local/share/bro/base/protocols/dce-rpc/./main.bro, line 51: "redef" used but not previously defined (DPD::ignore_violations) stdout.log max memory size (kbytes, -m) unlimited data seg size (kbytes, -d) 33554432 core file size (blocks, -c) unlimited .cmdline -i em0 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto .env_vars PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/usr/sbin:/bin:/usr/bin:/usr/X11R6/bin:/usr/local/sbin:/usr/local/bin BROPATH=/var/spool/bro/installed-scripts-do-not-touch/site::/var/spool/bro/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site CLUSTER_NODE= .status TERMINATED [atexit] No prof.log No packet_filter.log No loaded_scripts.log Also Cron /usr/local/bin/broctl cron Error: cannot start bro; check output of "diag" Error: env: bash: No such file or directory starting bro ... This used to work as expected in 6.4 I shut down my installation as I didn't need at that time but I now needed badly. I will upgrade to 6.6 as soon as it is released. Best, Predrag
