Nie jesteś zalogowany.
Jeśli nie posiadasz konta, zarejestruj je już teraz! Pozwoli Ci ono w pełni korzystać z naszego serwisu. Spamerom dziękujemy!
Prosimy o pomoc dla małej Julki — przekaż 1% podatku na Fundacji Dzieciom zdazyć z Pomocą.
Więcej informacji na dug.net.pl/pomagamy/.
Od wczoraj męcze się z instalacja ntop. uruchamiam
./configure
na prawach roota i wykrzacza mi się w tym miejscu
checking for RRD home... yes checking for main in -lrrd_th... no configure: error: Unable to find RRD at /usr/bin: please use --with-rrd-home=DIR
Rrdtool jest zainstalowany w /usr/bin
# which rrdtool /usr/bin/rrdtool
Ktoś ma jakiś pomysł jak to ugryźć?
Offline
aptitude install ntop
[deb]ntop[/deb]
Offline
dodałem repozytorium do
/etc/apt/sources.list
, mimo to aptitude widział tylko sntop, ściągnąłęm
ntop-data_4.0.3+dfsg1-3~bpo60+1_all.deb
i zaisntalowałem przez
dpkg
# ntop Thu Nov 3 11:43:05 2011 NOTE: Interface merge enabled by default Thu Nov 3 11:43:05 2011 Initializing gdbm databases Thu Nov 3 11:43:05 2011 ntop will be started as user nobody Thu Nov 3 11:43:05 2011 ntop v.4.0.3 (32 bit) Thu Nov 3 11:43:05 2011 Configured on Apr 13 2011 7:49:09, built on Apr 13 2011 07:49:44. Thu Nov 3 11:43:05 2011 Copyright 1998-2010 by Luca Deri <deri@ntop.org> Thu Nov 3 11:43:05 2011 Get the freshest ntop from http://www.ntop.org/ Thu Nov 3 11:43:05 2011 NOTE: ntop is running from 'ntop' Thu Nov 3 11:43:05 2011 NOTE: (but see warning on man page for the --instance parameter) Thu Nov 3 11:43:05 2011 NOTE: ntop libraries are in '/usr/lib/ntop' Thu Nov 3 11:43:05 2011 Initializing ntop Thu Nov 3 11:43:06 2011 Checking eth0 for additional devices Thu Nov 3 11:43:06 2011 Resetting traffic statistics for device eth0 Thu Nov 3 11:43:06 2011 Initializing device eth0 (0) Thu Nov 3 11:43:06 2011 DLT: Device 0 [eth0] is 1, mtu 1514, header 14 Thu Nov 3 11:43:06 2011 Initialized events [mask: 0][path: ] Thu Nov 3 11:43:06 2011 Initializing gdbm databases Thu Nov 3 11:43:06 2011 VENDOR: Loading MAC address table. Thu Nov 3 11:43:06 2011 VENDOR: Checking for MAC address table file Thu Nov 3 11:43:06 2011 VENDOR: File '/usr/share/ntop/specialMAC.txt' does not need to be reloaded Thu Nov 3 11:43:06 2011 VENDOR: ntop continues ok Thu Nov 3 11:43:06 2011 VENDOR: Checking for MAC address table file Thu Nov 3 11:43:06 2011 VENDOR: File '/usr/share/ntop/oui.txt' does not need to be reloaded Thu Nov 3 11:43:06 2011 VENDOR: ntop continues ok Thu Nov 3 11:43:06 2011 Fingerprint: Loading signature file Thu Nov 3 11:43:06 2011 Fingerprint: Checking for Fingerprint file... file Thu Nov 3 11:43:06 2011 Fingerprint: Loading file '/usr/share/ntop/etter.finger.os' Thu Nov 3 11:43:06 2011 Fingerprint: ...loaded 1765 records Thu Nov 3 11:43:06 2011 Database support not compiled into ntop Thu Nov 3 11:43:06 2011 Initializing external applications Thu Nov 3 11:43:06 2011 THREADMGMT[t3029703536]: SFP: Started thread for fingerprinting Thu Nov 3 11:43:06 2011 THREADMGMT[t3029703536]: SFP: Fingerprint scan thread starting [p1311] Thu Nov 3 11:43:06 2011 THREADMGMT[t3021310832]: SIH: Started thread for idle hosts detection Thu Nov 3 11:43:06 2011 THREADMGMT[t3021310832]: SIH: Idle host scan thread starting [p1311] Thu Nov 3 11:43:06 2011 THREADMGMT[t3012918128]: DNSAR(1): Started thread for DNS address resolution Thu Nov 3 11:43:06 2011 THREADMGMT[t3012918128]: DNSAR(1): Address resolution thread running Thu Nov 3 11:43:06 2011 THREADMGMT[t3004525424]: DNSAR(2): Started thread for DNS address resolution Thu Nov 3 11:43:06 2011 THREADMGMT[t3004525424]: DNSAR(2): Address resolution thread running Thu Nov 3 11:43:06 2011 THREADMGMT[t2996132720]: DNSAR(3): Started thread for DNS address resolution Thu Nov 3 11:43:06 2011 Calling plugin start functions (if any) Thu Nov 3 11:43:06 2011 THREADMGMT[t2996132720]: DNSAR(3): Address resolution thread running Thu Nov 3 11:43:06 2011 **ERROR** GeoIP: unable to load file GeoLiteCity.dat Thu Nov 3 11:43:06 2011 **ERROR** GeoIP: unable to load ASN file GeoIPASNum.dat Thu Nov 3 11:43:06 2011 SSL is present but https is disabled: use -W <https port> for enabling it Thu Nov 3 11:43:06 2011 INITWEB: Initializing web server Thu Nov 3 11:43:06 2011 INITWEB: Initializing TCP/IP socket connections for web server Thu Nov 3 11:43:06 2011 **ERROR** INITWEB: binding problem - 'Address already in use'(98) Thu Nov 3 11:43:06 2011 Check if another instance of ntop is running Thu Nov 3 11:43:06 2011 or if the current user (-u) can bind to the specified port Thu Nov 3 11:43:06 2011 **FATAL_ERROR** Binding problem, ntop shutting down... Thu Nov 3 11:43:06 2011 CLEANUP[t3062360880]: ntop caught signal 2 [state=2] Thu Nov 3 11:43:06 2011 ntop is now quitting...
nie może załadować dwóch plików i ma problem z zajętym portem (chyba) przez inną usługę.
Jak to naprawić?
Ostatnio edytowany przez pieniek88 (2011-11-03 11:54:26)
Offline
Jakie repozytorium dodałeś? Nie wiem jaką masz wersję Debiana, ale jeśli Squeeze, to ntop jest w backportach:
deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free
Offline
$ cat sources.list # # deb cdrom:[Debian GNU/Linux 6.0.3 _Squeeze_ - Official Snapshot i386 LIVE/INSTALL Binary 20111014-10:28]/ squeeze main deb cdrom:[Debian GNU/Linux 6.0.3 _Squeeze_ - Official Snapshot i386 LIVE/INSTALL Binary 20111014-10:28]/ squeeze main deb http://ftp.pl.debian.org/debian/ squeeze main deb-src http://ftp.pl.debian.org/debian/ squeeze main deb http://security.debian.org/ squeeze/updates main deb-src http://security.debian.org/ squeeze/updates main # squeeze-updates, previously known as 'volatile' deb http://ftp.pl.debian.org/debian/ squeeze-updates main deb-src http://ftp.pl.debian.org/debian/ squeeze-updates main deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free
aptitude search ntop p diveintopython - free Python book for experienced programme p diveintopython-zh - free Python book for experienced programme i sntop - A curses-based utility that polls hosts to
Offline
Dałeś
apt-get update
?
PS Wpis płyty możesz wyłączyć.
Offline
poszło, ale przy uruchamianiu pokazuje te same błędy
# ntop Thu Nov 3 12:06:09 2011 NOTE: Interface merge enabled by default Thu Nov 3 12:06:09 2011 Initializing gdbm databases Thu Nov 3 12:06:09 2011 ntop will be started as user nobody Thu Nov 3 12:06:09 2011 ntop v.4.0.3 (32 bit) Thu Nov 3 12:06:09 2011 Configured on Apr 13 2011 7:49:09, built on Apr 13 2011 07:49:44. Thu Nov 3 12:06:09 2011 Copyright 1998-2010 by Luca Deri <deri@ntop.org> Thu Nov 3 12:06:09 2011 Get the freshest ntop from http://www.ntop.org/ Thu Nov 3 12:06:09 2011 NOTE: ntop is running from 'ntop' Thu Nov 3 12:06:09 2011 NOTE: (but see warning on man page for the --instance parameter) Thu Nov 3 12:06:09 2011 NOTE: ntop libraries are in '/usr/lib/ntop' Thu Nov 3 12:06:09 2011 Initializing ntop Thu Nov 3 12:06:09 2011 No default device configured. Using eth0 Thu Nov 3 12:06:09 2011 Checking eth0 for additional devices Thu Nov 3 12:06:09 2011 Resetting traffic statistics for device eth0 Thu Nov 3 12:06:09 2011 Initializing device eth0 (0) Thu Nov 3 12:06:09 2011 DLT: Device 0 [eth0] is 1, mtu 1514, header 14 Thu Nov 3 12:06:09 2011 Initialized events [mask: 0][path: ] Thu Nov 3 12:06:09 2011 Initializing gdbm databases Thu Nov 3 12:06:09 2011 VENDOR: Loading MAC address table. Thu Nov 3 12:06:09 2011 VENDOR: Checking for MAC address table file Thu Nov 3 12:06:09 2011 VENDOR: File '/usr/share/ntop/specialMAC.txt' does not need to be reloaded Thu Nov 3 12:06:09 2011 VENDOR: ntop continues ok Thu Nov 3 12:06:09 2011 VENDOR: Checking for MAC address table file Thu Nov 3 12:06:09 2011 VENDOR: File '/usr/share/ntop/oui.txt' does not need to be reloaded Thu Nov 3 12:06:09 2011 VENDOR: ntop continues ok Thu Nov 3 12:06:09 2011 Fingerprint: Loading signature file Thu Nov 3 12:06:09 2011 Fingerprint: Checking for Fingerprint file... file Thu Nov 3 12:06:09 2011 Fingerprint: Loading file '/usr/share/ntop/etter.finger.os' Thu Nov 3 12:06:09 2011 Fingerprint: ...loaded 1765 records Thu Nov 3 12:06:09 2011 Database support not compiled into ntop Thu Nov 3 12:06:09 2011 Initializing external applications Thu Nov 3 12:06:09 2011 THREADMGMT[t3031055216]: SFP: Started thread for fingerprinting Thu Nov 3 12:06:09 2011 THREADMGMT[t3031055216]: SFP: Fingerprint scan thread starting [p1915] Thu Nov 3 12:06:09 2011 THREADMGMT[t3022662512]: SIH: Started thread for idle hosts detection Thu Nov 3 12:06:09 2011 THREADMGMT[t3022662512]: SIH: Idle host scan thread starting [p1915] Thu Nov 3 12:06:09 2011 THREADMGMT[t3014269808]: DNSAR(1): Started thread for DNS address resolution Thu Nov 3 12:06:09 2011 THREADMGMT[t3014269808]: DNSAR(1): Address resolution thread running Thu Nov 3 12:06:09 2011 THREADMGMT[t3005877104]: DNSAR(2): Started thread for DNS address resolution Thu Nov 3 12:06:09 2011 THREADMGMT[t3005877104]: DNSAR(2): Address resolution thread running Thu Nov 3 12:06:09 2011 THREADMGMT[t2997484400]: DNSAR(3): Started thread for DNS address resolution Thu Nov 3 12:06:09 2011 Calling plugin start functions (if any) Thu Nov 3 12:06:09 2011 THREADMGMT[t2997484400]: DNSAR(3): Address resolution thread running Thu Nov 3 12:06:09 2011 **ERROR** GeoIP: unable to load file GeoLiteCity.dat Thu Nov 3 12:06:09 2011 **ERROR** GeoIP: unable to load ASN file GeoIPASNum.dat Thu Nov 3 12:06:09 2011 SSL is present but https is disabled: use -W <https port> for enabling it Thu Nov 3 12:06:09 2011 INITWEB: Initializing web server Thu Nov 3 12:06:09 2011 INITWEB: Initializing TCP/IP socket connections for web server Thu Nov 3 12:06:09 2011 **ERROR** INITWEB: binding problem - 'Address already in use'(98) Thu Nov 3 12:06:09 2011 Check if another instance of ntop is running Thu Nov 3 12:06:09 2011 or if the current user (-u) can bind to the specified port Thu Nov 3 12:06:09 2011 **FATAL_ERROR** Binding problem, ntop shutting down... Thu Nov 3 12:06:09 2011 CLEANUP[t3063712560]: ntop caught signal 2 [state=2] Thu Nov 3 12:06:09 2011 ntop is now quitting...
Offline
pokaż
lsof -i :3000
i
dpkg -l |grep -i geo
*poprawka wyjaśniona w poście niżej ;)
Ostatnio edytowany przez winnetou (2011-11-03 12:35:02)
Offline
# lsof -i:3000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ntop 1899 ntop 1u IPv4 560369 0t0 TCP *:3000 (LISTEN)
dpkg -i |grep -i geo
nie działa. dpkg potrzebuje argumentu
# dpkg -i |grep -i geo dpkg: --install needs at least one package archive file argument
Offline
wróć miało być
dpkg -l |grep -i geo
A co do lsof - t już masz jedną instancję ntopa która zajmuje port 3000 skiluj ją i odpal jeszcze raz
Offline
dpkg -l | grep -i geo ii geoclue 0.12.0-1 Geographic information framework ii geoclue-hostip 0.12.0-1 Position server for GeoClue (hostip) ii geoclue-localnet 0.12.0-1 Position server for GeoClue (GPS) ii geoclue-manual 0.12.0-1 Position server for GeoClue (manual) ii geoclue-yahoo 0.12.0-1 Map and geocode server for GeoClue (Yahoo) ii geoip-database 1.4.7~beta6+dfsg-1 IP lookup command line tools that use the GeoIP library (country database) ii libgeoclue0 0.12.0-1 C API for GeoClue ii libgeoip1 1.4.7~beta6+dfsg-1 A non-DNS IP-to-country resolver library ii xserver-xorg-video-geode 2.11.9-7 X.Org X server -- Geode GX2/LX display driver
po skilowaniu tamtego procesu błąd dotyczący portu już nie występuje
Offline
Czyli geoip jest zainstalowane. Sprawdź czy masz te pliki:
GeoLiteCity.dat oraz GeoIPASNum.dat
aptitude install mlocate && updatedb && mlocate GeoLiteCity.dat && mlocate GeoIPASNum.dat
Offline
# aptitude install mlocate && updatedb && mlocate geoLiteCity.dat && mlocate GeoIPASNum.dat No packages will be installed, upgraded, or removed. 0 packages upgraded, 0 newly installed, 0 to remove and 5 not upgraded. Need to get 0 B of archives. After unpacking 0 B will be used. /usr/share/ntop/GeoLiteCity.dat /usr/share/ntop/GeoIPASNum.dat
wychodzi na to, że mam...
Ostatnio edytowany przez pieniek88 (2011-11-03 13:06:51)
Offline
to zapodaj jeszcze konfiga do ntopa albo spróbuj go uruchomić przez
strace ntop
Offline
strace ntop
zapętla się w tym momencie:
nanosleep({5, 0}, Thu Nov 3 13:15:25 2011 **ERROR** RRD: Disabled - unable to create base directory (err 13, /var/lib/ntop/rrd) 0xbfea5e00) = 0 time(NULL) = 1320322528 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322533 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322538 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322543 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322548 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322553 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322558 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322563 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322568 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322573 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322578 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322583 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322588 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322593 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322598 nanosleep({5, 0}, 0xbfea5e00) = 0 time(NULL) = 1320322603 nanosleep({5, 0},
gdzie szukać tego configa?
edit:
mimo errorów po wpisaniu w przeglądarkę localhost:3000 pojawia się ntop.
Czy brak tych plików w jakiś sposób ogranicza funkcjonalność programu?
Tak samo, czy
**ERROR** RRD: Disabled - unable to create base directory (err 13, /var/lib/ntop/rrd)
sprawi jakieś problemy?
Ostatnio edytowany przez pieniek88 (2011-11-03 13:53:42)
Offline
Brak plików czy też to że ich nie znajduje poskutkuje tylko tym (AFAIK) że nie będziesz miał odwzorowania IP <--> Kraj
Natomiast co do błędu to sprawdź z jakiego użytkownika działa ntop i czy ma prawa do zapisu do katalogu: /var/lib/ntop
Offline
Czegoś nie rozumiem w działaniu mojego systemu.
Po wpisaniu w konsolę na prawach root'a:
# ntop
wyskakuje błąd RRD i nie działaja wykresy.
lsof pokazuje:
# lsof -i:3000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ntop 3725 nobody 8u IPv4 202459 0t0 TCP *:3000 (LISTEN)
Po skilowaniu procesu i wpisaniu w konsole
# /etc/init.d/ntop start
wchodzę przez przeglądarkę no ntop'a i wszytsko działa, a lsof pokazuje
# lsof -i:3000 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME ntop 3797 ntop 1u IPv4 205972 0t0 TCP *:3000 (LISTEN)
Domyślam się, że chodzi o userów, ale proszę o dokładniejsze wyjaśnienie, dlaczego tak się dzieje.
Offline
Time (s) | Query |
---|---|
0.00009 | SET CHARSET latin2 |
0.00007 | SET NAMES latin2 |
0.00151 | SELECT u.*, g.*, o.logged FROM punbb_users AS u INNER JOIN punbb_groups AS g ON u.group_id=g.g_id LEFT JOIN punbb_online AS o ON o.ident='18.226.4.248' WHERE u.id=1 |
0.00100 | REPLACE INTO punbb_online (user_id, ident, logged) VALUES(1, '18.226.4.248', 1731648341) |
0.00076 | SELECT * FROM punbb_online WHERE logged<1731648041 |
0.00107 | DELETE FROM punbb_online WHERE ident='185.191.171.10' |
0.00105 | DELETE FROM punbb_online WHERE ident='3.215.59.93' |
0.00083 | SELECT topic_id FROM punbb_posts WHERE id=184848 |
0.00016 | SELECT id FROM punbb_posts WHERE topic_id=19990 ORDER BY posted |
0.00062 | SELECT t.subject, t.closed, t.num_replies, t.sticky, f.id AS forum_id, f.forum_name, f.moderators, fp.post_replies, 0 FROM punbb_topics AS t INNER JOIN punbb_forums AS f ON f.id=t.forum_id LEFT JOIN punbb_forum_perms AS fp ON (fp.forum_id=f.id AND fp.group_id=3) WHERE (fp.read_forum IS NULL OR fp.read_forum=1) AND t.id=19990 AND t.moved_to IS NULL |
0.00012 | SELECT search_for, replace_with FROM punbb_censoring |
0.00262 | SELECT u.email, u.title, u.url, u.location, u.use_avatar, u.signature, u.email_setting, u.num_posts, u.registered, u.admin_note, p.id, p.poster AS username, p.poster_id, p.poster_ip, p.poster_email, p.message, p.hide_smilies, p.posted, p.edited, p.edited_by, g.g_id, g.g_user_title, o.user_id AS is_online FROM punbb_posts AS p INNER JOIN punbb_users AS u ON u.id=p.poster_id INNER JOIN punbb_groups AS g ON g.g_id=u.group_id LEFT JOIN punbb_online AS o ON (o.user_id=u.id AND o.user_id!=1 AND o.idle=0) WHERE p.topic_id=19990 ORDER BY p.id LIMIT 0,25 |
0.00116 | UPDATE punbb_topics SET num_views=num_views+1 WHERE id=19990 |
Total query time: 0.01106 s |