Se detiene el Ntop



  • Hola, desde hace varias semanas tengo el problema de que se detiene el Ntop, estaba en la versión 1.2.1, lo reinstale en varias ocasiones, pero igual se cuelga, buen instale la versión 1.2.2 y se cuelga de igual forma.  He probado todo desde que tiene varias horas se detiene.

    ¿Alguien tiene alguna sugerencia?

    Powerd103



  • Me pasaba lo mismo, aunque ya lo tengo andando ok.

    1.- mira en el pfsense gui status –> system logs --> pestaña system y busca donde cae el ntop, ¿que error da?

    2.- ¿tienes el bandwidthd funcionando a la vez?

    saludos
    juanjoA



  • como fue la cosa?



  • se sigue deteniendo, solo esta el ntop y nada, como no se cual sera el error aqui esta el systemlog.:

    Mar 31 21:11:43 check_reload_status: rc.linkup starting
    Mar 31 21:11:39 kernel: xl0: link state changed to UP
    Mar 31 21:11:37 kernel: xl0: link state changed to DOWN
    Mar 31 21:11:27 check_reload_status: rc.linkup starting
    Mar 31 21:11:24 kernel: xl0: link state changed to UP
    Mar 31 21:11:21 kernel: xl0: link state changed to DOWN
    Mar 31 11:38:16 kernel: fxp0: promiscuous mode disabled
    Mar 31 11:38:16 kernel: pid 824 (ntop), uid 0: exited on signal 11 (core dumped)
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683680256]: RRD: Throughput data collection: Thread running [p824]
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683680256]: RRD: Throughput data collection: Thread running [p824]
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683680256]: RRD: Throughput data collection: Thread starting [p824]
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683680256]: RRD: Throughput data collection: Thread starting [p824]
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683679744]: RRD: Data collection thread running [p824]
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683679744]: RRD: Data collection thread running [p824]
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683680256]: RRD: Started thread for throughput data collection
    Mar 31 10:20:14 ntop[824]: THREADMGMT[t683680256]: RRD: Started thread for throughput data collection
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683680000]: NPS(fxp0): pcapDispatch thread running [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683680000]: NPS(fxp0): pcapDispatch thread running [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683680000]: NPS(fxp0): pcapDispatch thread starting [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683680000]: NPS(fxp0): pcapDispatch thread starting [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683680000]: NPS(1): Started thread for network packet sniffing [fxp0]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683680000]: NPS(1): Started thread for network packet sniffing [fxp0]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683676160]: SFP: Fingerprint scan thread running [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683676160]: SFP: Fingerprint scan thread running [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683676416]: SIH: Idle host scan thread running [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683676416]: SIH: Idle host scan thread running [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683675904]: ntop RUNSTATE: RUN(4)
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683675904]: ntop RUNSTATE: RUN(4)
    Mar 31 10:20:04 ntop[824]: Note: Reporting device initally set to 0 [fxp0]
    Mar 31 10:20:04 ntop[824]: Note: Reporting device initally set to 0 [fxp0]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683679744]: RRD: Data collection thread starting [p824]
    Mar 31 10:20:04 ntop[824]: THREADMGMT[t683679744]: RRD: Data collection thread starting [p824]
    Mar 31 10:20:04 ntop[824]: Now running as requested user 'root' (0:0)
    Mar 31 10:20:04 ntop[824]: Now running as requested user 'root' (0:0)
    Mar 31 10:20:04 ntop[824]: INIT: Created pid file (/var/run/ntop.pid)
    Mar 31 10:20:04 ntop[824]: INIT: Created pid file (/var/run/ntop.pid)
    Mar 31 10:20:04 ntop[824]: SFLOW: no devices to initialize
    Mar 31 10:20:04 ntop[824]: SFLOW: no devices to initialize
    Mar 31 10:20:04 ntop[824]: THREADMGMT: RRD: Started thread (t683679744) for data collection
    Mar 31 10:20:04 ntop[824]: THREADMGMT: RRD: Started thread (t683679744) for data collection
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: DirPerms 0700
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: DirPerms 0700
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: umask 0066
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: umask 0066
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: rrdPath /var/db/ntop/rrd [dynamic/volatile]
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: rrdPath /var/db/ntop/rrd [dynamic/volatile]
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: rrdPath /var/db/ntop/rrd [normal]
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: rrdPath /var/db/ntop/rrd [normal]
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: hostsFilter
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: hostsFilter
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpDetail high
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpDetail high
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpMatrix no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpMatrix no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpASs no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpASs no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpInterfaces yes
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpInterfaces yes
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpHosts no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpHosts no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpSubnets no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpSubnets no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpFlows no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpFlows no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpDomains no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpDomains no
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpMonths 36 months by day
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpMonths 36 months by day
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpDays 90 days by hour
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpDays 90 days by hour
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpHours 72 hours by 300 seconds
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpHours 72 hours by 300 seconds
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpShortInterval 10 seconds
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpShortInterval 10 seconds
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpInterval 300 seconds
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: dumpInterval 300 seconds
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: Parameters:
    Mar 31 10:20:04 ntop[824]: RRD_DEBUG: Parameters:
    Mar 31 10:20:04 ntop[824]: RRD: Mask for new files is 0066
    Mar 31 10:20:04 ntop[824]: RRD: Mask for new files is 0066
    Mar 31 10:20:04 ntop[824]: RRD: Mask for new directories is 0700
    Mar 31 10:20:04 ntop[824]: RRD: Mask for new directories is 0700
    Mar 31 10:20:04 ntop[824]: RRD: Welcome to the RRD plugin
    Mar 31 10:20:04 ntop[824]: RRD: Welcome to the RRD plugin
    Mar 31 10:20:04 ntop[824]: NETFLOW: createNetFlowDevice created device 1
    Mar 31 10:20:04 ntop[824]: NETFLOW: createNetFlowDevice created device 1
    Mar 31 10:20:04 ntop[824]: Initializing device NetFlow-device.2 (1)
    Mar 31 10:20:04 ntop[824]: Initializing device NetFlow-device.2 (1)
    Mar 31 10:20:04 ntop[824]: NETFLOW: Black list initialized to ''
    Mar 31 10:20:04 ntop[824]: NETFLOW: Black list initialized to ''
    Mar 31 10:20:04 ntop[824]: NETFLOW: White list initialized to ''
    Mar 31 10:20:04 ntop[824]: NETFLOW: White list initialized to ''
    Mar 31 10:20:04 ntop[824]: NETFLOW: initializing deviceId=1
    Mar 31 10:20:04 ntop[824]: NETFLOW: initializing deviceId=1
    Mar 31 10:20:04 ntop[824]: Creating dummy interface, 'NetFlow-device.2'
    Mar 31 10:20:04 ntop[824]: Creating dummy interface, 'NetFlow-device.2'
    Mar 31 10:20:04 ntop[824]: NETFLOW: createNetFlowDevice(2)
    Mar 31 10:20:04 ntop[824]: NETFLOW: createNetFlowDevice(2)
    Mar 31 10:20:04 ntop[824]: NETFLOW: initializing '2' devices
    Mar 31 10:20:04 ntop[824]: NETFLOW: initializing '2' devices
    Mar 31 10:20:04 ntop[824]: NETFLOW: Welcome to the netFlow plugin
    Mar 31 10:20:04 ntop[824]: NETFLOW: Welcome to the netFlow plugin
    Mar 31 10:20:04 ntop[824]: CPACKET: no devices to initialize
    Mar 31 10:20:04 ntop[824]: CPACKET: no devices to initialize
    Mar 31 10:20:04 ntop[824]: CPACKET: Welcome to the cpacket plugin
    Mar 31 10:20:04 ntop[824]: CPACKET: Welcome to the cpacket plugin
    Mar 31 10:20:04 ntop[824]: Calling plugin start functions (if any)
    Mar 31 10:20:04 ntop[824]: Calling plugin start functions (if any)
    Mar 31 10:20:04 ntop[824]: SFLOW: Welcome to sFlow.(C) 2002-04 by Luca Deri
    Mar 31 10:20:04 ntop[824]: SFLOW: Welcome to sFlow.(C) 2002-04 by Luca Deri
    Mar 31 10:20:03 ntop[824]: RRD: Welcome to Round-Robin Databases. (C) 2002-07 by Luca Deri.
    Mar 31 10:20:03 ntop[824]: RRD: Welcome to Round-Robin Databases. (C) 2002-07 by Luca Deri.
    Mar 31 10:20:03 ntop[824]: Remote: Welcome to Remote. (C) 2006-07 by L.Deri
    Mar 31 10:20:03 ntop[824]: Remote: Welcome to Remote. (C) 2006-07 by L.Deri
    Mar 31 10:20:03 ntop[824]: PDA: Welcome to PDA. (C) 2001-2005 by L.Deri and W.Brock
    Mar 31 10:20:03 ntop[824]: PDA: Welcome to PDA. (C) 2001-2005 by L.Deri and W.Brock
    Mar 31 10:20:03 ntop[824]: NETFLOW: Welcome to NetFlow.(C) 2002-08 by Luca Deri
    Mar 31 10:20:03 ntop[824]: NETFLOW: Welcome to NetFlow.(C) 2002-08 by Luca Deri
    Mar 31 10:20:03 ntop[824]: LASTSEEN: Welcome to Host Last Seen. (C) 1999 by Andrea Marangoni
    Mar 31 10:20:03 ntop[824]: LASTSEEN: Welcome to Host Last Seen. (C) 1999 by Andrea Marangoni
    Mar 31 10:20:03 ntop[824]: ICMP: Welcome to ICMP Watch. (C) 1999-2005 by Luca Deri
    Mar 31 10:20:03 ntop[824]: ICMP: Welcome to ICMP Watch. (C) 1999-2005 by Luca Deri
    Mar 31 10:20:03 ntop[824]: CPACKET: Welcome to cPacket.(C) 2008 by Luca Deri
    Mar 31 10:20:03 ntop[824]: CPACKET: Welcome to cPacket.(C) 2008 by Luca Deri
    Mar 31 10:20:03 ntop[824]: Searching for plugins in /usr/local/lib/ntop/plugins
    Mar 31 10:20:03 ntop[824]: Searching for plugins in /usr/local/lib/ntop/plugins
    Mar 31 10:20:03 ntop[824]: WEB: ntop's web server is now processing requests
    Mar 31 10:20:03 ntop[824]: WEB: ntop's web server is now processing requests
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677440]: WEB: Server connection thread running [p824]
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677440]: WEB: Server connection thread running [p824]
    Mar 31 10:20:03 ntop[824]: Note: SIGPIPE handler set (ignore)
    Mar 31 10:20:03 ntop[824]: Note: SIGPIPE handler set (ignore)
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677440]: WEB: Server connection thread starting [p824]
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677440]: WEB: Server connection thread starting [p824]
    Mar 31 10:20:03 ntop[824]: Loading Plugins
    Mar 31 10:20:03 ntop[824]: Loading Plugins
    Mar 31 10:20:03 ntop[824]: Listening on [fxp0]
    Mar 31 10:20:03 ntop[824]: Listening on [fxp0]
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677440]: INITWEB: Started thread for web server
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677440]: INITWEB: Started thread for web server
    Mar 31 10:20:03 ntop[824]: INITWEB: Starting web server
    Mar 31 10:20:03 ntop[824]: INITWEB: Starting web server
    Mar 31 10:20:03 ntop[824]: INITWEB: Waiting for HTTP connections on port 3000
    Mar 31 10:20:03 ntop[824]: INITWEB: Waiting for HTTP connections on port 3000
    Mar 31 10:20:03 ntop[824]: INITWEB: Initialized socket, port 3000, address (any)
    Mar 31 10:20:03 ntop[824]: INITWEB: Initialized socket, port 3000, address (any)
    Mar 31 10:20:03 ntop[824]: INITWEB: Initializing TCP/IP socket connections for web server
    Mar 31 10:20:03 ntop[824]: INITWEB: Initializing TCP/IP socket connections for web server
    Mar 31 10:20:03 ntop[824]: INITWEB: Initializing web server
    Mar 31 10:20:03 ntop[824]: INITWEB: Initializing web server
    Mar 31 10:20:03 ntop[824]: SSL is present but https is disabled: use -W <https port="">for enabling it
    Mar 31 10:20:03 ntop[824]: SSL is present but https is disabled: use -W <https port="">for enabling it
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676928]: DNSAR(2): Address resolution thread running
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676928]: DNSAR(2): Address resolution thread running
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676416]: SIH: Idle host scan thread starting [p824]
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676416]: SIH: Idle host scan thread starting [p824]
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676672]: DNSAR(1): Address resolution thread running
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676672]: DNSAR(1): Address resolution thread running
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676160]: SFP: Fingerprint scan thread starting [p824]
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676160]: SFP: Fingerprint scan thread starting [p824]
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677184]: DNSAR(3): Address resolution thread running
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677184]: DNSAR(3): Address resolution thread running
    Mar 31 10:20:03 ntop[824]: Calling plugin start functions (if any)
    Mar 31 10:20:03 ntop[824]: Calling plugin start functions (if any)
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677184]: DNSAR(3): Started thread for DNS address resolution
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683677184]: DNSAR(3): Started thread for DNS address resolution
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676928]: DNSAR(2): Started thread for DNS address resolution
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676928]: DNSAR(2): Started thread for DNS address resolution
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676672]: DNSAR(1): Started thread for DNS address resolution
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676672]: DNSAR(1): Started thread for DNS address resolution
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676416]: SIH: Started thread for idle hosts detection
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676416]: SIH: Started thread for idle hosts detection
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676160]: SFP: Started thread for fingerprinting
    Mar 31 10:20:03 ntop[824]: THREADMGMT[t683676160]: SFP: Started thread for fingerprinting
    Mar 31 10:20:03 ntop[824]: Initializing external applications
    Mar 31 10:20:03 ntop[824]: Initializing external applications
    Mar 31 10:20:03 ntop[824]: Database support not compiled into ntop
    Mar 31 10:20:03 ntop[824]: Database support not compiled into ntop
    Mar 31 10:20:03 ntop[824]: IP2CC: …found 52395 lines
    Mar 31 10:20:03 ntop[824]: IP2CC: …found 52395 lines
    Mar 31 10:20:03 ntop[824]: IP2CC: Loading file '/usr/local/etc/ntop/p2c.opt.table.gz'
    Mar 31 10:20:03 ntop[824]: IP2CC: Loading file '/usr/local/etc/ntop/p2c.opt.table.gz'
    Mar 31 10:20:03 ntop[824]: IP2CC: Checking for IP address <-> Country Code mapping file
    Mar 31 10:20:03 ntop[824]: IP2CC: Checking for IP address <-> Country Code mapping file
    Mar 31 10:20:03 ntop[824]: ASN: ….Used 3780 KB of memory (12 per entry)
    Mar 31 10:20:03 ntop[824]: ASN: ….Used 3780 KB of memory (12 per entry)
    Mar 31 10:20:03 ntop[824]: ASN: …found 111435 lines
    Mar 31 10:20:03 ntop[824]: ASN: …found 111435 lines
    Mar 31 10:20:00 ntop[824]: ASN: Loading file '/usr/local/etc/ntop/AS-list.txt.gz'
    Mar 31 10:20:00 ntop[824]: ASN: Loading file '/usr/local/etc/ntop/AS-list.txt.gz'
    Mar 31 10:20:00 ntop[824]: ASN: Checking for Autonomous System Number table file
    Mar 31 10:20:00 ntop[824]: ASN: Checking for Autonomous System Number table file
    Mar 31 10:20:00 ntop[824]: THREADMGMT[t683675904]: Now running as a daemon
    Mar 31 10:20:00 ntop[824]: THREADMGMT[t683675904]: Now running as a daemon
    Mar 31 10:19:58 sshlockout[818]: sshlockout starting up
    Mar 31 10:19:58 sshlockout[818]: sshlockout starting up
    Mar 31 10:19:58 login: login on ttyv0 as root
    Mar 31 10:19:57 check_reload_status: check_reload_status is starting

    Gracias por la ayuda
    Powerd103</https></https>



  • Espero que no sea tarde (vacaciones)

    En mi caso lo que cambie para que no se me parara el ntop:

    • bandwidth instalado pero servicio parado
    • en el menu de configuración de ntop (no del pfsense, el de la pagina de ntop) quito el modo promiscuo de la interfaz de red. Creo que esto no me influye en la recolección de datos ya que esta interfaz es de todas formas la del gateway, asi que todo el trafico de la LAN pasa por aquí.

    Ya me cuentas
    Un saludo
    juanjoa
    maquina virtual pfsense 1.2.2


Log in to reply