[Nfdump-discuss] nftrack crashing with SEGV
netflow collecting and processing tools
Brought to you by:
phaag
Menu
▾
▴
[Nfdump-discuss] nftrack crashing with SEGV
|
From: Brian C. <b.c...@po...> - 2013-07-18 09:14:02
|
I am trying to get porttracker working with nfdump-1.6.10 and nfsen-1.3.6p1 under Ubuntu 12.04. nfdump is built using "./configure --enable-nfprofile --enable-nftrack" The web plugin fails because the portstat.txt file is not being created (although portstat24.txt is) Looking at strace of the nfsend-comm process, I see that it is running nftrack but it is terminating with a SEGV. Here is what happens if I run nftrack manually with the same set of arguments: $ gdb /usr/local/bin/nftrack GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04 Copyright (C) 2012 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-linux-gnu". For bug reporting instructions, please see: <http://bugs.launchpad.net/gdb-linaro/>... Reading symbols from /usr/local/bin/nftrack...done. (gdb) run -L local3 -M /var/nfsen/profiles-data/live/rtr1 -r nfcapd.201307180840 -d /var/ports-db -A -t 201307180840 -s -p -w /var/ports-db/portstat.txt Starting program: /usr/local/bin/nftrack -L local3 -M /var/nfsen/profiles-data/live/rtr1 -r nfcapd.201307180840 -d /var/ports-db -A -t 201307180840 -s -p -w /var/ports-db/portstat.txt [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/i386-linux-gnu/libthread_db.so.1". Skip unknown record type 7 Skip unknown record type 9 Program received signal SIGSEGV, Segmentation fault. 0x080588a2 in Insert_Extension_Map (extension_map_list=0x8088fe0, map=0xb710b044) at nfx.c:268 268 *(extension_map_list->last_map) = l; (gdb) bt #0 0x080588a2 in Insert_Extension_Map (extension_map_list=0x8088fe0, map=0xb710b044) at nfx.c:268 #1 0x0804a4bc in process (filter=<optimized out>) at ../extra/nftrack/nftrack.c:223 #2 main (argc=16, argv=0xbffff734) at ../extra/nftrack/nftrack.c:400 (gdb) So I've now rebuilt with --enable-devel. This gives slightly more info on running: $ /usr/local/bin/nftrack -L local3 -M /var/nfsen/profiles-data/live/rtr1 -r nfcapd.201307180840 -d /var/ports-db -A -t 201307180840 -s -p -w /var/ports-db/portstat.txt Process: '/var/nfsen/profiles-data/live/rtr1/2013/07/18/nfcapd.201307180840' Skip unknown record type 7 Skip unknown record type 9 Insert Extension Map: Extension Map: Map ID = 0 Map Size = 24 Ext Size = 8 ID 1, ext 4 = 2 byte input/output interface index ID 2, ext 6 = 2 byte src/dst AS number Extension info in slot 0 free Search if extension info exists in extension page_list Map not found in extension page list Segmentation fault A bit more gdb output: (gdb) print extension_map_list $1 = (extension_map_list_t *) 0x8088fe0 (gdb) print *extension_map_list $2 = {slot = {0x0 <repeats 65536 times>}, map_list = 0x0, last_map = 0x0, max_used = 0} (gdb) print extension_map_list->last_map $3 = (extension_info_t **) 0x0 So it's trying to indirect via a null pointer. I am only sending netflow v5 records from a Dynamips Cisco 7200. Finally, here is some output from nfdump: notice the error "Verify map id 0: ERROR: Expected 7 elements in map, but found 2!" $ nfdump -r /var/nfsen/profiles-data/live/rtr1/2013/07/18/nfcapd.201307180840 | head -23 Date first seen Duration Proto Src IP Addr:Port Dst IP Addr:Port Packets Bytes Flows Process: '/var/nfsen/profiles-data/live/rtr1/2013/07/18/nfcapd.201307180840' Insert exporter record in Slot: 1, Sysid: 1 SysID: 1, IP: 10.10.0.241, version: 5, ID: 0, Slot: 1 Insert sampler record for exporter at slot 1: Exporter SysID: 1, Generic Sampler: mode: 0, interval: 1 Insert Extension Map: Extension Map: Map ID = 0 Map Size = 24 Ext Size = 8 ID 1, ext 4 = 2 byte input/output interface index ID 2, ext 6 = 2 byte src/dst AS number Extension info in slot 0 free Search if extension info exists in extension page_list Map not found in extension page list Verify map id 0: ERROR: Expected 7 elements in map, but found 2! Insert extension into slot 0: 0x166670728 2013-07-18 08:33:54.561 10.072 TCP 10.10.0.98:80 -> 10.10.0.241:35956 7 2394 1 2013-07-18 08:33:54.561 10.072 TCP 10.10.0.241:35956 -> 10.10.0.98:80 9 1299 1 ... Regards, Brian. |
