Re: [Nfsen-discuss] porttracker not producing graphs
Netflow visualisation and investigation tool
Brought to you by:
phaag
Menu
▾
▴
Re: [Nfsen-discuss] porttracker not producing graphs
|
From: Lambert H. <lam...@in...> - 2006-03-21 16:52:09
|
Peter Haag wrote: >-----BEGIN PGP SIGNED MESSAGE----- > > > >- --On March 20, 2006 20:45:47 +1200 Lambert Hoogeveen <lam...@in...> wrote: > >| Jean-Philippe Luiggi wrote: >| >| > On Sun, Mar 19, 2006 at 05:47:32PM +1200, Lambert Hoogeveen wrote: >| > >| > >| >> Hello, >| >> I have seen a similar post previously regarding this problem but can not >| >> find the answer to it... >| >> Software Versions: >| >> Fedora Core 4 >| >> RRDtool 1.2.12 >| >> Perl 5.8.6 >| >> NFDump 1.5 >| >> NFSen 1.2.4 >| >> PortTracker 1.5 >| >> No errors during compilation of any of those. >| >> I have done a complete re-install including deleting all data files, no fix. >| >> >| >> >| > >| > Hello, >| > >| > Do you use "PortTracker-v.e-1.5" ? >| > Did you check the various permissions on directories ? > >Graphs are generates bei GenPortGraph.pl. If it's an permission, or path problem, >maybe your apache log file knows more. > > - Peter > >| > >| > Best regards. >| > >| > >| > >| > >| Hi, thanks for responding. >| The version is 1.5, as stated in my original post. >| I've thought about permissions but do not know where else to look, everything >| seems OK. >| The PortTracker RRD's are created in "/data/nfsen/porttracker" like so: >| /data/nfsen/porttracker >| [root@athlon porttracker]# ls -l >| total 8570896 >| -rw-r--r-- 1 apache apache 3145740 Mar 20 19:53 ports.stat >| -rw-r--r-- 1 apache apache 552 Mar 20 20:38 portstat24.txt >| -rw-r--r-- 1 apache apache 526 Mar 20 19:53 portstat.txt >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-0.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-10.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-11.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-12.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-13.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-14.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-15.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-16.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-17.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-18.rrd >| -rw-r--r-- 1 apache apache 22815064 Mar 20 19:53 tcp-bytes-19.rrd >| <lot's more RRD files> >| >| Apache is the user configured in the "nfsen.conf" file and the apache "httpd.conf". >| Any suggestions where I need to check permissions other than "/data/nfsen/porttracker/"? >| BTW, NFSen itself works just fine. >| >| Regards, >| Lambert >| > > > >- -- >_______ SWITCH - The Swiss Education and Research Network ______ >Peter Haag, Security Engineer, Member of SWITCH CERT >PGP fingerprint: D9 31 D5 83 03 95 68 BA FB 84 CA 94 AB FC 5D D7 >SWITCH, Limmatquai 138, CH-8001 Zurich, Switzerland >E-mail: pet...@sw... Web: http://www.switch.ch/ >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v1.2.4 (Darwin) > >iQCVAwUBRB5tCf5AbZRALNr/AQGTGQP/YuHI4ErzT0t0aM7uMd6qxEl2T23A62bb >Zf9XnLG28X0zvS81LHH1woCRJgnRRUFxOys0IdkxRNTfI4NK9DA8g7S4aVpaYuzJ >11jVdwZ8mBGi82dfnv/kwTOxIIBCpC8luIIbRJ0D5rOKwCiPHrOruj8mUuchlD5Q >sgwcRZ0B1GI= >=uCh4 >-----END PGP SIGNATURE----- > > > > > Hello Peter, I have checked the Apache access_log and error_log and noticed the following: When clicking on the PortTracker plugin tab, the following is recorded in the error_log: [client 10.247.10.100] PHP Notice: Undefined index: 0_skip in /var/www/html/nfsen/plugins/PortTracker.php on line 95, referer: http://10.247.10.100/nfsen/nfsen.php?tab=6 [client 10.247.10.100] PHP Notice: Undefined index: 0_skip in /var/www/html/nfsen/plugins/PortTracker.php on line 99, referer: http://10.247.10.100/nfsen/nfsen.php?tab=6 [client 10.247.10.100] PHP Notice: Undefined index: 0_skip in /var/www/html/nfsen/plugins/PortTracker.php on line 266, referer: http://10.247.10.100/nfsen/nfsen.php?tab=6 At the same time in the access_log: 10.247.10.100 - - [21/Mar/2006:22:44:35 +1200] "GET /nfsen/rrdgraph.php?prog=1&arg=tcp+flows+0+0+0+1142672700+1142759100+0-65535-65534-65533-65532-65531-65530-65529-65528-65527+-+- HTTP/1.1" 200 42 "http://10.247.10.100/nfsen/nfsen.php?tab=6" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920" Any idea's? Regards, Lambert |
