Xplico.org
http://forum.xplico.org/

Xplico Console Mode is not working
http://forum.xplico.org/viewtopic.php?f=3&t=547
Page 1 of 1

Author:  00999p [ Thu Oct 24, 2013 7:53 am ]
Post subject:  Xplico Console Mode is not working

I am building xplico-1.0.1 from src on Ubuntu 12.04.

When I download latest version of nDPI and build xplico, some errors occur. I read the post viewtopic.php?f=3&t=535 and download the modified version of tcp_garbage.c and udp_garbage.c, there still some errors. It seems some nDPI interface has changed recently, so I tried checking out an older version of nDPI. After many times of tried, trunk -r 6400 version of nDPI can build the xplico successfully.

However, when I run it in console, the xplico stopped like this:
Code:
patwu@patwu-Lenovo-Product:~/testxplico$ ../xplico-1.0.1/xplico -m pcap -f xplico.org_sample_capture_images.pcap
xplico v1.0.1
Internet Traffic Decoder (NFAT).
See http://www.xplico.org for more information.

Copyright 2007-2012 Gianluca Costa & Andrea de Franceschi and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.
Configuration file (/opt/xplico/cfg/xplico_cli.cfg) found!


The program generate an empty /xdecode directory and a /tmp direcotry with a log file only.

The last several lines of the log:

Code:
15:13:11 [CORE]{c}-INFO: 'telnet' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'webmail' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'msn' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'paltalk' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'arp' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'paltalk_exp' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'radiotap' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'icmpv6' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'ppi' stack frame size: 68b with 1 info
15:13:11 [CORE]{c}-INFO: 'syslog' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'prism' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'tcp-grb' stack frame size: 52b with 0 info
15:13:11 [CORE]{c}-INFO: 'udp-grb' stack frame size: 52b with 0 info
15:13:11 [DISP]{c}-DEBUG: CLI Dispatcher


What is the problem? Is there anything wrong with my building process?

Author:  gianluca.costa [ Mon Oct 28, 2013 7:37 pm ]
Post subject:  Re: Xplico Console Mode is not working

Hi,
can you try to launch Xplico inside the source dir?
./xplico -m pcap -f ../testxplico/xplico.org_sample_capture_images.pcap

Ciao.
Gianluca

Author:  00999p [ Wed Nov 06, 2013 2:02 am ]
Post subject:  Re: Xplico Console Mode is not working

Thank you very much!

It works!

Page 1 of 1 All times are UTC
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
http://www.phpbb.com/