View unanswered posts | View active topics It is currently Mon Sep 25, 2017 2:20 am



Post new topic Reply to topic  [ 6 posts ] 
 Error Opening File 
Author Message

Joined: Thu Jul 13, 2017 9:33 pm
Posts: 3
Reply with quote
Post Error Opening File
Hi.
I'm running ubuntu 16.04 and I just installed xplico (1.2.0) as per the instructions on the download page, but when I try to run xplico from the command line I run into an "Error Opening File." For example:

Code:
xplico -m rltm -i eth0
xplico v1.2.0
Internet Traffic Decoder (NFAT).
See http://www.xplico.org for more information.

Copyright 2007-2017 Gianluca Costa & Andrea de Franceschi and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.
Limits not changed
Configuration file (/opt/xplico/cfg/xplico_cli.cfg) found!
Error Opening file
Error Opening file
...


I have run
Code:
sudo chmod -R 777 /opt/xplico

and
Code:
sudo xplico -m rltm -i eth0

thinking that this is a permissions issue, but I get the same output.

I can launch the web interface, but I don't think that xplico is decoding the pcap files properly. Perhaps I am not waiting long enough there (a few minutes)?

Thanks for the help!

P.S. As a side note, I'm trying to use xplico to live (that is, in close to real time) render all html pages transmitted over HTTP on a local area network that will probably not see more than 100 requests a minute. Will xplico even be able to decode the pcap files quickly enough for this?


Mon Jul 17, 2017 2:49 pm
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: Error Opening File
Hi,
xplico (as application) is running well also with these errors. The errors are not from xplico but from the manipulators that are defined in the configuration file (in your case /opt/xplico/cfg/xplico_cli.cfg). All the manipulators don't find the GeoIP DB in the first two default path and so they give these errors (I have to improve the error message).

Using xplico as application the data extracted are saved on "xdecode" directory therefore you can not visualize the data on the web interface.

About your question 100 connections/min can be decoded by xplico without problem.

Best regards


Sat Jul 22, 2017 12:56 pm
Profile WWW

Joined: Thu Jul 13, 2017 9:33 pm
Posts: 3
Reply with quote
Post Re: Error Opening File
Thanks for replying.

Perhaps that error is not my issue then, but I still am not able to use xplico as I expect that I should be able to.

For example, I have been trying to view the decoded html pages as per the example pcap files (specifically Images in HTTP from http://wiki.xplico.org/doku.php?id=pcap:pcap). When using the web interface I am not able to see any entries in site (or any) part of the case dialog and the following occurs when I run xplico from the command line.

Code:
sudo xplico -m pcap -f xplico.org_sample_capture_images.pcap
xplico v1.2.0
Internet Traffic Decoder (NFAT).
See http://www.xplico.org for more information.

Copyright 2007-2017 Gianluca Costa & Andrea de Franceschi and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

This product includes GeoLite data created by MaxMind, available from http://www.maxmind.com/.
Limits changed
Configuration file (/opt/xplico/cfg/xplico_cli.cfg) found!
Error Opening file
Error Opening file
Error Opening file
Error Opening file
Error Opening file
Error Opening file
Error Opening file
Error Opening file
Manipulator webymsg error
Dispatch to manipulator initialization error


Is there something that I can do to remedy this?

Thanks!


Mon Jul 24, 2017 8:11 pm
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: Error Opening File
Hi,
if you launch xplico from cli you can not use the web interface, because xplico from cli doesn't put the data decoded in the DB used by the web user interface.
This is the issue.

Can you explain me what is your goal?... in this way I can try to propose you a way to use xplico for your purpose.

Ciao.
Gianluca


Tue Jul 25, 2017 4:51 pm
Profile WWW

Joined: Thu Jul 13, 2017 9:33 pm
Posts: 3
Reply with quote
Post Re: Error Opening File
Hi Gianluca,
I would like to listen to all packet copies forwarded by a router I control and then reconstruct all html files over http such that I can open them with a browser and the elements (images, stylesheets, etc.) of the pages will load as well. I tried to do this with bro, but the reconstructed file names aren't what the html pages expect. This entire process must be automated. I'm trying to display the pages that people request on an open wifi network on a few screens as an installation to inform them about how their information can be used online.

It would be sufficient for me to run the xplico service live and write a script to harvest the decoded files from the sqlite database, but I can't event get the service to work as described in the wiki pages.

For example,
I run
Code:
service xplico start
service xplico status

with the following output
Code:
● xplico.service - Xplico
   Loaded: loaded (/usr/lib/systemd/system/xplico.service; disabled; vendor preset: enabled)
   Active: active (running) since Tue 2017-07-25 12:18:25 CDT; 4s ago
  Process: 3719 ExecStart=/opt/xplico/bin/dema -d /opt/xplico -b sqlite (code=exited, status=0/SUCCESS)
 Main PID: 3722 (dema)
   CGroup: /system.slice/xplico.service
           └─3722 /opt/xplico/bin/dema -d /opt/xplico -b sqlite

Jul 25 12:18:25 listen-OptiPlex-9020 systemd[1]: Starting Xplico...
Jul 25 12:18:25 listen-OptiPlex-9020 systemd[1]: xplico.service: PID file /var/run/dema.pid not readable (yet?) after start: No such file or directory
Jul 25 12:18:25 listen-OptiPlex-9020 systemd[1]: Started Xplico.


And, as described above, when I try to even just decode a pcap file, the "site" tab is not populated.

Thanks for the help!


You do not have the required permissions to view the files attached to this post.


Tue Jul 25, 2017 5:20 pm
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: Error Opening File
Hi jobob,
do you have installed using the deb package or from the source?
Give me the time (I'm very busy), after your response to reproduce the problem and find the bug/solution.

Ciao.
Gianluca


Sat Jul 29, 2017 8:12 am
Profile WWW
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 6 posts ] 


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by Vjacheslav Trushkin for Free Forums/DivisionCore.