View unanswered posts | View active topics It is currently Mon Jun 26, 2017 1:55 pm



Post new topic Reply to topic  [ 3 posts ] 
 xplico v1.1.0, (DEBUG)CLI Dispatcher 
Author Message

Joined: Wed Aug 10, 2016 7:05 am
Posts: 2
Reply with quote
Post xplico v1.1.0, (DEBUG)CLI Dispatcher
Hi,

first of all: thanks for this great tool, which is available for free.


My setup:

Ubuntu 14.04.4 LTS
xplico v.1.10 (from distro)
using config: xplico_cli_nc.cfg (without modifications)


My problem:

I am processing smallish (< 10 MB) pcaps with xplico in a (sequential) batch.
It can happen that one of them hangs (no crash) for whatever reason.
If I kill the process(es), xplico hangs for any subsequent run.
The only solution so far (because I do not know how to track this down to the actual lock), is to reboot the machine.

It hangs here (see log file belog):
12:36:37 [DISP]{c}-DEBUG: CLI Dispatcher


My question:

Have you any idea, besides killing all xplico-related processes, what else I have to do in addition?


Thanks and cheers,
Donald

$ cat tmp/xplico_2016_08_09.log
12:36:37 [CORE]{c}-STA: Modules dir: /opt/xplico/bin/modules
12:36:37 [CORE]{c}-STA: Tmp dir: tmp/xplico
12:36:37 [CORE]{c}-STA: Module ---> dis_pcapf.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_eth.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_ip_nocheck.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_ipv6.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_tcp_soft_nocheck.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_udp_nocheck.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_http.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_httpfd.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_tcp_grb.so log --> FEWITDS
12:36:37 [CORE]{c}-STA: Module ---> dis_udp_grb.so log --> FEWITDS
12:36:37 [CORE]{c}-WARNING: dissector 'eth' dependence 'pol->pol.layer1' not found
12:36:37 [CORE]{c}-WARNING: dissector 'eth' dependence 'llc->llc.type' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'llc->llc.type' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'sll->sll.protocol' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'ppp->ppp.protocol' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'ppp->ppp.protocol' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'pol->pol.layer1' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'pol->pol.layer1' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'vlan->vlan.type' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'chdlc->chdlc.protocol' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'gtp->gtp.msg' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'null->null.family' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ip' dependence 'null->udp.dstport' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ipv6' dependence 'llc->llc.type' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ipv6' dependence 'sll->sll.protocol' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ipv6' dependence 'ppp->ppp.protocol' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ipv6' dependence 'ppp->ppp.protocol' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ipv6' dependence 'pol->pol.layer1' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ipv6' dependence 'vlan->vlan.type' not found
12:36:37 [CORE]{c}-WARNING: dissector 'ipv6' dependence 'chdlc->chdlc.protocol' not found
12:36:37 [CORE]{c}-INFO: 'pcapf' stack frame size: 112b with 3 info
12:36:37 [CORE]{c}-INFO: 'eth' stack frame size: 96b with 2 info
12:36:37 [CORE]{c}-INFO: 'ip' stack frame size: 128b with 4 info
12:36:37 [CORE]{c}-INFO: 'ipv6' stack frame size: 128b with 4 info
12:36:37 [CORE]{c}-INFO: 'tcp' stack frame size: 144b with 5 info
12:36:37 [CORE]{c}-INFO: 'udp' stack frame size: 96b with 2 info
12:36:37 [CORE]{c}-INFO: 'http' stack frame size: 144b with 5 info
12:36:37 [CORE]{c}-INFO: 'httpfd' stack frame size: 64b with 0 info
12:36:37 [CORE]{c}-INFO: 'tcp-grb' stack frame size: 64b with 0 info
12:36:37 [CORE]{c}-INFO: 'udp-grb' stack frame size: 64b with 0 info
12:36:37 [DISP]{c}-DEBUG: CLI Dispatcher


Mon Aug 15, 2016 11:48 am
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 391
Reply with quote
Post Re: xplico v1.1.0, (DEBUG)CLI Dispatcher
Hi Donald,
Xplico from cli has one limitation, you can launch one instance for time, and before to start another you have to wait the completion of the previous. This why when you start xplico start a set of applications (see configuration file) and the specific cli dispatcher (the dispatcher used only when xplico is started from cli) is used by all these application. This dispatcher to synchronize the output uses a semaphore (IPC). If for some reasons (many xplico instances, or crash) this semaphore is locked then any new start of xplico stop (wait) the execution waiting the semaphore unlock.

Before to start xplico remove the file /dev/shm/sem.xplico_kml_sem if it is present (normally must not be present).

I suppose that this is the reasons of what you see.

In any case if your pcap generates issue (=>bug) on xplico, can you share the pcap? obviously privately.

Ciao.
Gianluca


Wed Aug 17, 2016 9:18 am
Profile WWW

Joined: Wed Aug 10, 2016 7:05 am
Posts: 2
Reply with quote
Post Re: xplico v1.1.0, (DEBUG)CLI Dispatcher
Hi Gianluca,

perfect, thank you. Exactly what I was looking for. I adjusted my scripts accordingly.

Right now, there are no issues with the pcaps themselves; but if I encounter one causing xplico to crash/hang I glady share it with you.

Cheers,
Donald


Wed Aug 17, 2016 10:46 am
Profile
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by Vjacheslav Trushkin for Free Forums/DivisionCore.