search

CESNET / LiST

Security Tools as a Service
4 stars 3 forks source link

TRAP multi-file read errors #10

Closed rickhg12hs closed 4 years ago

rickhg12hs commented 4 years ago

This may not be the best place to report this, but I'm using the vagrant machine built from here so I'm confident this will be forwarded to the best place, if necessary.

There seems to be a problem reading multiple files in directory. For example

[vagrant@list-vagrant sf_vboxsf]$ ll my_UniRecs/
total 40
drwxrwx---. 1 root vboxsf 4096 Dec 12 16:49 ./
drwxrwx---. 1 root vboxsf 4096 Dec 12 16:42 ../
-rwxrwx---. 1 root vboxsf 3146 Nov  2  2018 lan_basic.201711261310*
-rwxrwx---. 1 root vboxsf 1485 Nov  2  2018 lan_dns.201711261310*
-rwxrwx---. 1 root vboxsf  787 Nov  2  2018 lan_http.201711261310*
-rwxrwx---. 1 root vboxsf 8913 Nov  2  2018 wan_basic.201711261310*
-rwxrwx---. 1 root vboxsf 1861 Nov  2  2018 wan_dns.201711261310*
-rwxrwx---. 1 root vboxsf  917 Nov  2  2018 wan_http.201711261310*
[vagrant@list-vagrant sf_vboxsf]$ traffic_repeater -v -i f:my_UniRecs/*,f:/dev/null
Info: Initializing traffic repeater...
VERBOSE: --------------- STATS --------------- 
VERBOSE: ------------- INPUT IFC ------------- 
VERBOSE: IFC[0]: recv buf: 1, msg: 37.
VERBOSE: ------------- OUTPUT IFC ------------ 
VERBOSE: IFC[0]: sent buf: 0, msg: 37, drop msg: 0, flush: 0.
VERBOSE: ------------------------------------- 
ERROR: FILE IFC[0]: unable to open file "my_UniRecs/lan_dns.20171126131010" in mode "r". Possible reasons: non-existing file, bad permission, file can not be opened in this mode.
Error: trap_recv() returned 14 (INPUT FILE IFC[0]: Unable to open next file.)
Info: Flows received:                36
Info: Flows sent:                    36
Info: Timeouts:                       0
Info: Time elapsed:               0.013s
VERBOSE: Output ifc 0: Setting autoflush timeout to 18446744073709551615.
VERBOSE: Output ifc 0: Setting timeout to 100000.

It appears that part of the file globbing isn't null terminating a string somewhere.

[vagrant@list-vagrant sf_vboxsf]$ \ls -1 my_UniRecs/
lan_basic.201711261310
lan_dns.201711261310
lan_http.201711261310
wan_basic.201711261310
wan_dns.201711261310
wan_http.201711261310

See how the second filename got trashed?

Also, ...

[vagrant@list-vagrant sf_vboxsf]$ traffic_repeater -v -i f:my_UniRecs/lan_basic.201711261310,f:/dev/null
Info: Initializing traffic repeater...
Info: Final record received, terminating repeater...
Info: Flows received:                37
Info: Flows sent:                    37
Info: Timeouts:                       0
Info: Time elapsed:               0.016s
VERBOSE: Output ifc 0: Setting autoflush timeout to 18446744073709551615.
VERBOSE: Output ifc 0: Setting timeout to 100000.

Why are the flows received/sent +1 from the example above? Where did the extra flow come from?

Ref: CESNET/Nemea-Framework#137

rickhg12hs commented 4 years ago

Fixed with https://github.com/CESNET/Nemea-Framework/pull/153