Closed mhawkins-consultant closed 2 years ago
MatteoBiscosi
commented
2 years ago Hi @mhawkins-consultant , I already have a suspect, could you please right click ntopng page and click inspect? then go to the console tab and send me the errors/warnings there?
mhawkins-consultant
commented
2 years ago Hi Matteo,
I will most certainly try to provide to you what you have asked for but I have actually run into another issue. If you want me to open a new issue for it, I will certainly do that.
After recompiling ntopng many times (I estimate about 10-20 times), I ran 'make' in /opt/ntopng, and I am now seeing the following:
/usr/bin/ld: cannot find -lm collect2: error: ld returned 1 exit status make: *** [Makefile:138: ntopng] Error 1
Keep in mind, that the reason I was recompiling so many times was because I was trying use a process of elimination to figure out why I was getting the 'texty' login screen.
I have checked for the existence and correct symbolic links for libm:
[root@SATURN ~]# locate libm.so /usr/lib/libm.so /usr/lib64/libm.so /usr/lib64/libm.so.6
libm is provided by glibc, and if that was not installed then the compiler would not be getting to the linking stage anyway.
[root@SATURN ntopng]# dnf install glibc Last metadata expiration check: 0:19:20 ago on Mon 21 Feb 2022 11:06:11 AM EST. Package glibc-2.30-13.fc31.x86_64 is already installed. Dependencies resolved. Nothing to do.
I followed the instructions in README.compilation. And I successfully executed make many times to get a working ntopng each time. Now that it won't link, nothing had changed on the machine, no changes were made at all. The compilation/linking simply stopped working after 10-20 autogen, configure, make cycles.
I did read a comment in an online forum that said it was possible for the compiler/linker to run out of temp space. The suggestion referred to /usr/tmp. However, on my machine /usr/tmp does not seem to use much space at all.
As I said before, if you want me to repost the above to a new issue, I will happily do that.
Thanks for your help, /Mike
MatteoBiscosi
commented
2 years ago Hi @mhawkins-consultant unfortunately we do not support the Fedora OS, if you are able to reproduce this behavior with the distro we support, reopen the issue and we'll take a look at it
Environment:
Why am I presented with a "texty" (perhaps CSS-less) version of the login screen and I can't login either? Only way I could get away from the "texty" page was to recompile nDPI and ntopng.
History I installed and configured the prerequisites. I created an ntopng user and home directory and gave ownership and file write permissions to /home/ntopng/ntopng-data. I followed https://github.com/ntop/ntopng/blob/dev/doc/README.compilation Which included downloading and compiling nDPI and ntopng successfully. Was able to start it with: ntopng -d /home/ntopng/ntopng-data -r 127.0.0.1:6379@1 -w 3000 Was able to reach the login page and was able to login too. Note that the login page looks like a nice CSS based creation. See good-login-page.jpg
I then went to use the systemd script for starting/stopping enabling/disabling ntopng. First, the path to ntopng is wrong in: /etc/systemd/system/ntopng.service. That had to be fixed: ExecStart=/usr/bin/ntopng /run/ntopng.conf was changed to: ExecStart=/usr/local/bin/ntopng /run/ntopng.conf For testing, I also commented out: Restart=on-failure was changed to: #Restart=on-failure And then I refreshed systemd with: systemctl daemon-reload Clearly, there are no arguments provided on the ExecStart line. So all configuration items need to be in /etc/ntopng/ntopng.conf which does not exist. So I found an example at: /opt/ntopng/packages/etc/ntopng/ntopng.conf
I set the following options in: /etc/ntopng/ntopng.conf: -w=3000 -d=/home/ntopng/ntopng-data -r=127.0.0.1:6379@1
I then tried to start ntopng with systemctl start ntopng.service ntopng did start as seen below using: ps -ef | grep ntopng ntopng 25902 1 25 11:56 ? 00:01:09 /usr/local/bin/ntopng -d /home/ntopng/ntopng-data -r 127.0.0.1:6379@1 -w 3000
And now I can reach port 3000 but I am presented with a "texty" (probably CSS-less) version of the login page. And I cannot login either. See picture bad-login-page.jpg
I have followed the above compilation and configuration steps several times. And always, I can login and continue to login after multiple restarts of ntopng at the CLI. But as soon as I try to use systemd, the login page changes and I can't login anymore.
The only way I have found to recover is to recompile nDPI and ntopng. Then it works as expected except if I try to use systemd and then I am back to the 'texty' looking page and can't login either.
Debug information below:
Output from "journalctl -u ntopng": Feb 18 12:26:31 SATURN.home systemd[1]: Starting ntopng high-speed web-based traffic monitoring and analysis tool... Feb 18 12:26:31 SATURN.home sh[27968]: /bin/sh: /usr/bin/ntopng-utils-manage-config: No such file or directory Feb 18 12:26:31 SATURN.home systemd[1]: Started ntopng high-speed web-based traffic monitoring and analysis tool. Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Prefs.cpp:1249] ntopng will use redis 127.0.0.1@1 Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Ntop.cpp:3269] Added Local Network 127.0.0.0/8 Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Ntop.cpp:3269] Added Local Network fe80::/10 Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Redis.cpp:157] Successfully connected to redis 127.0.0.1:6379@1 Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Redis.cpp:157] Successfully connected to redis 127.0.0.1:6379@1 Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [NetworkInterface.cpp:3228] Cleanup interface dummy Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [PcapInterface.cpp:93] Reading packets from [id: 1] Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Ntop.cpp:2545] Registered interface enp0s3 [id: 1] Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [PcapInterface.cpp:93] Reading packets from [id: 2] Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Ntop.cpp:2545] Registered interface lo [id: 2] Feb 18 12:26:31 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [main.cpp:337] PID stored in file /var/run/ntopng.pid Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Geolocation.cpp:149] Loaded database GeoLite2-City.mmdb [/usr/share/GeoIP/GeoLite2-Ci> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Geolocation.cpp:149] Loaded database GeoLite2-ASN.mmdb [/usr/share/ntopng/httpdocs/ge> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:31 [Geolocation.cpp:64] Using geolocation provided by MaxMind (https://maxmind.com) Feb 18 12:26:32 SATURN.home ntopng[27976]: [MacManufacturers.cpp:54] ERROR: Unable to read /usr/share/ntopng/httpdocs/other/EtherOUI.txt Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [MacManufacturers.cpp:54] ERROR: Unable to read /usr/share/ntopng/httpdocs/other/Ether> Feb 18 12:26:32 SATURN.home ntopng[27976]: [Ntop.cpp:2936] WARNING: Unable to load trackers file /usr/share/ntopng/httpdocs/other/trackers.txt Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:2936] WARNING: Unable to load trackers file /usr/share/ntopng/httpdocs/other> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [HTTPserver.cpp:1405] HTTPS Disabled: missing SSL certificate /usr/share/ntopng/httpdo> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [HTTPserver.cpp:1407] Please read https://github.com/ntop/ntopng/blob/dev/doc/README.S> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [HTTPserver.cpp:1682] Web server dirs [/usr/share/ntopng/httpdocs][/usr/local/share/nt> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [HTTPserver.cpp:1685] HTTP server listening on 3000 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Utils.cpp:781] User changed to ntopng Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [main.cpp:407] Working directory: /home/ntopng/ntopng-data Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [main.cpp:409] Scripts/HTML pages directory: /usr/local/share/ntopng Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:451] Welcome to ntopng x86_64 v.5.3.220218 - (C) 1998-22 ntop.org Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:461] Built on Fedora release 31 (Thirty One) Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:865] Adding 127.0.0.1/32 as IPv4 interface address for lo Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:874] Adding 127.0.0.0/8 as IPv4 local network for lo Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:3269] Added Local Network 127.0.0.0/8 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:865] Adding 192.168.1.15/32 as IPv4 interface address for enp0s3 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:874] Adding 192.168.1.0/24 as IPv4 local network for enp0s3 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:3269] Added Local Network 192.168.1.0/24 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:896] Adding ::1/128 as IPv6 interface address for lo Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:906] Adding ::1/128 as IPv6 local network for lo Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:3269] Added Local Network ::1/128 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:896] Adding fe80::6e4e:eade:f6c1:e42/128 as IPv6 interface address for enp0s3 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:906] Adding fe80::6e4e:eade:f6c1:e42/64 as IPv6 local network for enp0s3 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [Ntop.cpp:3269] Added Local Network fe80::6e4e:eade:f6c1:e42/64 Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3054] Started host user script hooks loop on interface lo [id: 2> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3023] Started flow user script hooks loop on interface lo [id: 2> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3054] Started host user script hooks loop on interface enp0s3 [i> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3023] Started flow user script hooks loop on interface enp0s3 [i> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [PeriodicActivities.cpp:109] Started periodic activities loop... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:35] Processing startup.lua: please hold on... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:120] [lists_utils.lua:785] Refreshing category lists... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:120] [lists_utils.lua:421] Updating list 'SSLBL Botnet C2 IP Blacklist' [> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:120] [lists_utils.lua:718] Category Lists (1742 hosts, 2254 IPs, 0 JA3) l> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:210] Completed startup.lua Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [PeriodicActivities.cpp:167] Found 10 activities Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3195] Started packet polling on interface enp0s3 [id: 1]... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3195] Started packet polling on interface lo [id: 2]...
Output from "systemctl status ntopng": [root@SATURN ntopng]# systemctl status ntopng.service ● ntopng.service - ntopng high-speed web-based traffic monitoring and analysis tool Loaded: loaded (/opt/ntopng/packages/etc/systemd/system/ntopng.service; enabled; vendor preset: disabled) Active: active (running) since Fri 2022-02-18 12:26:31 EST; 2min 4s ago Process: 27968 ExecStartPre=/bin/sh -c /usr/bin/ntopng-utils-manage-config -a check-restore && /usr/bin/ntopng-utils-manage-config -a restore || tr> Process: 27970 ExecStartPre=/bin/sh -c /bin/cat /etc/ntopng/ntopng.conf > /run/ntopng.conf.raw (code=exited, status=0/SUCCESS) Process: 27972 ExecStartPre=/bin/sh -c /bin/cat /etc/ntopng/ntopng.conf.d/.conf >> /run/ntopng.conf.raw 2>/dev/null || true (code=exited, status=0/> Process: 27974 ExecStartPre=/bin/sh -c /bin/sed "/^[ ]-e.$|^[ ]-G.|^[ ]--daemon.|[ ]--pid.*/s/^/#/" /run/ntopng.conf.raw > /run/ntopng.con> Main PID: 27976 (2/flow_checks) Tasks: 30 (limit: 4668) Memory: 134.1M CPU: 18.833s CGroup: /system.slice/ntopng.service └─27976 /usr/local/bin/ntopng /run/ntopng.conf
Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3023] Started flow user script hooks loop on interface enp0s3 [i> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [PeriodicActivities.cpp:109] Started periodic activities loop... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:35] Processing startup.lua: please hold on... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:120] [lists_utils.lua:785] Refreshing category lists... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:120] [lists_utils.lua:421] Updating list 'SSLBL Botnet C2 IP Blacklist' [> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:120] [lists_utils.lua:718] Category Lists (1742 hosts, 2254 IPs, 0 JA3) l> Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [startup.lua:210] Completed startup.lua Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [PeriodicActivities.cpp:167] Found 10 activities Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3195] Started packet polling on interface enp0s3 [id: 1]... Feb 18 12:26:32 SATURN.home ntopng[27976]: 18/Feb/2022 12:26:32 [NetworkInterface.cpp:3195] Started packet polling on interface lo [id: 2]...
Any help is much appreciated.
/Mike