Closed aleksashka closed 9 months ago
ERROR: nfsend connect() error: No such file or directory!
means indeed, that you have a problem with the socket. After starting nfsend, you can check manually, if the socket has been created. If it exists, it's a web server/php issue. The aid of the running php instance needs to be able to connect to this socket. Depending on your web server config, php with php-fop may run under a different user. Finally check if you have some other restrictions in place, such as SeLinux or other security barriers you would need to tweak for the socket.
Thank you for your reply!
The socket does not exist after starting the nfsend
, moreover status
shows that nfsend
itself is not started (check the output below). Is there a way to troubleshoot the socket creation as well as the fact that nfsend
is shown as not running
?
SeLinux is not used (getenforce
returns command not found
)
a@RPiB2:~ $ ll /opt/nfsen/var/run/
total 4
-rw-r--r-- 1 netflow www-data 5 Sep 1 12:58 p9996.pid
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ sudo /opt/nfsen/bin/nfsen status
Version nfSen: 1.3.9, nfdump: 7
NfSen status:
Collector for (stex_almaty) port 9996 is running [2531].
nfsen daemon: is not running.
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ sudo /opt/nfsen/bin/nfsen stop
Shutdown nfcapd: (stex_almaty)[2531]. .
Shutdown nfsend:[no pid file found!]
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ sudo /opt/nfsen/bin/nfsen status
Version nfSen: 1.3.9, nfdump: 7
NfSen status:
Collector for (stex_almaty) port 9996 is not running.
nfsen daemon: is not running.
a@RPiB2:~ $ ll /opt/nfsen/var/run/
total 0
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ sudo /opt/nfsen/bin/nfsen start
Starting nfcapd:(stex_almaty)[17493]
Starting nfsend.
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ ll /opt/nfsen/var/run/
total 4
-rw-r--r-- 1 netflow www-data 6 Sep 12 17:10 p9996.pid
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ sudo /opt/nfsen/bin/nfsen status
Version nfSen: 1.3.9, nfdump: 7
NfSen status:
Collector for (stex_almaty) port 9996 is running [17493].
nfsen daemon: is not running.
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ namei -l /opt/nfsen/var/run/
f: /opt/nfsen/var/run/
drwxr-xr-x root root /
drwxr-xr-x root root opt
drwxr-xr-x root root nfsen
drwxrwxr-x netflow www-data var
drwxrwxr-x netflow www-data run
a@RPiB2:~ $
a@RPiB2:~ $
a@RPiB2:~ $ sudo ps aux | grep nfse[n]
netflow 17493 0.0 0.4 53204 2196 ? Sl 17:10 0:00 /usr/local/bin/nfcapd -D -p 9996 -u netflow -g www-data -B 200000 -S 1 -P /opt/nfsen/var/run/p9996.pid -y -I stex_almaty -w /opt/nfsen/profiles-data/live/stex_almaty
a@RPiB2:~ $
nfsend should write syslog messages! Please make sure syslog is properly configured in nfsend.conf and (r)syslogd.conf. Check the syslog file for errors.
Seems no feedback ..
I am sorry, Peter.
I still cannot find where those logs are directed and saved. Is it OK to get back to this issue when I will have more time to investigate my logging issues?
Thank you.
Hello,
I want to run nfsen on an old Raspberry Pi Model B to collect NSEL events from Cisco ASA, but I faced several issues. May be someone could direct me to the solution.
Initially, running
./install.pl etc/nfsen.conf
was stopping withIllegal instruction
, after hours of debugging it turned out Raspberry Pi OS repositories providedRRDs.so
which would causeIllegal instruction
when running linebootstrap RRDs $VERSION;
of the filelibexec/RRDs.pm
, so I managed to compilerrdtool
locally (installing required libraries was a quest on it's own) and installation script finished it's work.Additionally, I included the path to the new
RRDs.so
(/opt/rrdtool-1.7.2/lib/perl/5.32.1/arm-linux-gnueabihf-thread-multi-64int/auto/RRDs/RRDs.so
) to/opt/nfsen/bin/nfsen
after line 54 like this (is it too dirty hack? otherwise old library would have been loaded with the same error):After these operations nfsen starts:
But opening http://ip/nfsen shows:
I presumed that nfsen cannot create a socket-file, so I checked the filename, path, permissions. Seems OK to me..
/var/www/nfsen/conf.php
contains$COMMSOCKET = "/opt/nfsen/var/run/nfsen.comm";
/opt/nfsen/etc/nfsen.conf
contains the following:User
netflow
is in the groupwww-data
:/etc/apache2/apache2.conf
contains:/etc/apache2/envvars
contains:Here are a few additional outputs which might be useful:
The order of operations is in fact quite different, since I am not that proficient with perl, php, compilation, debugging, etc, so there were way too many try-and-error attempts... But hopefully this still might be brought to life :).
Any help would be greatly appreciated!