[Flow-tools] Segmentation Fault // FlowExport launch by PHP
gui.bernard
gui.bernard at laposte.net
Thu Jan 17 06:21:54 EST 2008
Hi,
Since 2 years, I work on a big project to scan and measure network traffic. I have decided to use flowtools tools to capture and export Netflow file. These procedures works perfectly.
But, I have choose to use several flowtools like flow-cat, flow-filter and flow-export to filter an Traffic day. Flow capture stock for example my rawfile in /var/raw/metronet/2008/2008-01/2008-01-17/ft*.
My goal here is to concat files of 2008-01-2007 and to apply a filter on srcaddr OR dstaddr. Moreover the result of that must be write on disk with ASCII-CSV.
/opt/flowtools/bin/flow-cat /var/raw/metronet/2008/2008-01/2008-01-17/ft-v05.2008-01-17* | /opt/flowtools/bin/flow-filter -f /var/www/metronet/raw/test.acl -Srech -o -Drech | /opt/flowtools/bin/flow-export -f2 -m0xC383061 > /dev/shm/flow_export.csv
le contenu de test.acl
ip access-list standard rech permit xxx.xxx.xxx.xxx << (adresse IP que je recherche)
I have made a shell script and a perl script to create CSV file and to insert result in a PGSQL database.
When a launch command in terminal all is good and I haven't any error.
But when I adapt this in a PHP script, I have a big segmentation fault (apparently on flow-export). The CSV file is create correctly but it not finish properly.
See the apache message (error_log):
2555 Done /opt/flowtools/bin/flow-cat /var/raw/metronet/2008/2008-01/2008-01-17/ft-v05.2008-01-17*
2556 | /opt/flowtools/bin/flow-filter -f /var/www/metronet/raw/test.acl -Srech -o -Drech
2557 Segmentation fault | /opt/flowtools/bin/flow-export -f2 -m0xC383061 >/dev/shm/flow_export.csv
[Thu Jan 17 11:34:30 2008] [error] [client 10.253.1.86] PHP Warning: pg_query() [<a href='function.pg-query'>function.pg-query</a>]: Query failed: ERROR: invalid input syntax for type inet: "209.1"\nCONTEXT: COPY tmp_gberna100p_17012008_113218, line 40700, column dstaddr: "209.1" in /var/www/metronet/recherche.php on line 599, referer: http://oss117.u-bordeaux2.fr/index.php
When the file is write on hard disk, a SQL copy is launch by PHP script. Error precise a missing column or and invalid syntax. This is due to a csv file troncated.
An tail -f on this CSV return:
1199919578,11,769,193.50.104.121,64.239.149.125,45407,25,6,0,0
1199919578,13,989,64.239.149.125,193.50.104.121,25,45407,6,0,0
1199919578,12,646,193.50.104.121,198.185.2.86,43956,25,6,0,0
1199919578,9,777,198.185.2.86,193.50.104.121,25,43956,6,0,0
1199919578,7,487,193.50.104.121,209.183.
Below a look on my php script:
$return="";
$outpout=array();
$cmdCSV = "/opt/flowtools/bin/flow-cat /var/raw/metronet/2008/2008-01/2008-01-17/ft-v05.2008-01-17* | /opt/flowtools/bin/flow-filter -f /var/www/metronet/raw/test.acl -Srech -o -Drech | /opt/flowtools/bin/flow-export -f2 -m0xC383061 > /dev/shm/flow_export.csv";
exec($cmdCSV,$outpout,$returne);
exec("sync");
echo "<br>returne:".$returne."<br>";
print_r($outpout);
// Ajout droit LECTURE/ECRITURE/EXECUTION pour proprietaire
if (file_exists("/dev/shm/flow_export.csv")) { chmod("/dev/shm/flow_export.csv", 0755); }
$SQLcopy = "COPY $nomTABLE (unix_secs,dpkts,doctets,srcaddr,dstaddr,srcport,dstport,prot,src_as,dst_as) FROM '/dev/shm/flow_export.csv' WITH DELIMITER AS ',' CSV HEADER";
$result_COPYtmp = pg_query ($id_connexion, $SQLcopy);
I don't understand why these errors when I do with PHP and not inline terminal. So I have check php.ini to change like:
max_execution_time = 3000 ; Maximum execution time of each script, in seconds
max_input_time = 1200 ; Maximum amount of time each script may spend parsing request data
memory_limit = 80M
Can you help me?
Créez votre adresse électronique prénom.nom at laposte.net
1 Go d'espace de stockage, anti-spam et anti-virus intégrés.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20080117/41329a2a/attachment.htm
More information about the Flow-tools
mailing list