I am trying to install Bro on my machine running Ubuntu 16.04 and I am facing the following problem on bro start. It has multiple errors and kindly assist on how to resolve them.
[BroControl] > start
starting bro (was crashed) ...
bro terminated immediately after starting; check output with "diag"
[BroControl] > diag
[bro]
Bro 2.4.1
Linux 4.4.0-36-generic
==== No reporter.log
==== stderr.log
fatal error: problem with interface eth0 (eth0: SIOCETHTOOL(ETHTOOL_GET_TS_INFO) ioctl failed: No such device)
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) unlimited
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i eth0 -U .status -p broctl -p broctl-live -p standalone -p local -p bro local.bro broctl broctl/standalone broctl/auto
==== .env_vars
PATH=/usr/bin:/usr/share/broctl/scripts:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
BROPATH=/var/spool/bro/installed-scripts-do-not-touch/site::/var/spool/bro/installed-scripts-do-not-touch/auto:/usr/share/bro:/usr/share/bro/policy:/usr/share/bro/site
CLUSTER_NODE=
==== .status
TERMINATED [atexit]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
My ifconfig shows up this :
root#anuvrattiku-Inspiron-13-7368:/etc# ifconfig -a
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:6594 errors:0 dropped:0 overruns:0 frame:0
TX packets:6594 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:950826 (950.8 KB) TX bytes:950826 (950.8 KB)
wlp1s0 Link encap:Ethernet HWaddr 68:07:15:23:f2:f8
inet addr:10.250.39.91 Bcast:10.250.255.255 Mask:255.255.0.0
inet6 addr: fe80::274a:2cde:a0c8:1131/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:271804 errors:0 dropped:0 overruns:0 frame:0
TX packets:49076 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:342567344 (342.5 MB) TX bytes:6733501 (6.7 MB)
Any help would be appreciated.
you're gonna need to check the bro config files mainly "/usr/local/bro/etc/node.cfg" and modify the hostname and the interface variables
based on the diag results it's showing "==== .cmdline
-i eth0 -U .status -p broctl " which means it's using the default configs.
thus. all what you need to make it work is just to change the interface to wlp1s0
be aware that's you're gonna need to make more configurations to start using it.
run sudo nano /usr/local/bro/etc/networks.cfg
on your interface change it from eth0 to wlp1s0
Related
I want to ping a host from my POX control program and check for response. I want to do this to test if the host really exists. How will I ping a host from the control program?
The quick solution is to make a ping using the python language and the os capabilities.Assuming you started the mininet emulator with
sudo mn --controller=remote
First give the switch an ip in order for the ping to find a route to go to the host. Open a new terminal to ssh to your mininet vm
ssh -X mininet#192.168.56.101
change 192.168.56.101 if your mininet vm has a different ip. In this new terminal type
ifconfig s1
you should get something like
Link encap:Ethernet HWaddr fa:64:44:9a:f9:4f
UP BROADCAST RUNNING MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
which indicates that your switch does not have an ip. To give an ip to the switch we have to
sudo ifconfig s1 10.0.1.1
and then ping a host connected to this switch (ie. 10.0.0.1) from your POX program.
import os
host_ip = "10.0.0.1" #the host ip you want to ping from controller
response = os.system("ping -c 1 " + host_ip)
#check the response...
if response == 0:
print host_ip, 'is up!'
else:
print host_ip, 'is down!'
Sandbox up and running in Virtual Box, bridged. My VM's IP is 192.168.14.200.
I can connect to ops center from my windows host by going to http://192.168.14.200:8888, as well as from within the VM by browsing to http://127.0.0.1:8888.
I can run DevCenter from within the VM, whose connection is localhost:9042
I downloaded DevCenter to my Windows 10 host and setup a connection to 192.168.14.200:9042, which fails to connect:
The specified host(s) could not be reached.
All host(s) tried for query failed (tried: /192.168.14.200:9042(com.datastax.driver.core.TransportException: [/192.168.14.200:9042] Cannot connect))
I have the same problem from within my C# code that throws a connection exception. I think if I can solve the DevCenter issue my C# code will work.
I have tried the following changes to the sandboxes cassandra.yaml file;
Change the listen_address by excluding it, changing it from localhost to 127.0.0.1, and 192.168.14.200, as well as with rpc_address.
At this point I am at a loss and any help just getting DevCenter working would be a great start.
My main goal was to get a development Cassandra instance running in VirtualBox on windows and connect to it using Datastax DevCenter from the Windows Host. I was hoping to just use the Datastax sandbox, but I ultimately got it working using this method which was using Vagrant to setup Cassandra on an Ubuntu VM;
https://github.com/bcantoni/vagrant-cassandra/tree/master/1.Base
There is a very nice Youtube walkthrough and written instructions here.
After getting this to work, I made the following changes to cassandra.yaml;
Comment out listen_address
Un-comment listen_interface: eth0
Comment out rpc_address
Un-comment rpc_interface: eth1
kill the CassandraDaemon
restart Cassandra.
I was able to use the 10.211.54.10 address from the windows host to connect via DevCenter.
Here is the network information of the Ubuntu VM which is hosting Cassandra.
vagrant#cassandra:~/apache-cassandra-3.4$ ifconfig
eth0
Link encap:Ethernet HWaddr 08:00:27:c9:24:d6
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fec9:24d6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:138562 errors:0 dropped:0 overruns:0 frame:0
TX packets:33785 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:125767502 (125.7 MB) TX bytes:2587641 (2.5 MB)
eth1
Link encap:Ethernet HWaddr 08:00:27:2e:5d:ae
inet addr:10.211.54.10 Bcast:10.211.54.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe2e:5dae/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:680 errors:0 dropped:0 overruns:0 frame:0
TX packets:110 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:95365 (95.3 KB) TX bytes:36810 (36.8 KB)
lo
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:126277 errors:0 dropped:0 overruns:0 frame:0
TX packets:126277 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6395285 (6.3 MB) TX bytes:6395285 (6.3 MB)
I'm having some misunderstanding on how to set up a running vagrant box (choosed centos) with httpd service.
I have already my vagrant box up, I set up correctly httpd .
[vagrant#localhost ~]$ sudo /etc/init.d/httpd status
httpd (pid 2657) running...
On Vagrantfile I added the line (then a vagrant up/vagrant provision to reaload it):
config.vm.network "private_network", ip: "192.168.0.2"
Then if I ssh into my vagrant and run a ifconfig I get:
[vagrant#localhost ~]$ ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:A2:03:A5
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fea2:3a5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:18590 errors:0 dropped:0 overruns:0 frame:0
TX packets:8677 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:15457857 (14.7 MiB) TX bytes:553193 (540.2 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
It looks like the ip I wanted to associate to my vagrant machine was not considered. I expected "192.168.0.2" to appear after ifconfig
Should I perform some manual configuration?
Other consequences:
if I open my browser (from host machine) and digit http://10.0.2.15 I get back : ERR_ADDRESS_UNREACHABLE ?
I cannot ping successfully 192.168.0.2 from host.
What am I missing?
Obviously, as you see, httpd service is running.
192.168.0.2 localhost
Add above entry into /etc/hosts in your host.
I have two laptops :
- The first with Debian squeeze , is connected via ethernet and has the ip address 192.168.0.2
- The second with Ubuntu 12.10 is connected via wlan and has the ip address 192.168.0.9
the problem is:
- If I try to use ssh from the first to the second I get this result :
laptop1#192.168.0.2:~$ ssh laptop2#192.168.0.9
"ssh : connect to host 192.168.0.9 port 22: No route to host "
If I try to use ssh from the second to the first , it connects successfully to the first.
laptop2#192.168.0.9:~$ ssh laptop1#192.168.0.1
And now if I try again to connect from the first to the second , it connects successfully to the second
laptop1#192.168.0.2:~$ ssh laptop2#192.168.0.9
but after a few minutes if I try to use ssh from the first to the second , I still get this result :
"ssh : connect to host 192.168.0.9 port 22: No route to host ".
Typing the command arp on laptop1 I noticed that I cannot connect from the laptop1 to the laptop2 when disappears the ip address of laptop2.
laptop1#192.168.0.2:~$ sudo arp
Address HWtype HWAddress Flags Mask Iface
192.168.0.1 ether 00:1b:2f:3f:b5:a2 C eth0
192.168.0.9 ether e4:d5:3d:03:3b:ed C eth0
after few minutes...
laptop1#192.168.0.2:~$ sudo arp
Address HWtype HWAddress Flags Mask Iface
192.168.0.1 ether 00:1b:2f:3f:b5:a2 C eth0
someone understands why this happens? and how can I fix it?
I post some more information of my two laptops:
for the laptop1:
laptop1#192.168.0.2:~$ sudo ifconfig
eth0 Link encap:Ethernet HWaddr 20:cf:30:08:e0:82
inet addr:192.168.0.2 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::22cf:30ff:fe08:e082/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:29290 errors:0 dropped:0 overruns:0 frame:0
TX packets:28325 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:20301572 (19.3 MiB) TX bytes:11035023 (10.5 MiB)
Interrupt:30
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1440 errors:0 dropped:0 overruns:0 frame:0
TX packets:1440 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:166450 (162.5 KiB) TX bytes:166450 (162.5 KiB)
wlan0 Link encap:Ethernet HWaddr 74:f0:6d:76:79:93
inet6 addr: fe80::76f0:6dff:fe76:7993/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:42 errors:0 dropped:0 overruns:0 frame:0
TX packets:81 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10888 (10.6 KiB) TX bytes:16236 (15.8 KiB)
laptop1#192.168.0.2:~$ sudo route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
for the laptop2:
laptop2#192.168.0.9:~$ sudo ifconfig
eth0 Link encap:Ethernet HWaddr 04:7d:7b:1e:47:8b
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:124 errors:0 dropped:0 overruns:0 frame:0
TX packets:124 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:10373 (10.3 KB) TX bytes:10373 (10.3 KB)
wlan0 Link encap:Ethernet HWaddr e4:d5:3d:03:3b:ed
inet addr:192.168.0.9 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::e6d5:3dff:fe03:3bed/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1434 errors:0 dropped:0 overruns:0 frame:0
TX packets:1329 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1274245 (1.2 MB) TX bytes:188474 (188.4 KB)
laptop2#192.168.0.9:~$ sudo route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 wlan0
169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 wlan0
192.168.0.0 0.0.0.0 255.255.255.0 U 9 0 0 wlan0
I'm trying to use libvirt with virsh to manage my kvm/qemu vms. The problem I have is with getting it to work with public IPs. The server is running ubuntu 8.04.
libvirt keeps trying to run it as:
/usr/bin/kvm -M pc -m 256 -smp 3 -monitor pty -no-acpi \
-drive file=/opt/virtual-machines/calculon/root.qcow2,if=ide,boot=on \
-net nic,vlan=0,model=virtio -net tap,fd=10,vlan=0 -usb -vnc 127.0.0.1:0
Which boots, but does not have any network access (pings go nowhere). Running it without fd=10 makes it work right, with kvm creating the necessary TAP device for me and networking functioning inside the host. All the setup guides I've seen focus on setting up masquerading, while I just want a simple bridge and unfiltered access to the net (both the guests and host must use public IPs).
Running ifconfig on the host gives this, the bridge is manually setup in my /etc/network/interfaces file. :
br0 Link encap:Ethernet HWaddr 00:1e:c9:3c:59:b8
inet addr:12.34.56.78 Bcast:12.34.56.79 Mask:255.255.255.240
inet6 addr: fe80::21e:c9ff:fe3c:59b8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3359 errors:0 dropped:0 overruns:0 frame:0
TX packets:3025 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:180646 (176.4 KB) TX bytes:230908 (225.4 KB)
eth0 Link encap:Ethernet HWaddr 00:1e:c9:3c:59:b8
inet6 addr: fe80::21e:c9ff:fe3c:59b8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6088386 errors:0 dropped:0 overruns:0 frame:0
TX packets:3058 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:680236624 (648.7 MB) TX bytes:261696 (255.5 KB)
Interrupt:33
Any help would be greatly appreciated.
I followed the bridged networking guide at https://help.ubuntu.com/community/KVM and have the following in /etc/network/interfaces:
auto eth0
iface eth0 inet manual
auto br0
iface br0 inet static
address 192.168.0.10
network 192.168.0.0
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
I have not changed any libvirt network settings and my kvm images are booted like:
/usr/bin/kvm -M pc -no-kqemu -m 256 -smp 1 -monitor pty -boot c -hda \
/libvirt/apt.img -net nic,macaddr=00:16:3e:77:32:1d,vlan=0 -net \
tap,fd=11,script=,vlan=0 -usb -vnc 127.0.0.1:0
I then specify the static network settings in the kvm image as normal. Has all worked ok since I followed the guide.
I do have the following settings in my xml files in /etc/libvirt/qemu/ though under devices:
<interface type='bridge'>
<mac address='00:16:3e:77:32:1d'/>
<source bridge='br0'/>
</interface>
i guess your tap device should be shown in ifconfig.
run "brctl show "
it will show bridge and tunnel device connection.
you may have to put iptable entry show that all the packets will be routed through bridge
iptables -I INPUT -i br0 -j ACCEPT