Comments (8)
@youradds are you running pcapy-ng
or pcapy
? Maltrail requires pcapy-ng
(as stated here) - especially if running on Python3
furthermore, here author states that for preventing that error, directive #define PY_SSIZE_T_CLEAN
has to be declared in python-C binded code, which is already done in pcapy-ng
, as you can see here: https://github.com/stamparm/pcapy-ng/blob/master/pcapy.cc#L10
from maltrail.
Ahhh that was it! I was indeed using pcapy (I've been using that since day 1, so not sure when that changed? it has been running fine)
Anyway, doing:
pip3 uninstall pcapy
pip3 install pcapy-ng
has done the trick .
Thanks
from maltrail.
Oh wow... well it seems to have been working at least 3 months ago :) I only just noticed it wasn't as I as setting up a new server and couldn't get it to boot (so checked my other servers, and the same issue). Oh well, all working now. Thanks for the quick reply :) I'm going to go over all my other server and uninstall pcapy and put on pcapy-ng :)
from maltrail.
@stamparm Thanks for 422e5a8 to handle potential similar cases!
from maltrail.
@stamparm Please, look here
from maltrail.
Hello!
Have recongnized all updates Imade from yesterday -- everything is as usual, no anomalies.
Could you, please, reproduce the problem with DEBUG settings true
:
and attach here /error.log
file from /var/log/maltrail
folder. Thnx!
from maltrail.
Thanks. I don't get anything in /var/log/maltrail/error.log . I deleted the file and run:
python3 /opt/maltrail-scripts/maltrail/sensor.py -c /opt/maltrail-scripts/maltrail/maltrail.conf
Maltrail (sensor) #v0.66 {https://maltrail.github.io}
[*] starting @ 09:27:57 /2024-02-08/
[i] using configuration file '/opt/maltrail-scripts/maltrail/maltrail.conf'
[i] using '/var/log/maltrail' for log storage
[i] using '/root/.maltrail/trails.csv' for trail storage (last modification: 'Wed, 07 Feb 2024 14:19:29 GMT')
[i] loading trails...
[i] 800,447 trails loaded
[?] in case of any problems with packet capture on virtual interface 'any', please put all monitoring interfaces to promiscuous mode manually (e.g. 'sudo ifconfig eth0 promisc')
[i] opening interface 'any'
[i] setting capture filter 'udp or icmp or (tcp and (tcp[tcpflags] == tcp-syn or port 80 or port 1080 or port 3128 or port 8000 or port 8080 or port 8118))'
[^] running...
Exception in thread Thread-2 (_):
Traceback (most recent call last):
File "/usr/lib/python3.10/threading.py", line 1016, in _bootstrap_inner
self.run()
File "/usr/lib/python3.10/threading.py", line 953, in run
self._target(*self._args, **self._kwargs)
File "/opt/maltrail-scripts/maltrail/sensor.py", line 1169, in _
(header, packet) = _cap.next()
SystemError: PY_SSIZE_T_CLEAN macro must be defined for '#' formats
The error.log is created, but nothing in it. I set:
# Show debug messages (in console output)
SHOW_DEBUG true
maybe I missed something?
If its any use, I'm on Ubuntu 20.04 and also 22.04 (different servers, all with the same issue)
Thanks
from maltrail.
I was indeed using pcapy
<-- just interesting where pcapy
came from, because /requirements.txt
was changed for pcapy-ng
2 years ago: 2aa2da5
from maltrail.
Related Issues (20)
- api:how to curl maltrail info HOT 5
- How to add severity to local logs? HOT 4
- [BUG]False Positive 185.199.109.133 HOT 1
- Custom image HOT 5
- Netflow or Span Port HOT 1
- [Feature Request] Show Number Of Past Entries HOT 1
- IP: 117.17.191.45 | Malware HOT 1
- [Feature Request] HOT 1
- Running a docker container built with your Dockerfile both server.py and sensor.py fail to restart. HOT 4
- [Questions and Support] ModuleNotFoundError: No module named 'thirdparty.six.moves' HOT 4
- [Feature Request] Integrate IPinfo's free database for ASN+country enrichment, filters, and eliminating HTTP calls HOT 4
- [Questions and Support] The server.py does not raise if I define an ip in UDP_ADDRESS HOT 6
- External IP Flagged in Blocklist in Maltrail and Appears to also be affecting blocks on other sites... HOT 18
- Windows 11 Returns HOT 9
- [BUG] cruzit URL changed HOT 1
- [BUG] python six module HOT 6
- [BUG] Fortinet block page (fortinet-block-page-55.fortinet.com) listed as malicious. HOT 2
- Bad domains HOT 2
- [Questions and Support] Maltrail not listening on port 8337/udp HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from maltrail.