[Bro] Really Need Help What Causes Worker Crashed
Muhammad Hasif Sulaiman
hasifsulaiman94 at gmail.com
Tue Aug 7 00:50:53 PDT 2018
Hi,
This is my second time posting to bro community, i hope that i can get some
help. I need to know what are the causes that workers keep crashing.
Attached is the latest Bro crashes info. So far last few crashes all show
happen at the same portion, SSL.
I really hope to be able to identify what causes all workers crashed.
Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20180807/a710b47b/attachment-0001.html
-------------- next part --------------
2018-08-07 11:24am
[BroControl] > diag
[logger]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p logger local.bro broctl base/frameworks/cluster local-logger.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=logger
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[manager]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=manager
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[proxy-1]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=proxy-1
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-1]
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
Core file: bro.core
(no debugging symbols found)...Core was generated by `/usr/local/bin/bro -i netmap::em0}0 -U .status -p broctl -p broctl-live -p local'.
Program terminated with signal 6, Aborted.
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
Thread 1 (process 100150):
#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
#1 0x00000008028ea444 in raise () from /lib/libc.so.7
#2 0x00000008028ea3b9 in abort () from /lib/libc.so.7
#3 0x00000008029698e1 in __assert () from /lib/libc.so.7
#4 0x000000000088b142 in binpac::TLSHandshake::ServerHello::Parse ()
#5 0x00000000008888e0 in binpac::TLSHandshake::ServerHelloChoice::Parse ()
#6 0x0000000000887618 in binpac::TLSHandshake::Handshake::Parse ()
#7 0x0000000000887285 in binpac::TLSHandshake::HandshakeRecord::ParseBuffer ()
#8 0x000000000088986e in binpac::TLSHandshake::HandshakePDU::ParseBuffer ()
#9 0x000000000088f2c6 in binpac::TLSHandshake::Handshake_Flow::NewData ()
#10 0x0000000000882d86 in analyzer::ssl::SSL_Analyzer::SendHandshake ()
#11 0x0000000000892b63 in binpac::SSL::Handshake::Parse ()
#12 0x0000000000892583 in binpac::SSL::PlaintextRecord::Parse ()
#13 0x0000000000894302 in binpac::SSL::RecordText::Parse ()
#14 0x00000000008940b5 in binpac::SSL::SSLRecord::ParseBuffer ()
#15 0x000000000089495e in binpac::SSL::SSLPDU::ParseBuffer ()
#16 0x0000000000894c16 in binpac::SSL::SSL_Flow::NewData ()
#17 0x0000000000882cc4 in analyzer::ssl::SSL_Analyzer::DeliverStream ()
#18 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#19 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#20 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#21 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#22 0x00000000008a057f in analyzer::tcp::TCP_Reassembler::DeliverBlock ()
#23 0x00000000008a03a6 in analyzer::tcp::TCP_Reassembler::BlockInserted ()
#24 0x00000000008a0a64 in analyzer::tcp::TCP_Reassembler::DataSent ()
#25 0x000000000089f2c8 in analyzer::tcp::TCP_Endpoint::DataSent ()
#26 0x000000000089d3ba in analyzer::tcp::TCP_Analyzer::DeliverPacket ()
#27 0x00000000009070b6 in analyzer::Analyzer::NextPacket ()
#28 0x00000000005a4617 in Connection::NextPacket ()
#29 0x000000000063b8c4 in NetSessions::DoNextPacket ()
#30 0x000000000063a77d in NetSessions::NextPacket ()
#31 0x000000000060cf6e in net_packet_dispatch ()
#32 0x00000000008e3045 in iosource::PktSrc::Process ()
#33 0x000000000060d0a2 in net_run ()
#34 0x000000000058f93d in main ()
==== No reporter.log
==== stderr.log
listening on em0}0
1533552468.012830 processing suspended
1533552468.012830 processing continued
1533585606.924950 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533585606.924950 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533585606.924950 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
Assertion failed: (t_session_id__elem__dataptr <= t_end_of_data), function Parse, file src/analyzer/protocol/ssl/tls-handshake_pac.cc, line 1777.
/usr/local/share/broctl/scripts/run-bro: line 110: 94131 Abort trap (core dumped) nohup "$mybro" "$@"
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}0 -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-1
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-2]
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
Core file: bro.core
(no debugging symbols found)...Core was generated by `/usr/local/bin/bro -i netmap::em0}1 -U .status -p broctl -p broctl-live -p local'.
Program terminated with signal 6, Aborted.
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
Thread 1 (process 101021):
#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
#1 0x00000008028ea444 in raise () from /lib/libc.so.7
#2 0x00000008028ea3b9 in abort () from /lib/libc.so.7
#3 0x00000008029698e1 in __assert () from /lib/libc.so.7
#4 0x000000000088b142 in binpac::TLSHandshake::ServerHello::Parse ()
#5 0x00000000008888e0 in binpac::TLSHandshake::ServerHelloChoice::Parse ()
#6 0x0000000000887618 in binpac::TLSHandshake::Handshake::Parse ()
#7 0x0000000000887285 in binpac::TLSHandshake::HandshakeRecord::ParseBuffer ()
#8 0x000000000088986e in binpac::TLSHandshake::HandshakePDU::ParseBuffer ()
#9 0x000000000088f2c6 in binpac::TLSHandshake::Handshake_Flow::NewData ()
#10 0x0000000000882d86 in analyzer::ssl::SSL_Analyzer::SendHandshake ()
#11 0x0000000000892b63 in binpac::SSL::Handshake::Parse ()
#12 0x0000000000892583 in binpac::SSL::PlaintextRecord::Parse ()
#13 0x0000000000894302 in binpac::SSL::RecordText::Parse ()
#14 0x00000000008940b5 in binpac::SSL::SSLRecord::ParseBuffer ()
#15 0x000000000089495e in binpac::SSL::SSLPDU::ParseBuffer ()
#16 0x0000000000894c16 in binpac::SSL::SSL_Flow::NewData ()
#17 0x0000000000882cc4 in analyzer::ssl::SSL_Analyzer::DeliverStream ()
#18 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#19 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#20 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#21 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#22 0x00000000008a057f in analyzer::tcp::TCP_Reassembler::DeliverBlock ()
#23 0x00000000008a03a6 in analyzer::tcp::TCP_Reassembler::BlockInserted ()
#24 0x00000000008a0a64 in analyzer::tcp::TCP_Reassembler::DataSent ()
#25 0x000000000089f2c8 in analyzer::tcp::TCP_Endpoint::DataSent ()
#26 0x000000000089d3ba in analyzer::tcp::TCP_Analyzer::DeliverPacket ()
#27 0x00000000009070b6 in analyzer::Analyzer::NextPacket ()
#28 0x00000000005a4617 in Connection::NextPacket ()
#29 0x000000000063b8c4 in NetSessions::DoNextPacket ()
#30 0x000000000063a77d in NetSessions::NextPacket ()
#31 0x000000000060cf6e in net_packet_dispatch ()
#32 0x00000000008e3045 in iosource::PktSrc::Process ()
#33 0x000000000060d0a2 in net_run ()
#34 0x000000000058f93d in main ()
==== No reporter.log
==== stderr.log
listening on em0}1
1533552468.022483 processing suspended
1533552468.022483 processing continued
Assertion failed: (t_session_id__elem__dataptr <= t_end_of_data), function Parse, file src/analyzer/protocol/ssl/tls-handshake_pac.cc, line 1777.
/usr/local/share/broctl/scripts/run-bro: line 110: 94134 Abort trap (core dumped) nohup "$mybro" "$@"
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}1 -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-2
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-3]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
listening on em0}2
1533552467.987988 processing suspended
1533552467.987988 processing continued
1533601984.293897 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533601984.293897 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533601984.293897 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}2 -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-3
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
-------------- next part --------------
[BroControl] > diag
[logger]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p logger local.bro broctl base/frameworks/cluster local-logger.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=logger
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[manager]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=manager
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[proxy-1]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=proxy-1
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-1]
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
Core file: bro.core
(no debugging symbols found)...Core was generated by `/usr/local/bin/bro -i netmap::em0}0 -U .status -p broctl -p broctl-live -p local'.
Program terminated with signal 6, Aborted.
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
Thread 1 (process 100387):
#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
#1 0x00000008028ea444 in raise () from /lib/libc.so.7
#2 0x00000008028ea3b9 in abort () from /lib/libc.so.7
#3 0x00000008029698e1 in __assert () from /lib/libc.so.7
#4 0x000000000088b142 in binpac::TLSHandshake::ServerHello::Parse ()
#5 0x00000000008888e0 in binpac::TLSHandshake::ServerHelloChoice::Parse ()
#6 0x0000000000887618 in binpac::TLSHandshake::Handshake::Parse ()
#7 0x0000000000887285 in binpac::TLSHandshake::HandshakeRecord::ParseBuffer ()
#8 0x000000000088986e in binpac::TLSHandshake::HandshakePDU::ParseBuffer ()
#9 0x000000000088f2c6 in binpac::TLSHandshake::Handshake_Flow::NewData ()
#10 0x0000000000882d86 in analyzer::ssl::SSL_Analyzer::SendHandshake ()
#11 0x0000000000892b63 in binpac::SSL::Handshake::Parse ()
#12 0x0000000000892583 in binpac::SSL::PlaintextRecord::Parse ()
#13 0x0000000000894302 in binpac::SSL::RecordText::Parse ()
#14 0x00000000008940b5 in binpac::SSL::SSLRecord::ParseBuffer ()
#15 0x000000000089495e in binpac::SSL::SSLPDU::ParseBuffer ()
#16 0x0000000000894c16 in binpac::SSL::SSL_Flow::NewData ()
#17 0x0000000000882cc4 in analyzer::ssl::SSL_Analyzer::DeliverStream ()
#18 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#19 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#20 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#21 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#22 0x00000000008a057f in analyzer::tcp::TCP_Reassembler::DeliverBlock ()
#23 0x00000000008a03a6 in analyzer::tcp::TCP_Reassembler::BlockInserted ()
#24 0x00000000008a0a64 in analyzer::tcp::TCP_Reassembler::DataSent ()
#25 0x000000000089f2c8 in analyzer::tcp::TCP_Endpoint::DataSent ()
#26 0x000000000089d3ba in analyzer::tcp::TCP_Analyzer::DeliverPacket ()
#27 0x00000000009070b6 in analyzer::Analyzer::NextPacket ()
#28 0x00000000005a4617 in Connection::NextPacket ()
#29 0x000000000063b8c4 in NetSessions::DoNextPacket ()
#30 0x000000000063a77d in NetSessions::NextPacket ()
#31 0x000000000060cf6e in net_packet_dispatch ()
#32 0x00000000008e3045 in iosource::PktSrc::Process ()
#33 0x000000000060d0a2 in net_run ()
#34 0x000000000058f93d in main ()
==== No reporter.log
==== stderr.log
listening on em0}0
1533612186.752767 processing suspended
1533612186.752767 processing continued
1533615928.155182 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533615928.155182 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533615928.155182 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
Assertion failed: (t_session_id__elem__dataptr <= t_end_of_data), function Parse, file src/analyzer/protocol/ssl/tls-handshake_pac.cc, line 1777.
/usr/local/share/broctl/scripts/run-bro: line 110: 20143 Abort trap (core dumped) nohup "$mybro" "$@"
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}0 -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-1
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-2]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
listening on em0}1
1533612186.753315 processing suspended
1533612186.753315 processing continued
1533615950.414495 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533615950.414495 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533615950.414495 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}1 -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-2
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-3]
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
Core file: bro.core
(no debugging symbols found)...Core was generated by `/usr/local/bin/bro -i netmap::em0}2 -U .status -p broctl -p broctl-live -p local'.
Program terminated with signal 6, Aborted.
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
Thread 1 (process 100227):
#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
#1 0x00000008028ea444 in raise () from /lib/libc.so.7
#2 0x00000008028ea3b9 in abort () from /lib/libc.so.7
#3 0x00000008029698e1 in __assert () from /lib/libc.so.7
#4 0x000000000088b142 in binpac::TLSHandshake::ServerHello::Parse ()
#5 0x00000000008888e0 in binpac::TLSHandshake::ServerHelloChoice::Parse ()
#6 0x0000000000887618 in binpac::TLSHandshake::Handshake::Parse ()
#7 0x0000000000887285 in binpac::TLSHandshake::HandshakeRecord::ParseBuffer ()
#8 0x000000000088986e in binpac::TLSHandshake::HandshakePDU::ParseBuffer ()
#9 0x000000000088f2c6 in binpac::TLSHandshake::Handshake_Flow::NewData ()
#10 0x0000000000882d86 in analyzer::ssl::SSL_Analyzer::SendHandshake ()
#11 0x0000000000892b63 in binpac::SSL::Handshake::Parse ()
#12 0x0000000000892583 in binpac::SSL::PlaintextRecord::Parse ()
#13 0x0000000000894302 in binpac::SSL::RecordText::Parse ()
#14 0x00000000008940b5 in binpac::SSL::SSLRecord::ParseBuffer ()
#15 0x000000000089495e in binpac::SSL::SSLPDU::ParseBuffer ()
#16 0x0000000000894c16 in binpac::SSL::SSL_Flow::NewData ()
#17 0x0000000000882cc4 in analyzer::ssl::SSL_Analyzer::DeliverStream ()
#18 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#19 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#20 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#21 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#22 0x00000000008a057f in analyzer::tcp::TCP_Reassembler::DeliverBlock ()
#23 0x00000000008a03a6 in analyzer::tcp::TCP_Reassembler::BlockInserted ()
#24 0x00000000008a0a64 in analyzer::tcp::TCP_Reassembler::DataSent ()
#25 0x000000000089f2c8 in analyzer::tcp::TCP_Endpoint::DataSent ()
#26 0x000000000089d3ba in analyzer::tcp::TCP_Analyzer::DeliverPacket ()
#27 0x00000000009070b6 in analyzer::Analyzer::NextPacket ()
#28 0x00000000005a4617 in Connection::NextPacket ()
#29 0x000000000063b8c4 in NetSessions::DoNextPacket ()
#30 0x000000000063a77d in NetSessions::NextPacket ()
#31 0x000000000060cf6e in net_packet_dispatch ()
#32 0x00000000008e3045 in iosource::PktSrc::Process ()
#33 0x000000000060d0a2 in net_run ()
#34 0x000000000058f93d in main ()
==== No reporter.log
==== stderr.log
listening on em0}2
1533612186.756783 processing suspended
1533612186.756783 processing continued
1533612638.293839 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533612638.293839 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533612638.293839 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
Assertion failed: (t_session_id__elem__dataptr <= t_end_of_data), function Parse, file src/analyzer/protocol/ssl/tls-handshake_pac.cc, line 1777.
/usr/local/share/broctl/scripts/run-bro: line 110: 20146 Abort trap (core dumped) nohup "$mybro" "$@"
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}2 -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-3
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[BroControl] >
-------------- next part --------------
2018-08-06
[BroControl] > diag
[logger]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p logger local.bro broctl base/frameworks/cluster local-logger.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=logger
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[manager]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p manager local.bro broctl base/frameworks/cluster local-manager.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=manager
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[proxy-1]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-U .status -p broctl -p broctl-live -p local -p proxy-1 local.bro broctl base/frameworks/cluster local-proxy broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=proxy-1
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-1]
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
Core file: bro.core
(no debugging symbols found)...Core was generated by `/usr/local/bin/bro -i netmap::em0}0 -U .status -p broctl -p broctl-live -p local'.
Program terminated with signal 6, Aborted.
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
Thread 1 (process 100838):
#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
#1 0x00000008028ea444 in raise () from /lib/libc.so.7
#2 0x00000008028ea3b9 in abort () from /lib/libc.so.7
#3 0x00000008029698e1 in __assert () from /lib/libc.so.7
#4 0x000000000088b142 in binpac::TLSHandshake::ServerHello::Parse ()
#5 0x00000000008888e0 in binpac::TLSHandshake::ServerHelloChoice::Parse ()
#6 0x0000000000887618 in binpac::TLSHandshake::Handshake::Parse ()
#7 0x0000000000887285 in binpac::TLSHandshake::HandshakeRecord::ParseBuffer ()
#8 0x000000000088986e in binpac::TLSHandshake::HandshakePDU::ParseBuffer ()
#9 0x000000000088f2c6 in binpac::TLSHandshake::Handshake_Flow::NewData ()
#10 0x0000000000882d86 in analyzer::ssl::SSL_Analyzer::SendHandshake ()
#11 0x0000000000892b63 in binpac::SSL::Handshake::Parse ()
#12 0x0000000000892583 in binpac::SSL::PlaintextRecord::Parse ()
#13 0x0000000000894302 in binpac::SSL::RecordText::Parse ()
#14 0x00000000008940b5 in binpac::SSL::SSLRecord::ParseBuffer ()
#15 0x000000000089495e in binpac::SSL::SSLPDU::ParseBuffer ()
#16 0x0000000000894c16 in binpac::SSL::SSL_Flow::NewData ()
#17 0x0000000000882cc4 in analyzer::ssl::SSL_Analyzer::DeliverStream ()
#18 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#19 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#20 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#21 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#22 0x00000000008a057f in analyzer::tcp::TCP_Reassembler::DeliverBlock ()
#23 0x00000000008a03a6 in analyzer::tcp::TCP_Reassembler::BlockInserted ()
#24 0x00000000008a0a64 in analyzer::tcp::TCP_Reassembler::DataSent ()
#25 0x000000000089f2c8 in analyzer::tcp::TCP_Endpoint::DataSent ()
#26 0x000000000089d3ba in analyzer::tcp::TCP_Analyzer::DeliverPacket ()
#27 0x00000000009070b6 in analyzer::Analyzer::NextPacket ()
#28 0x00000000005a4617 in Connection::NextPacket ()
#29 0x000000000063b8c4 in NetSessions::DoNextPacket ()
#30 0x000000000063a77d in NetSessions::NextPacket ()
#31 0x000000000060cf6e in net_packet_dispatch ()
#32 0x00000000008e3045 in iosource::PktSrc::Process ()
#33 0x000000000060d0a2 in net_run ()
#34 0x000000000058f93d in main ()
==== No reporter.log
==== stderr.log
listening on em0}0
1533281832.206618 processing suspended
1533281832.206618 processing continued
1533412802.740029 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533412802.740029 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533412802.740029 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
Assertion failed: (t_session_id__elem__dataptr <= t_end_of_data), function Parse, file src/analyzer/protocol/ssl/tls-handshake_pac.cc, line 1777.
/usr/local/share/broctl/scripts/run-bro: line 110: 90951 Abort trap (core dumped) nohup "$mybro" "$@"
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}0 -U .status -p broctl -p broctl-live -p local -p worker-1-1 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-1
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-2]
No core file found.
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
==== No reporter.log
==== stderr.log
listening on em0}1
1533278545.463789 processing suspended
1533278545.463789 processing continued
1533338694.675439 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533338694.675439 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533338694.675439 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}1 -U .status -p broctl -p broctl-live -p local -p worker-1-2 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-2
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
[worker-1-3]
Bro 2.5.4
FreeBSD 11.2-RELEASE
Bro plugins:
Bro::Netmap - Packet acquisition via Netmap (dynamic, version 1.0)
Core file: bro.core
(no debugging symbols found)...Core was generated by `/usr/local/bin/bro -i netmap::em0}2 -U .status -p broctl -p broctl-live -p local'.
Program terminated with signal 6, Aborted.
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
Thread 1 (process 101019):
#0 0x00000008028ea47a in thr_kill () from /lib/libc.so.7
#1 0x00000008028ea444 in raise () from /lib/libc.so.7
#2 0x00000008028ea3b9 in abort () from /lib/libc.so.7
#3 0x00000008029698e1 in __assert () from /lib/libc.so.7
#4 0x000000000088b142 in binpac::TLSHandshake::ServerHello::Parse ()
#5 0x00000000008888e0 in binpac::TLSHandshake::ServerHelloChoice::Parse ()
#6 0x0000000000887618 in binpac::TLSHandshake::Handshake::Parse ()
#7 0x0000000000887285 in binpac::TLSHandshake::HandshakeRecord::ParseBuffer ()
#8 0x000000000088986e in binpac::TLSHandshake::HandshakePDU::ParseBuffer ()
#9 0x000000000088f2c6 in binpac::TLSHandshake::Handshake_Flow::NewData ()
#10 0x0000000000882d86 in analyzer::ssl::SSL_Analyzer::SendHandshake ()
#11 0x0000000000892b63 in binpac::SSL::Handshake::Parse ()
#12 0x0000000000892583 in binpac::SSL::PlaintextRecord::Parse ()
#13 0x0000000000894302 in binpac::SSL::RecordText::Parse ()
#14 0x00000000008940b5 in binpac::SSL::SSLRecord::ParseBuffer ()
#15 0x000000000089495e in binpac::SSL::SSLPDU::ParseBuffer ()
#16 0x0000000000894c16 in binpac::SSL::SSL_Flow::NewData ()
#17 0x0000000000882cc4 in analyzer::ssl::SSL_Analyzer::DeliverStream ()
#18 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#19 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#20 0x00000000009071cf in analyzer::Analyzer::NextStream ()
#21 0x000000000090779e in analyzer::Analyzer::ForwardStream ()
#22 0x00000000008a057f in analyzer::tcp::TCP_Reassembler::DeliverBlock ()
#23 0x00000000008a03a6 in analyzer::tcp::TCP_Reassembler::BlockInserted ()
#24 0x00000000008a0a64 in analyzer::tcp::TCP_Reassembler::DataSent ()
#25 0x000000000089f2c8 in analyzer::tcp::TCP_Endpoint::DataSent ()
#26 0x000000000089d3ba in analyzer::tcp::TCP_Analyzer::DeliverPacket ()
#27 0x00000000009070b6 in analyzer::Analyzer::NextPacket ()
#28 0x00000000005a4617 in Connection::NextPacket ()
#29 0x000000000063b8c4 in NetSessions::DoNextPacket ()
#30 0x000000000063a77d in NetSessions::NextPacket ()
#31 0x000000000060cf6e in net_packet_dispatch ()
#32 0x00000000008e3045 in iosource::PktSrc::Process ()
#33 0x000000000060d0a2 in net_run ()
#34 0x000000000058f93d in main ()
==== No reporter.log
==== stderr.log
listening on em0}2
1533278545.467784 processing suspended
1533278545.467784 processing continued
1533282790.152374 Failed to open GeoIP City database: /usr/local/share/GeoIP/GeoIPCity.dat
1533282790.152374 Failed to open GeoIP Cityv6 database: /usr/local/share/GeoIP/GeoIPCityv6.dat
1533282790.152374 Failed to open GeoIPv6 Country database: /usr/local/share/GeoIP/GeoIPv6.dat
Assertion failed: (t_session_id__elem__dataptr <= t_end_of_data), function Parse, file src/analyzer/protocol/ssl/tls-handshake_pac.cc, line 1777.
/usr/local/share/broctl/scripts/run-bro: line 110: 83924 Abort trap (core dumped) nohup "$mybro" "$@"
==== stdout.log
max memory size (kbytes, -m) unlimited
data seg size (kbytes, -d) 33554432
virtual memory (kbytes, -v) unlimited
core file size (blocks, -c) unlimited
==== .cmdline
-i netmap::em0}2 -U .status -p broctl -p broctl-live -p local -p worker-1-3 local.bro broctl base/frameworks/cluster local-worker.bro broctl/auto
==== .env_vars
PATH=/usr/local/bin:/usr/local/share/broctl/scripts:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/home/user/bin
BROPATH=/usr/local/spool/installed-scripts-do-not-touch/site::/usr/local/spool/installed-scripts-do-not-touch/auto:/usr/local/share/bro:/usr/local/share/bro/policy:/usr/local/share/bro/site
CLUSTER_NODE=worker-1-3
==== .status
RUNNING [net_run]
==== No prof.log
==== No packet_filter.log
==== No loaded_scripts.log
More information about the Bro
mailing list