Comments (4)
from maltrail.
if i try to do this in separate terminals, it seems to me that all works as expected
p.s. sensor stopped because of no (root) permissions
from maltrail.
This is what is running in my container shown when running ps -ef.
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 Feb20 ? 00:00:00 /bin/sh -c bash -c "python /opt/maltrail/server.py &" && bash -c "python /opt/maltrail/sensor.py &" && cron && tail -f /var/log/cron.log
root 12 1 0 Feb20 ? 00:00:06 cron
root 13 1 0 Feb20 ? 00:00:28 tail -f /var/log/cron.log
root 18986 1 0 01:03 ? 00:02:00 python /opt/maltrail/sensor.py -c /opt/maltrail/maltrail.conf
root 18987 1 0 01:03 ? 00:00:09 python /opt/maltrail/server.py -c /opt/maltrail/maltrail.conf
root 26279 0 0 09:32 pts/0 00:00:00 bash
root 26292 26279 0 09:32 pts/0 00:00:00 ps -ef
The line with pid 1 is the line with the problem it has bash in it but more importantly it has server.py and sensor.py in it.
This line still exits even after the cron command:
2 1 * * * /usr/bin/pkill -f maltrail
is run.
The cron commands:
*/1 * * * * if [ -n "$(ps -ef | grep -v grep | grep server.py)" ]; then : ; else python /opt/maltrail/server.py -c /opt/maltrail/maltrail.conf; fi >> /var/log/cron.log
*/1 * * * * if [ -n "$(ps -ef | grep -v grep | grep sensor.py)" ]; then : ; else python /opt/maltrail/sensor.py -c /opt/maltrail/maltrail.conf; fi >> /var/log/cron.log
match on that pid 1 line and think the server.py and sensor.py are still runing and doesn't restart them.
Adding grep -v bash prevents that from happening.
from maltrail.
@hpeters added that piece with the latest commit
from maltrail.
Related Issues (20)
- How to add severity to local logs? HOT 4
- [BUG]False Positive 185.199.109.133 HOT 1
- Custom image HOT 5
- Netflow or Span Port HOT 1
- [Feature Request] Show Number Of Past Entries HOT 1
- IP: 117.17.191.45 | Malware HOT 1
- [Feature Request] HOT 1
- Maltrail won't boot HOT 8
- [Questions and Support] ModuleNotFoundError: No module named 'thirdparty.six.moves' HOT 4
- [Feature Request] Integrate IPinfo's free database for ASN+country enrichment, filters, and eliminating HTTP calls HOT 4
- [Questions and Support] The server.py does not raise if I define an ip in UDP_ADDRESS HOT 6
- External IP Flagged in Blocklist in Maltrail and Appears to also be affecting blocks on other sites... HOT 18
- Windows 11 Returns HOT 9
- [BUG] cruzit URL changed HOT 1
- [BUG] python six module HOT 6
- [BUG] Fortinet block page (fortinet-block-page-55.fortinet.com) listed as malicious. HOT 2
- Bad domains HOT 2
- [Questions and Support] Maltrail not listening on port 8337/udp HOT 6
- [Feature Request] Improvement for PHP-inj detection (TellYouThePass Ransomware)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from maltrail.