DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 31st August 2009
schrodinger's Avatar
schrodinger schrodinger is offline
Fdisk Soldier
 
Join Date: May 2008
Location: Ireland
Posts: 69
Thanked 2 Times in 2 Posts
Default Weird time issues

Hey folks,

I have a weird problem with OpenBSD 4.5 running on my soekris box.

The time on my box is NTP sync from my primary firewall, which ntp syncs from ie.pool.ntp.org, and both are as expected quite accurate. I also have my timezone set correctly.

Code:
$ ls -l /etc/localtime 
lrwxr-xr-x  1 root  wheel  33 Mar 21 18:30 /etc/localtime -> /usr/share/zoneinfo/Europe/Dublin
However I am having a problem with the "time". The two places I am seeing the issue is with nfdump for Netflow processing from my main firewall and Nagios running on this soekris.

When logged into Nagios the time of the checks is always an hour behind what I expect. It is 09:44 here in Dublin and my Nagios reports it was last updated at 08:44.

Also when processing my netflow files the date is messed up.

I am using nfsen for graphing and easy selection of time periods and the following sample output is for the time perdiod:

start 2009-08-31-04-45
end 2009-08-31-05-50

Quote:
$ nfdump -M /var/www/profiles-data/live/defiant -T -R 2009/35/1/04/nfcapd.200908310445:2009/35/1/05/nfcapd.200908310550 -o extended -c 100
Date flow start Duration Proto Src IP Addr:Port Dst IP Addr:Port Flags Tos Packets Bytes pps bps Bpp Flows
2009-09-14 18:41:57.649 18.000 ICMP 10.51.2.130:0 -> 192.168.1.1:64.74 ...... 0 5 420 0 186 84 1
2009-09-14 18:41:57.649 18.000 ICMP 192.168.1.1:0 -> 10.51.2.130:64.74 ...... 0 5 420 0 186 84 1
2009-09-14 18:41:57.649 19.000 ICMP 79.97.171.175:0 -> 192.168.1.1:145.211 ...... 0 5 420 0 176 84 1
2009-09-14 18:41:57.649 19.000 ICMP 192.168.1.1:0 -> 79.97.171.175:145.211 ...... 0 5 420 0 176 84 1
[...]
Summary: total flows: 100, total bytes: 53719, total packets: 314, avg bps: 3551, avg pps: 2, avg bpp: 171
Time window: 2009-09-14 18:41:45 - 2009-09-14 18:47:02
Total flows processed: 325, Records skipped: 0, Bytes read: 16912
Sys: 0.109s flows/second: 2971.5 Wall: 0.086s flows/second: 3745.7
The 14th of September? Why or how is this happening? I can't find anything that would be causing this. Nfdump has no configuration it simply reads in Netflow files and dumps the data. Nfsen is setup as the collector and lays the files out under the OpenBSD chrooted webroot as:

/var/www/profiles-data/live/defiant/year/week_of_year/day_of_week/hour

Defiant being the hostname of my primary firewall (I have a bit of a Starfleet ships naming convention going on )

I'd appreciate any help or insight people may have.
__________________
It was a new day yesterday, but it's an old day now.
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Searching and replacing weird patterns on a file. bigb89 Programming 8 6th December 2008 06:59 PM
squid cachemgr.cgi output weird chavez243 FreeBSD Ports and Packages 3 25th October 2008 02:58 PM
Weird network problem rex FreeBSD General 5 16th September 2008 02:05 AM
Weird NAT issues EvanED FreeBSD General 3 11th July 2008 11:02 PM
weird history problem mmusang FreeBSD General 2 17th May 2008 07:07 PM


All times are GMT. The time now is 03:24 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick