Pakon stop collecting on day of installation at 21:09

After installing packon and running pakon-show i see records for the current day up to the time 21:09 and the next day i get no more data. If i reinstall:

opkg install --force-reinstall pakon

It immediately starts collecting for the current day again. Yes i ran this after each install:

/etc/init.d/suricata restart

and also tried rebooting but this made no difference. Also note when installing pakon (like others have pointed out) we see two command not found outputs:

root@turris:~# opkg install --force-reinstall pakon
Removing package pakon from root…
Command failed: Not found
Command failed: Not found
Installing pakon (1.1-2) to root…

Is there a known problem with pakon not collecting data the next day? This has repeated for 3 days now.

Honestly, I have no idea. I’m dealing with some problems installing and starting pakon, but I haven’t seen anything like that so far.

Can you try to look whether Suricata and monitoring daemon is working (when it stops storing data, after 21:09 as you said):
ps | grep suricata
ps | grep pakon
and send me the output of those commands?

My best guess (with a lot of imagination involved) is that for some reason some of that processes is killed at that time. But this is a very long shot.

Hi there,

pakon appears to not work for me at all.
If I do “pakon-show” I always just get “no records to show”.
But output of the both commands above suggest pakon is running:
root@turris:~# ps |grep suricata
9945 root 9704 S /usr/bin/python3 /usr/bin/suricata_conntrack_flows.p
22889 root 1088 R grep suricata
root@turris:~# ps |grep pakon
9912 root 10804 S python3 /usr/libexec/pakon-light/pakon-monitor.py
9932 root 13084 S python3 /usr/libexec/pakon-light/pakon-handler.py
22891 root 1088 S grep pakon

Any idea?

1 Like

Any ideas no data today (the 23rd of 2017)

root@turris:~# updater.sh
WARN:Script file:///usr/share/updater/localrepo/localrepo.lua not found, but ignoring its absence as requested
WARN:Requested package luci-i18n-ddns-en that is missing, ignoring as requested.
There is no message to send.
root@turris:~# ps | grep suricata
9210 root 73272 S {Suricata-Main} /usr/bin/suricata -c /etc/suricata/suricata.yaml -q 10 --init-errors-fatal --pidfile /var/run/suricata/suricata.pid
30332 root 1088 S grep suricata
root@turris:~# ps | grep pakon
428 root 1088 S grep pakon
9166 root 18236 S python3 /usr/libexec/pakon-light/pakon-handler.py
root@turris:~# pakon-show -A -s 23-12-2017 -e 24-12-2017
no records to show
root@turris:~#

The last record i see when running:

pakon-show

Gives yesterdays data:

|2017-12-22 00:26:52 | <1s …

And now after rebooting the router I get data:

root@turris:~# pakon-show -A -s 23-12-2017 -e 24-12-2017
|dur | src MAC | hostname | dst port | proto | sent | recvd |
| | | | | | | |
|<1s | xxxx | cdn.betterttv.net | https | tls | 822B | 555B |

To Softcoder:
It seems that pakon-monitor.py is not running (according to result of ps | grep pakon). Try
/etc/init.d/pakon-monitor start

Sometimes it helps to restart suricata
/etc/init.d/suricata restart

Yes when i ran your commands its running again… saw this in the logs from when it was running earlier:

2017-12-24T00:14:17-08:00 info procd[]: Instance pakon-monitor::instance1 s in a crash loop 6 crashes, 29 seconds since last crash
2017-12-24T00:14:27-08:00 warning ucollect[4157]: Remote closed the uplink api.turris.cz:5679, reconnecting
2017-12-24T00:14:27-08:00 warning ucollect[4157]: epoll_wait on 4 interrupted, retry
2017-12-24T00:14:27-08:00 info ucollect[4157]: Reconnecting to api.turris.cz:5679 now
2017-12-24T00:14:27-08:00 info ucollect[4157]: Socat started
2017-12-24T00:14:27-08:00 err ucollect[4157]: Error from socat: 2017/12/23 16:14:27 socat[22112] E connect(5, AF=10 [2001:1488:ac15:ff80:0000:0000:0000:0101]:5679, 28): Permission denied
2017-12-24T00:14:27-08:00 warning ucollect[4157]: Remote closed the uplink api.turris.cz:5679, reconnecting
2017-12-24T00:14:27-08:00 warning ucollect[4157]: epoll_wait on 4 interrupted, retry
2017-12-24T00:14:27-08:00 info ucollect[4157]: Reconnecting to api.turris.cz:5679 now
2017-12-24T00:14:27-08:00 warning ucollect[4157]: Reconnecting too often, waiting a little while
2017-12-24T00:14:27-08:00 info ucollect[4157]: Going to reconnect to api.turris.cz:5679 after 2 seconds
2017-12-24T00:14:29-08:00 info ucollect[4157]: Reconnecting to api.turris.cz:5679 now
2017-12-24T00:14:29-08:00 info ucollect[4157]: Socat started

The problem you have is different from this and it is discussed in another thread: Pakon (suricata) won't start

Ok, so pakon-monitor crashes. Thank you, that might help us find where the problem is.

We’ll look into it.

Still crashes with latest updates. I will uninstall it as its useless for me