I installed Maltrail and noticed after about 3 days it stops working and recording information. At first I thought it might be down to the connection dropping but this is not the case.
I've tried stopping and restarting the sensor and server, but it then takes a while for it to start again
Is there a way to get this to stop both sensors and server every night and restart it
update: found can restart sensor through cron, is there any point on restarting the server as well if it on the same machine?
thanks
Only sensor will stop working, no need to cycle server
When I was running it I had similar issues and had to "kick" the service regularly to keep it working. Be aware that the current Maltrail package is very buggy. There is a huge memory leak that, if left unchecked, will use all the available ram and all swap space in just few days. Because of that I stopped using it.
Thanks
I've set them both to restart on a daily basis, so will monitor and see how it performs
swap is currently at about 40% use been reporting now for nearly 6 days
> Be aware that the current Maltrail package is very buggy
That's a misleading representation of the issue at hand. Sure, the end result is similar to what is being described but the leak is in a python library used, which is unmaintained.
Cheers,
Franco
I already added a PR to FreeBSD ports with a memory-friendly implementation but currently no volunteer to pick it up