Portspoof (builded after this commit) randomly crash very often. I start it with this command line from non root user:
./root/bin/portspoof -c ./root/etc/portspoof.conf -s ./root/etc/portspoof_signatures

I know an issue without log is a pain but it crashing two or tree times a day with no output :s
Is it possible to enable some debug to provide logs? Where can I enable them?

My old version (1.3 - 26/06/2014) had less crash (one or two times a week) and sometimes output with 'Send to socket failed: Connection reset by peer' Don't know if it help.

gcc (Debian 4.9.2-10) 4.9.2
debian 8.6
iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 123456 -j RETURN
iptables -A PREROUTING -i eth0 -p tcp -m tcp --dport 1:65535 -j REDIRECT --to-ports 4444

Not related to the issue: Thanks for provide this awesome tool! Great work! I hope support will be back :)

Hey nailyk,

Could you configure the app using the latest source code with the following command:
./configure CFLAGS="-ggdb3 -O0" CXXFLAGS="-ggdb3 -O0" LDFLAGS="-ggdb3"
then make and before running portspoof enable dumps with this command ulimit -c unlimited.

It should then generate coredumps. Please send me all of them and I will try to fix this issue :)

Thanks for your quick answer.
Sorry, I probably did something wrong as there is now way to get portspoof running anymore:

portspoof@hostname:~$ time ./root/bin/portspoof -c ./root/etc/portspoof.conf -s ./root/etc/portspoof_signatures 
-> Using user defined configuration file ./root/etc/portspoof.conf
-> Using user defined signature file ./root/etc/portspoof_signatures
Erreur de segmentation (core dumped)

real    0m0.287s
user    0m0.268s
sys     0m0.012s
portspoof@hostname:~$ time ./root/bin/portspoof -c ./root/etc/portspoof.conf -s ./root/etc/portspoof_signatures 
-> Using user defined configuration file ./root/etc/portspoof.conf
-> Using user defined signature file ./root/etc/portspoof_signatures
Erreur de segmentation (core dumped)

real    0m0.329s
user    0m0.304s
sys     0m0.024s

Running from bash provide the same result.

How I rebuild:

git fetch origin
git checkout master
make clean
./configure --prefix=/home/portspoof/root CFLAGS="-ggdb3 -O0" CXXFLAGS="-ggdb3 -O0" LDFLAGS="-ggdb3"
make
sudo make install

(I bet on specific ip packets for those crash. While writing this answer portspoof keep crashing (see screenshot) so I should be under a specific scan/attack. I tried to tcpdump: I hope the culprit is in the capture. No trace of both ip into portspoof.log.)

Edit: Sorry @drk1wi I was not informed it will create ./core.
Here they are (sorry github still refuse my zips. portspoof binary included).
Sounds like each time it is related to Revregexp.cpp and/or lines into signatures.
I will try to find another signature file to experiment with.

Thanks nailyk, I am working on this.

Hi,
Any news?
Do you need more core dumps? What could I try to help you?
If you can give me an entry point into the code I should be able to add some printf to identify the problem.
Thanks in advance.

Hey,

I have fixed the issue. Tomorrow I will upload the new version.
Thanks for your help.

Piotr

Just rebuilt.
Thanks for the fix.

I still have a lot of

Send to socket failed: Connection reset by peer

but this make it rock-solid:

portspo+ 18682 0.4 1.2 768520 19300 pts/3 Sl+ mars10 208:20 ./root/bin/portspoof -c ./root/etc/portspoof.conf -s ./root/etc/portspoof_signatures

Thanks for the fix :)