CCcam Fehlermeldungen

This is a copy-paste from another website, I did not create this. I keep it for reference, it was hard to find for me.

URL port 16001 for cccam site

./CCcam_2.2.1 -dv

To get a stable server follow this important rules:

1. Do NOT use port 12000 (user a high like 53232)
2. Quality before Quantity
3. Never ever add a peer without having user┬┤s email/msn. This way you can ask him if some is wrong.
4. Add DNS/IP at the end of your F: lines Example:

F: username password 1 0 0 { 0:0:1 } { } { } myservercam.dyndns.org

1. If you remove a peer, do tell him that you have done, and ask him to remove his C: line. If you remove a client and hi does not remove his C: line, he will fill up you log, trying to reconnect. Re-add his F: line but do not give him any cards. Example:

F: username password 0 0 0 { 0:0:0 }

First step is to enable CCcam debugging. This can be done in one or two ways.

1. Run CCcam from command prompt like this: /var/bin/CCcam -d >>/var/log/debug & You need to stop the CCcam by kill it before you restart it with options.
2. If you have a linux server like Ubuntu, you can add this info to CCcam.cfg: DEBUG : yes. This option is fine, since you do not need to restart CCcam server. Debug data are then logged to /var/log/debug

Warning: Log files do grow rapidly large.

Other debug options

CCcam.x86 -h

usage: CCcam [-d] [-C <configfile>]
-d run in the foreground (implies -v and -q)
-v be verbose
-q don't use syslog (use on old systems)
-C <configfile> use <configfile> instead of default (/var/etc/CCcam.cfg)
-f filter on specific demux data (saves some CPU, but some platforms might not handle this very well)
-n show network packets
-s disable server
-t show timing
-l disable self-learning capabilities 

Debug info

Starting CCcam

When CCcam server start it shows you some useful information.

To see all restart in logfile, run:

cat /var/log/syslog | grep -1 ==== 

Normal login to you Server

This shows a normal login from a client to your server:

Quote:

Jan 17 13:34:53 server2 CCcam: login from 66.255.5.153 Jan 17 13:34:53 server2 CCcam: user pedro login attempt from 66.55.5.153 Jan 17 13:34:53 server2 CCcam: client pedro@a9d6346630a9639c, running CCcam 2.1.2

Changed config

If you edit CCcam.cfg this is logged

Jan 28 14:36:15 server2 CCcam: configfile changed. Updating... 

KeepAlive

To keep server and clients connected, there are sent keep alive packed. If the user turn off his server, or network connection are lost, you do see this:

Quote:

Jan 21 15:14:09 server2 CCcam: keepalive failed, close connection to server.dyndns.org

ECM

Most of the debug file will contain information on ECM handling. You get Error when some request ECM for a channel that is from a card you have, but not able to open the channel.

From remote server Ok:

Quote:

Jan 18 09:36:53 server2 CCcam: client demodemo ecm request for handler 0x64 0xb00(0x0) sid 0x135 ok: 1

Jan 18 09:36:54 server2 CCcam: remote ecm -> server.dyndns.org:12000 0xb00(0x000)

Jan 18 09:36:54 server2 CCcam: remote ecm <- server.dyndns.org:12000 ok

From remote server Cache:

Jan 18 09:36:54 server2 CCcam: remote ecm <- server.dyndns.org:12000 cws from cache

From remote server Error:

Jan 18 09:36:54 server2 CCcam: remote ecm <- server.dyndns.org:12000 error

From local card Ok:

Jan 21 17:34:01 server2 CCcam: client pedro ecm request for handler 0x64 0xb00(0x0) sid 0xdbb ok: 1
Jan 21 17:34:01 server2 CCcam: local ecm -> card /dev/ttyUSB0 0xb00(0x000) sid 0x5dd
Jan 21 17:34:01 server2 CCcam: local ecm <- card /dev/ttyUSB0 ok

From local card from Cache:

Jan 21 17:34:01 server2 CCcam: local ecm <- card /dev/ttyUSB0 cw's from cache

From local card Error:

Jan 21 17:34:01 server2 CCcam: local ecm <- card /dev/ttyUSB0 error

ECM timing

To see ECM timing, you need to turn it on in CCcam.cfg with this command SHOW TIMING: yes or starting CCcam with with -dt like this CCcam -dt

Jan 11 20:53:34 server2 CCcam: remote ecm <- cccam.dyndns.com:12000 ok (took 0.210 seconds)
Jan 11 20:53:34 server2 CCcam: client pedro ecm request for handler 0x31e5f 0x90f(0x0) sid 0xdb5 ok: 1 (took 0.121 seconds) 

You will then see how long an ECM request takes (at end of line). This do add some extra load on CCcam server, so take care.

EMM

EMM are the codes that keep your cards alive. If you do not get this and have cards in your server, it will die after some time.

Jan 29 14:47:13 server2 CCcam: local emm -> card /dev/ttyUSB0 0xb00(0x000)
Jan 29 14:47:13 server2 CCcam: local emm <- card /dev/ttyUSB0 ok
Jan 29 14:47:13 server2 CCcam: client garbimbbit emm 0xb00(0x0) ok: 1 

Portscan-Telnet to your Server

If some just open the CCcam port without logging in you get this info. This can come from some doung portscan, or just do a telnet yourip 12000

Jan 16 14:22:19 server2 CCcam: login from 155.10.10.132
Jan 16 14:22:25 server2 CCcam: kick 155.10.10.132, bad response

This command, do list all ip sorted and counted:

grep "bad response" /var/log/syslog | awk '{arr[$7]++} END {for (i in arr) print i,arr[i]}'
 84.20.182.97, 1
 84.191.27.229, 3
 85.16.46.59, 14 

Double login to your Server

Two or more users try to log in to your server using same username.

This can be due to one ore more reason:

• From same IP. A user have more than one CCcam session runniing on his server that uses same CCcam.cfg
• From same IP. A user may run to clients using same CCcam.cfg
• Fram same IP. Client or you have packet drop (bad internet line), clients thinks he lost server and tries to login agian.
• From different IP. Some tries to use your clients user/pass from another location.

Jan 27 07:59:44 server2 CCcam: user badboy login attempt from 85.16.213.176
Jan 27 07:59:44 server2 CCcam: double login (badboy), (previous 84.202.182.63), reject
Jan 27 07:59:44 server2 CCcam: kick 85.16.213.176(), bad command 

This command does list all double user login atempts:

grep "double" /var/log/syslog | awk '{arr[$8]++} END {for (i in arr) print i,arr[i]}'
(dm800), 19
(darkman), 4
(pedro), 76 

Double login from your server

This is directly related to "Double login to your server". If your server(client part) for some reason loose network connection to remote server, it will try to log in again. This may be recorded on remote server as "Double login" from same IP

Jan 28 14:34:09 server2 CCcam: login at server.dyndns.tv:12000 failed, server message: client 109.19.187.17 already connected

Double nodeid to Your Server

If a user has two CCcam servers running on same server you see this. It is possible to run separate node id, but not easy.

Jan 25 22:54:40 server2 CCcam: WARNING: double nodeid, user garbimbbit and troja

Wrong password to your server

Username do exist in your server but user tries wrong password

13:43:14.673 CCcam: login from 129.21.143.231
13:43:14.745 CCcam: user demo login attempt from 129.21.143.231 
13:43:14.746 CCcam: wrong password supplied by 129.21.143.231
13:43:14.746 CCcam: kick 129.21.143.231, signature failed 

Command to show what IP do use wrong password

grep "wrong" /var/log/syslog | awk '{arr[$10]++} END {for (i in arr) print i,arr[i]}'

194.11.10.41 2 

This command do list the line above wrong password to try to list username. There may be other entries between wrong password and username.

cat /var/log/syslog | grep -B4 "wrong" Quote:

Jan 29 08:45:00 server2 CCcam: login from 194.110.10.41 Jan 29 08:45:00 server2 CCcam: user dm800 login attempt from 194.11.10.41

Jan 29 08:45:00 server2 CCcam: wrong password supplied by 194.11.10.41

DNS missing or no user to your Server

This may be the most important to look for. There are two reasons to see this error.

1. User that tries to log in does not exist.

2. Most commonly: You have added IP or DNS behind your F: line to prevent user from logging in from wrong site. User have for some reason changed IP, and or have not updated DNS (dyndns) after he have got a new IP.

Quote:

Jan 25 07:30:50 server2 CCcam: login from 94.211.13.180 Jan 25 07:30:50 server2 CCcam: illegal user zambibi from 94.211.13.180 Jan 25 07:30:50 server2 CCcam: kick 94.211.13.180, signature failed

This command shows what user and how many times they have tried to login in from wrong ip:

grep "illegal" /var/log/syslog | awk '{arr[$8]++} END {for (i in arr) print i,arr[i]}' Quote:

pedro 606

DM8000 9

zimba 2389

Missing Internet or DNS from your Server

If you internett line are down or DNS server do not reply, you get this error message:

Quote:

Feb 10 04:25:39 server2 CCcam: failed to get address for cccam.dyndns.com Feb 10 04:26:39 server2 CCcam: failed to get address for cccam.dyndns.com

PS missing DNS may slow down the whole CCcam server and make it unstable.

Nonexistent Hostname

When a client connects to your F: Line and this line has an Hostname after, your server will look it up on a DNS server. If this Hostname does not exist, the user will still be able to log in (bug?).

Quote:

Apr 6 12:18:45 server2 CCcam: login from 85.18.51.53 Apr 6 12:18:45 server2 CCcam: Hostname pakmappap.dyndns.org for user test2 not found

Apr 6 12:18:45 server2 CCcam: user test2 login attempt from 85.18.51.53 Apr 6 12:18:45 server2 CCcam: client test2@6183c11e5a925aad, running CCcam 2.2.1

This commands show how many hits you have in your logfile.

cat /var/log/syslog | grep Hostname

Bad Command

Why we see bad command, I am not sure. This happens from all different CCcam versions. It has nothing to do with server load, since it's evenly spread out in time and server are not heavy loaded. It happens also from a single client, newly reinstalled, no re-share.

Edit: You will see bad command if you just turn off the client and its in middle of a ecm transaction. It will also be the same if network drops when its in a session. (Bad command is also displayed when double login occurs)

Quote:

Feb 4 08:15:03 server2 CCcam: kick 72.175.162.180(pedro), bad command Feb 4 08:15:03 server2 CCcam: login from 72.175.162.180 Feb 4 08:15:03 server2 CCcam: user pedro login attempt from 72.175.162.180 Feb 4 08:15:03 server2 CCcam: client pedro@290d38d85b7a14b1, running CCcam 2.2.1

To see user and CCcam version run this command:

cat /var/log/syslog | grep -A3 "bad command"

Unknown

I have not found the reason for these errors. Google give no answer.

Some user tries to login, but do not give username. Client do still work, but this message are repeated many times for some user in the log. If some has information, please post it.

Quote:

Jan 3 13:32:16 server2 CCcam: login from 111.243.115.95 Jan 3 13:32:16 server2 CCcam: kick 111.243.115.95, signature failed

Jan 3 13:32:16 server2 CCcam: login from 111.243.115.95 Jan 3 13:32:16 server2 CCcam: kick 111.243.115.95, signature failed

Other info

"read result -1" has been replaced by "bad command" 

Outside Timeslot

If you have configured timelimit for a user, you get this error message:

Fep 23 17:00:09 server2 CCcam: User zambibi outside timeslot
Feb 23 17:00:09 server2 CCcam: User zambibi outside timeslot
Feb 23 17:00:09 server2 CCcam: User zambibi outside timeslot 

Block Sid

If you have configured blocked sid for a user, you get this error message:

Fep 23 17:00:09 server2 CCcam: User zambibi wants a block sid 

Newcamd

NB adding N line to a Newcamd server increase the load of you server. The logs do also grow rapid large, since it seems that CCcam do read all Newcamd information every second.

Ok ECM request to newcamd

Clients asks for ECM and get ok respond from a Newcamd server

Feb 9 08:53:09 server2 CCcam: client bingo ecm request for handler 0x64 0xb00(0x0) sid 0x57f ok: 1
Feb 9 08:53:09 server2 CCcam: newcamd ecm <- newcamd.dyndns.tv:15000 ok

Error ECM request to newcamd

Here the clients try to read ECM from Newcamd server but gets it from local card, since Newcamd cannot decode it. Why it tries Newcamd before Local card, I do not know.

Feb 9 09:07:52 server2 CCcam: client bingo ecm request for handler 0x64 0xb00(0x0) sid 0x3ff ok: 1
Feb 9 09:07:53 server2 CCcam: newcamd ecm -> newcamd.dyndns.tv:15000
Feb 9 09:07:53 server2 CCcam: local ecm -> card /dev/ttyUSB0 0xb00(0x000) sid 0x5de
Feb 9 09:07:53 server2 CCcam: local ecm <- card /dev/ttyUSB0 ok
Feb 9 09:07:53 server2 CCcam: client bingo ecm request for handler 0x64 0xb00(0x0) sid 0x5de ok: 1
Feb 9 09:07:53 server2 CCcam: newcamd ecm <- newcamd.dyndns.tv:15000 error

Connect to newcamd

This show CCcam server connecting to a Newcamd server.

Feb 4 13:03:59 server2 CCcam: newcamd server 193.84.46.5:12000 user: demo
Feb 4 13:04:00 server2 CCcam: newcamd caid 0d03 providers 4 userid: 0
Feb 4 13:04:00 server2 CCcam: newcamd card serial: 05057100
Feb 4 13:04:00 server2 CCcam: newcamd prov 00 000004 00000000
Feb 4 13:04:00 server2 CCcam: newcamd prov 01 000008 00000000
Feb 4 13:04:00 server2 CCcam: newcamd prov 02 000024 00000000
Feb 4 13:04:00 server2 CCcam: newcamd prov 03 000028 00000000 
Last 5 lines shows card type and what provider it decodes

No user

Your CCcam server tires to conncet to a Newcamd but user does not exists

Feb 4 12:58:00 server2 CCcam: newcamd server 193.84.46.5:12000 user: foche54
Feb 4 12:58:00 server2 CCcam: newcamd receive error: no login ack

Wrong password

Trying to connect to a Newcamd server from CCcam with wrong password, but have correct username

Feb 4 13:05:32 server2 CCcam: newcamd server 193.84.46.5:12000 user: foche54
Feb 4 13:05:32 server2 CCcam: newcamd first read failed 0
Feb 4 13:05:32 server2 CCcam: newcamd receive error -1

Real-time debugging You can always look at the debug file, but since it grows very large we need some tool to control the output. tail -n 10 /var/log/syslog Her you get the last 10 lines of the debug file. You can change the 10 to any number you like.

A better way is to use this: tail -f /var/log/syslog Now you do get all new line added listed. This is near real time info from the log file. Problem with this is that the amounts of information are huge.

To solve the information overflow, use this line: tail -f /var/log/syslog | grep -vE '(ecm request|local ecm|remote ecm|snmpd|emm|repeated|ntpd|newcamd)' This will give you errors only

I do use Munin to monitor many of the errors above. I will update Munin page when I get some more time. http://www.cccamforum.com/forums/showthread.php?t=63451

(C) Jotne v 3.6

[ Zurück zu CCcam ] [ Zurück zu Hauptseite ]