Argus-2.0 Ground Breaking

Carter Bullard carter at qosient.com
Mon Aug 7 13:15:42 EDT 2000 

Gentle people,
   Well, I've started the official Argus-2.0 effort with
the first software ground breaking event.  Today we're
working on foundation, which includes process control.
Argus will be structured as 2 processes which will have
a minimum of 4 threads.  The main process will have 3 threads,
  1. a controlling thread that will parse command line options,
     create the other process and threads and handle signals.
     a packet source and a flow modeler.
  2. a packet source thread, that will deal with socket/file
     operations, multiple packet file/stream formats and
     do unzipping etc...
  3. a flow modeler, which will consume packets and generate
     Argus Management Records (AMRs) and Flow Activity
     Reports (FARs), that will be sent to the second process.

The second process is the Argus Output Processor, which will
will receive AMRs and FARs from the Modeler through a pipe, and
dispatch them to whoever/whatever is interested in Argus Output.
Each output will be handled by a separate thread, so as to
independently deal with pipe and socket issues and do filtering.
So the Output Processor is a thread manager and Argus output
dispatcher.

The Output Processor will handle file and socket management for
Argus output, which is designed to support any number of output
files and remote socket based clients, each of which can have
independent filtering on the output streams.  Once connected,
remote clients will be able to transmit ASCII filters to the
Output Processor so that filtering is done before transmitting
Argus data onto the wire.

OK, this is the first wave of process design.  Comments are
required, so don't be shy ;o)

What specific support is needed to do process management at this
stage.  PID's in .argus.pid files would be reasonable.  We'll
need an ARGUSHOME environment variable, or something like it.
I can assume that special names for the threads/processes would
be in order so that a ps() will show you which processes are
which.

Anything else?

Carter


Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 17A
New York, New York  10022

carter at qosient.com
Phone +1 212 813-9426
Fax   +1 212 813-9426

More information about the argus mailing list