tcpclean and argus-2.0
Peter Van Epp
vanepp at sfu.ca
Thu Sep 21 00:53:35 EDT 2000
And the new tcpclean compiles and runs fine out of the box on FreeBSD
now as well. I'll run 2.0.0g against traffic from my backbone (which isn't
IP only as the outbound link is) and see what exciting things break it :-).
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
>
> Hey Peter (and Russell),
> Some of the warnings are unavoidable, as they
> are from the bison/yacc code (out of our control)
> but the malloc and calloc stuff we can avoid.
>
> So I moved tcpclean over to Solaris and fixed
> the include file problem. There is a new version
> that compiles on Linux and Solaris, so possibly
> it has a chance ;o)
>
> ftp://qosient.com/dev/tcpclean/tcpclean-1.0
>
>
> Carter
>
>
> Carter Bullard
> QoSient, LLC
> 300 E. 56th Street, Suite 17A
> New York, New York 10022
>
> carter at qosient.com
> Phone +1 212 813-9426
> Fax +1 212 813-9426
>
> -----Original Message-----
> From: Peter Van Epp [mailto:vanepp at sfu.ca]
> Sent: Wednesday, September 20, 2000 6:59 PM
> To: Carter Bullard
> Subject: Re: tcpclean and argus-2.0
>
>
> >
> > Hey Peter and Russell,
> > Argus-2.0 barfs on the output of the anonymizer
> > as its argus's fault for not checking length very
> > well (it didn't expect packets of 14 bytes in length ;o)
> > I put a new version of argus-2.0.0g on qosient.com
> > that fixes the length problem, so if you want to test
> > refetch from ftp://qosient.com/dev/argus/argus-2.0
> >
> > Carter
> >
>
> A list of the warnings from the latest 2.0.0g (only warnings it
> compiles fine, I haven't tried it yet):
>
> making in common
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I. -I../i
> nclude -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_SOCKIO_H
> =1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG=1 -DHAVE_SOCKADDR_S
> A_LEN=1 -c ./argus_util.c
> ./argus_util.c: In function `print_date':
> ./argus_util.c:220: warning: `%y' yields only last 2 digits of year
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I. -I../i
> nclude -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_SOCKIO_H
> =1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG=1 -DHAVE_SOCKADDR_S
> A_LEN=1 -c ./gencode.c
> ./gencode.c:504: warning: `Argusgen_causetype' defined but not used
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I. -I../i
> nclude -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_SOCKIO_H
> =1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG=1 -DHAVE_SOCKADDR_S
> A_LEN=1 -c ./argus_filter.c
> ./argus_filter.c: In function `argus_ether_hostton':
> ./argus_filter.c:4357: warning: function declaration isn't a prototype
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I. -I../i
> nclude -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_SOCKIO_H
> =1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG=1 -DHAVE_SOCKADDR_S
> A_LEN=1 -c ./scanner.c
> scanner.l: In function `argus_lex':
> scanner.l:185: warning: statement with no effect
> scanner.l: At top level:
> scanner.l:531: warning: `yyunput' defined but not used
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I. -I../i
> nclude -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_SOCKIO_H
> =1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG=1 -DHAVE_SOCKADDR_S
> A_LEN=1 -Dyylval=argus_lval -c grammar.c
> grammar.c:14: warning: function declaration isn't a prototype
> y.tab.c:654: warning: function declaration isn't a prototype
> rm -f ../lib/argus_common.a; ar qc ../lib/argus_common.a gencode.o
> argus_filter.o scanner.o grammar.o
> ranlib ../lib/argus_common.a
>
> making in clients
>
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I
> . -I../include -I../common -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1
> -DHAVE_SYS_SOCKIO_H=1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG
> =1 -DHAVE_SOCKADDR_SA_LEN=1 -c ./rasort.c
> ./rasort.c: In function `RaParseComplete':
> ./rasort.c:119: warning: implicit declaration of function `calloc'
> ./rasort.c: In function `RaProcessRecord':
> ./rasort.c:168: warning: implicit declaration of function `malloc'
>
>
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I
> . -I../include -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_
> SOCKIO_H=1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG=1 -DHAVE_SO
> CKADDR_SA_LEN=1 -c ./ArgusModeler.c
> ./ArgusModeler.c: In function `ArgusUpdateFlow':
> ./ArgusModeler.c:366: warning: implicit declaration of function
> `ArgusCreateFRAGFlow'
> ./ArgusModeler.c:376: warning: implicit declaration of function
> `ArgusUpdateFRAGState'
> gcc -g -pthread -O -Wall -Wmissing-prototypes -Wstrict-prototypes -I
> . -I../include -I../include/linux-include -DHAVE_SYS_IOCCOM_H=1 -DHAVE_SYS_
> SOCKIO_H=1 -DHAVE_ETHER_HOSTTON=1 -DHAVE_STRERROR=1 -DARGUSDEBUG=1 -DHAVE_SO
> CKADDR_SA_LEN=1 -c ./Argus_frag.c
> ./Argus_frag.c:36: warning: function declaration isn't a prototype
> ./Argus_frag.c:113: warning: no previous prototype for
> `ArgusUpdateFRAGState'
>
> And tcpclean has a compile problem I haven't had a chance to poke at
> yet:
>
> In file included from tcpclean.c:279:
> ../include/linux-include/netinet/ip.h:36: endian.h: No such file or
> directory
> In file included from tcpclean.c:280:
> ../include/linux-include/netinet/ip_var.h:36: endian.h: No such file or
> directory
>
> Peter Van Epp / Operations and Technical Support
> Simon Fraser University, Burnaby, B.C. Canada
>
>
> ------=_NextPart_000_0032_01C02362.00CDFA40
> Content-Type: text/html;
> charset="us-ascii"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
> <HTML>
> <HEAD>
> <META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
> charset=3DWindows-1252">
> <META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
> 6.0.4417.0">
> <TITLE>RE: tcpclean and argus-2.0</TITLE>
> </HEAD>
> <BODY>
> <!-- Converted from text/plain format -->
>
> <P><FONT SIZE=3D2>Hey Peter (and Russell),</FONT>
>
> <BR><FONT SIZE=3D2> Some of the warnings are unavoidable, as =
> they</FONT>
>
> <BR><FONT SIZE=3D2>are from the bison/yacc code (out of our =
> control)</FONT>
>
> <BR><FONT SIZE=3D2>but the malloc and calloc stuff we can avoid.</FONT>
> </P>
>
> <P><FONT SIZE=3D2> So I moved tcpclean over to Solaris and =
> fixed</FONT>
>
> <BR><FONT SIZE=3D2>the include file problem. There is a new =
> version</FONT>
>
> <BR><FONT SIZE=3D2>that compiles on Linux and Solaris, so =
> possibly</FONT>
>
> <BR><FONT SIZE=3D2>it has a chance ;o)</FONT>
> </P>
>
> <P><FONT SIZE=3D2><A =
> HREF=3D"ftp://qosient.com/dev/tcpclean/tcpclean-1.0">ftp://qosient.com/de=
> v/tcpclean/tcpclean-1.0</A></FONT>
> </P>
> <BR>
>
> <P><FONT SIZE=3D2>Carter</FONT>
> </P>
> <BR>
>
> <P><FONT SIZE=3D2>Carter Bullard</FONT>
>
> <BR><FONT SIZE=3D2>QoSient, LLC</FONT>
>
> <BR><FONT SIZE=3D2>300 E. 56th Street, Suite 17A</FONT>
>
> <BR><FONT SIZE=3D2>New York, New York 10022</FONT>
> </P>
>
> <P><FONT SIZE=3D2>carter at qosient.com</FONT>
>
> <BR><FONT SIZE=3D2>Phone +1 212 813-9426</FONT>
>
> <BR><FONT SIZE=3D2>Fax +1 212 813-9426</FONT>
> </P>
>
> <P><FONT SIZE=3D2>-----Original Message-----</FONT>
>
> <BR><FONT SIZE=3D2>From: Peter Van Epp [<A =
> HREF=3D"mailto:vanepp at sfu.ca">mailto:vanepp at sfu.ca</A>]</FONT>
>
> <BR><FONT SIZE=3D2>Sent: Wednesday, September 20, 2000 6:59 PM</FONT>
>
> <BR><FONT SIZE=3D2>To: Carter Bullard</FONT>
>
> <BR><FONT SIZE=3D2>Subject: Re: tcpclean and argus-2.0</FONT>
> </P>
> <BR>
>
> <P><FONT SIZE=3D2>> </FONT>
>
> <BR><FONT SIZE=3D2>> Hey Peter and Russell,</FONT>
>
> <BR><FONT SIZE=3D2>> Argus-2.0 barfs on the output =
> of the anonymizer</FONT>
>
> <BR><FONT SIZE=3D2>> as its argus's fault for not checking length =
> very</FONT>
>
> <BR><FONT SIZE=3D2>> well (it didn't expect packets of 14 bytes in =
> length ;o)</FONT>
>
> <BR><FONT SIZE=3D2>> I put a new version of argus-2.0.0g on =
> qosient.com</FONT>
>
> <BR><FONT SIZE=3D2>> that fixes the length problem, so if you want to =
> test</FONT>
>
> <BR><FONT SIZE=3D2>> refetch from <A =
> HREF=3D"ftp://qosient.com/dev/argus/argus-2.0">ftp://qosient.com/dev/argu=
> s/argus-2.0</A></FONT>
>
> <BR><FONT SIZE=3D2>> </FONT>
>
> <BR><FONT SIZE=3D2>> Carter</FONT>
>
> <BR><FONT SIZE=3D2>> </FONT>
> </P>
>
> <P> <FONT SIZE=3D2>A list of =
> the warnings from the latest 2.0.0g (only warnings it</FONT>
>
> <BR><FONT SIZE=3D2>compiles fine, I haven't tried it yet):</FONT>
> </P>
>
> <P><FONT SIZE=3D2>making in common</FONT>
>
> <BR><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I. -I../include -I../include/linux-include =
> -DHAVE_SYS_IOCCOM_H=3D1 -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 =
> -DHAVE_STRERROR=3D1 -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 -c =
> ./argus_util.c</FONT></P>
>
> <P><FONT SIZE=3D2>./argus_util.c: In function `print_date':</FONT>
>
> <BR><FONT SIZE=3D2>./argus_util.c:220: warning: `%y' yields only last 2 =
> digits of year</FONT>
>
> <BR><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I. -I../include -I../include/linux-include =
> -DHAVE_SYS_IOCCOM_H=3D1 -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 =
> -DHAVE_STRERROR=3D1 -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 -c =
> ./gencode.c</FONT></P>
>
> <P><FONT SIZE=3D2>./gencode.c:504: warning: `Argusgen_causetype' defined =
> but not used</FONT>
>
> <BR><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I. -I../include -I../include/linux-include =
> -DHAVE_SYS_IOCCOM_H=3D1 -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 =
> -DHAVE_STRERROR=3D1 -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 -c =
> ./argus_filter.c</FONT></P>
>
> <P><FONT SIZE=3D2>./argus_filter.c: In function =
> `argus_ether_hostton':</FONT>
>
> <BR><FONT SIZE=3D2>./argus_filter.c:4357: warning: function declaration =
> isn't a prototype</FONT>
>
> <BR><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I. -I../include -I../include/linux-include =
> -DHAVE_SYS_IOCCOM_H=3D1 -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 =
> -DHAVE_STRERROR=3D1 -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 -c =
> ./scanner.c</FONT></P>
>
> <P><FONT SIZE=3D2>scanner.l: In function `argus_lex':</FONT>
>
> <BR><FONT SIZE=3D2>scanner.l:185: warning: statement with no =
> effect</FONT>
>
> <BR><FONT SIZE=3D2>scanner.l: At top level:</FONT>
>
> <BR><FONT SIZE=3D2>scanner.l:531: warning: `yyunput' defined but not =
> used</FONT>
>
> <BR><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I. -I../include -I../include/linux-include =
> -DHAVE_SYS_IOCCOM_H=3D1 -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 =
> -DHAVE_STRERROR=3D1 -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 =
> -Dyylval=3Dargus_lval -c grammar.c</FONT></P>
>
> <P><FONT SIZE=3D2>grammar.c:14: warning: function declaration isn't a =
> prototype</FONT>
>
> <BR><FONT SIZE=3D2>y.tab.c:654: warning: function declaration isn't a =
> prototype</FONT>
>
> <BR><FONT SIZE=3D2>rm -f ../lib/argus_common.a; ar qc =
> ../lib/argus_common.a gencode.o argus_filter.o scanner.o =
> grammar.o</FONT>
>
> <BR><FONT SIZE=3D2>ranlib ../lib/argus_common.a</FONT>
> </P>
>
> <P><FONT SIZE=3D2>making in clients</FONT>
> </P>
>
> <P><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I . -I../include -I../common =
> -I../include/linux-include -DHAVE_SYS_IOCCOM_H=3D1 =
> -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 -DHAVE_STRERROR=3D1 =
> -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 -c ./rasort.c</FONT></P>
>
> <P><FONT SIZE=3D2>./rasort.c: In function `RaParseComplete':</FONT>
>
> <BR><FONT SIZE=3D2>./rasort.c:119: warning: implicit declaration of =
> function `calloc'</FONT>
>
> <BR><FONT SIZE=3D2>./rasort.c: In function `RaProcessRecord':</FONT>
>
> <BR><FONT SIZE=3D2>./rasort.c:168: warning: implicit declaration of =
> function `malloc'</FONT>
> </P>
> <BR>
>
> <P><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I . -I../include -I../include/linux-include =
> -DHAVE_SYS_IOCCOM_H=3D1 -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 =
> -DHAVE_STRERROR=3D1 -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 -c =
> ./ArgusModeler.c</FONT></P>
>
> <P><FONT SIZE=3D2>./ArgusModeler.c: In function =
> `ArgusUpdateFlow':</FONT>
>
> <BR><FONT SIZE=3D2>./ArgusModeler.c:366: warning: implicit declaration =
> of function `ArgusCreateFRAGFlow'</FONT>
>
> <BR><FONT SIZE=3D2>./ArgusModeler.c:376: warning: implicit declaration =
> of function `ArgusUpdateFRAGState'</FONT>
>
> <BR><FONT SIZE=3D2>gcc -g -pthread -O -Wall -Wmissing-prototypes =
> -Wstrict-prototypes -I . -I../include -I../include/linux-include =
> -DHAVE_SYS_IOCCOM_H=3D1 -DHAVE_SYS_SOCKIO_H=3D1 -DHAVE_ETHER_HOSTTON=3D1 =
> -DHAVE_STRERROR=3D1 -DARGUSDEBUG=3D1 -DHAVE_SOCKADDR_SA_LEN=3D1 -c =
> ./Argus_frag.c</FONT></P>
>
> <P><FONT SIZE=3D2>./Argus_frag.c:36: warning: function declaration isn't =
> a prototype</FONT>
>
> <BR><FONT SIZE=3D2>./Argus_frag.c:113: warning: no previous prototype =
> for `ArgusUpdateFRAGState'</FONT>
> </P>
>
> <P> <FONT SIZE=3D2>And =
> tcpclean has a compile problem I haven't had a chance to poke at</FONT>
>
> <BR><FONT SIZE=3D2>yet:</FONT>
> </P>
>
> <P><FONT SIZE=3D2>In file included from tcpclean.c:279:</FONT>
>
> <BR><FONT SIZE=3D2>../include/linux-include/netinet/ip.h:36: endian.h: =
> No such file or directory</FONT>
>
> <BR><FONT SIZE=3D2>In file included from tcpclean.c:280:</FONT>
>
> <BR><FONT SIZE=3D2>../include/linux-include/netinet/ip_var.h:36: =
> endian.h: No such file or directory</FONT>
> </P>
>
> <P><FONT SIZE=3D2>Peter Van Epp / Operations and Technical Support =
> </FONT>
>
> <BR><FONT SIZE=3D2>Simon Fraser University, Burnaby, B.C. Canada</FONT>
> </P>
>
> </BODY>
> </HTML>
> ------=_NextPart_000_0032_01C02362.00CDFA40--
>
>
More information about the argus
mailing list