another problem ...

Peter Van Epp vanepp at sfu.ca
Fri Sep 22 21:59:45 EDT 2000 

	Since I have two (different) ethernet cards in the machine I swapped
interfaces to make sure this isn't a card issue. While attempting to process
the tcpdump log file with argus_bpf it appeared to hang, and I got a seg
fault on control-Cing:

demoa# ra -r argus.1.log -c -n |grep Wed
demoa# argus_bpf -r tcpdump.1.log -w - |ra -c -n | grep Wed

^CSegmentation fault (core dumped)  

root     154  0.0  0.2  1336  952  p0  S     6:50PM   0:00.07 _su (csh)
root     184  0.4  0.2  2648 1264  p0  S     6:53PM   0:01.44 tcpdump -i xl0 -s1510 -w tcpdump.1.log
root     185  0.0  0.7  4724 3528  p0  S     6:53PM   0:00.49 argus_bpf -i xl0 -w argus.1.log
root     186  0.0  0.1  1904  716  p0  S     6:53PM   0:00.02 argus_bpf -i xl0 -w argus.1.log
root     187  0.0  0.1  1908  692  p0  S     6:53PM   0:00.01 argus_bpf -i xl0 -w argus.1.log
root     193  0.0  0.1  1904  708  p0  S     6:54PM   0:00.07 argus_bpf -r tcpdump.1.log -w -
root     194  0.0  0.1  1924  708  p0  S     6:54PM   0:00.08 argus_bpf -r tcpdump.1.log -w -

demoa# gdb argus_bpf argus_bpf.core
GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
Core was generated by `argus_bpf'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libm.so.2...done.
Reading symbols from /usr/lib/libc.so.4...done.
Reading symbols from /usr/libexec/ld-elf.so.1...done.
#0  0x281183be in bcopy () from /usr/lib/libc.so.4
(gdb) where
#0  0x281183be in bcopy () from /usr/lib/libc.so.4
#1  0x82e0f04 in ?? ()
#2  0x804a9f2 in ArgusSendFlowRecord (flow=0x82e0f04, state=8)
    at ./ArgusModeler.c:705
#3  0x804dee9 in ArgusProcessQueue (queue=0x817c004, status=8)
    at ./ArgusUtil.c:372
#4  0x804abb5 in ArgusModelerCleanUp () at ./ArgusModeler.c:798
#5  0x8049e67 in ArgusDeleteModeler () at ./ArgusModeler.c:124
#6  0x8049d27 in ArgusShutDown (sig=0) at ./argus.c:278
#7  0x8049c10 in main (argc=5, argv=0xbfbffbec) at ./argus.c:194
#8  0x80496c9 in _start ()
(gdb) q
demoa# 

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

More information about the argus mailing list