ragator config problems

[Russell Fulton]

I orginally sent this a few days ago but mangled the list address and 
failed to see the bounce message. Before I realised this I went to 
check the archives at The Theory Group to see if there were any 
responses (Carter is so good at responding I figured that something 
must have gone wrong when I did not get any response) and found that 
the archive does not appear to have been updated since March.

Anyway here is the orginal message...

Any idea what is wrong with this ragator config file ?:

#label   id    SrcCIDRAddr        DstCIDRAddr         Proto  SrcPort  
DstPort   ModelList  Duration
Flow     100   130.216.0.0:16           *             tcp      *       
www        210        10000000

# label  id      SrcAddrMask     DstAddrMask      Proto  SrcPort  
DstPort

Model    210   255.255.0.0  255.255.255.255    yes      no      yes

bash-2.04$ bin/ra -w - -r data/current - src net 130.216 and dst port 
80 | bin/ragator -F test-gator 
ragator[83951]: ArgusParseResourceFile (test-gator) syntax error line 2

I hate yacc based parsers that simply print "syntax error"  ;-)

What I am trying to do is aggregate all traffic for each web server 
that our users talk to.  (our management are convinced that our users 
spend all their time at porn sites, I have to refute this idiocy, 
sigh...)


Russell Fulton, Computer and Network Security Officer
The University of Auckland,  New Zealand