argus-2.0.4 available for testing
Carter Bullard
carter at qosient.com
Mon Nov 5 07:50:17 EST 2001
Hey Scott,
A simple type, sorry for the inconvenience.
I've included the patch, and I'll have new code
up on the server in a few hours.
Index: argus_util.c
===================================================================
RCS file: /usr/local/cvsroot/argus/common/argus_util.c,v
retrieving revision 1.109.4.3.2.7
diff -r1.109.4.3.2.7 argus_util.c
1094c1094
< if (!((flow->ip_flow.dport = 0xFFFF) && (argus->ahdr.status &
ARGUS_MERGED)))
---
> if (!((flow->ip_flow.dport == 0xFFFF) && (argus->ahdr.status &
ARGUS_MERGED)))
Carter
Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York 10022
carter at qosient.com
Phone +1 212 588-9133
Fax +1 212 588-9134
http://qosient.com
> -----Original Message-----
> From: owner-argus-info at lists.andrew.cmu.edu
> [mailto:owner-argus-info at lists.andrew.cmu.edu] On Behalf Of
> Scott A. McIntyre
> Sent: Saturday, November 03, 2001 9:47 AM
> To: Carter Bullard
> Cc: Argus
> Subject: Re: argus-2.0.4 available for testing
>
>
> > Gentle people,
> > ftp://qosient.com/dev/argus-2.0/argus-2.0.4.tar.gz
> > is available for testing. This version has fixes for
> > some significant bugs, and has mods, included the ability
> > to attach to an unnumbered interface, as well as the
> > most recent one with printing out 0xffff port values
> > when there has not been any aggregation. Please see
> > the ChangeLog for specifics.
>
> There's something wrong with beta1, Carter -- it's putting
> 65535 as the tcp port for all connections.
>
> 03 Nov 01 15:12:52 tcp xxx.yy.zzz.35.1114 ?>
> xxxy.yyy.aa.bbb.65535 TIM
> 03 Nov 01 15:38:08 tcp xxx.yy.zzz.35.1115 ?>
> xxx.yyy.6.44.65535 EST
>
> and so on and so forth.
>
>
> Scott
>
>
>
>
More information about the argus
mailing list