Need help using argus
Carter Bullard
carter at qosient.com
Mon Nov 12 09:14:22 EST 2001
Hey Freddy,
The compiler assumes that you are setting a -s option
with the value "rc" and a -d option with the value
"st" with your commands. The src and dst selectors
are eaten by the compiler and the result is that the
compiler sees the same command in both instances.
You need to put a space between the - and the "src"
and "dst" direction selectors, so that the compiler will
know that it is at the end of the options list.
racount -L0 -r argus.data - src port smtp and host ....
racount -L0 -r argus.data - dst port smtp and host ....
Carter
Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York 10022
carter at qosient.com
Phone +1 212 588-9133
Fax +1 212 588-9134
http://qosient.com
> -----Original Message-----
> From: freddy at simicro-distribution.mg
> [mailto:freddy at simicro-distribution.mg] On Behalf Of Freddy
> RAKOTOARISON
> Sent: Monday, November 12, 2001 8:26 AM
> To: argus-info at lists.andrfew.cmu.edu;
> majordomo at lists.andrew.cmu.edu; carter at qosient.com
> Subject: Re: Need help using argus
>
>
> Hi!
>
> - why I've the same output for the two commands below ?
>
> # racount -L 0 -r argus.data -src port smtp and host 192.168.1.1
> racount records total_pkts src_pkts
> dst_pkts total_bytes src_bytes dst_bytes
> sum 318 9592 5421
> 4171 5019294 4668821 350473
>
> # racount -L 0 -r argus.data -dst port smtp and host 192.168.1.1
> racount records total_pkts src_pkts
> dst_pkts total_bytes src_bytes dst_bytes
> sum 318 9592 5421
> 4171 5019294 4668821 350473
>
> - There is no differences between "src" and "dst" ?
>
> --
> *** Njara ***
> =================================================
> # Freddy RAKOTOARISON #
> # Simicro Internet #
> # E-mail : freddy at simicro-internet.mg #
> # Tel : (261) 20 22 648 83 #
> =================================================
>
>
>
>
>
More information about the argus
mailing list