argus command-line parameter handling

Chris Russel russel at
Fri Jun 14 15:32:57 EDT 2002

On Fri, 14 Jun 2002, Carter Bullard wrote:

> I think the problem is that the Argus project is
> going to provide maximum flexibility, rather than trying to
> keep the user from shooting themselves.

I completely agree with this philosophy and I don't think that's a
problem.  I think this problem falls into the hidden/undocumented
behaviours category.  Maybe my message will help with the documentation

My vote is to not load the default config unless no -F is specified. This
is the behaviour the debian init script is expecting. BTW I have filed a
bug with them since it is clearly wrong - allowing users to shoot
themselves is one thing, having the gun pointed at them by default is

The simplest thing would be to not load a default config at all and just
use hard-coded values unless overridden by -F's or equivalent command-line
parameters.  That would eliminate having to test for duplicate interfaces
or duplicate config files (it's still possible but it would be the users
doing). Obviously this breaks with some traditional usage.

Chris Russel     | CNS Information Security
russel at  | York University, Toronto, Canada

More information about the argus mailing list