[ARGUS] argus-2.0.6.fixes.1/FreeBSD-4.10 <=> argus-clients-2.0.6.fixes.1/FC2

Peter Van Epp vanepp at sfu.ca
Fri Aug 13 12:07:44 EDT 2004 

	Ah, it may be the 2.6 kernel. SUSE was a 2.4 kernel and I don't know
what the opteron is running yet. I'll see if I can find someone with a 2.6
kernel to poke at.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

On Fri, Aug 13, 2004 at 08:51:10AM -0700, Joe Christy wrote:
>   Vis-a-vis Peter's note of 08/12/2004 05:53 PM:
> >On Tue, Aug 10, 2004 at 09:56:38PM -0700, Joe Christy wrote:
> >
> >>...  I've now devoted another 8 hours to hammering on
> >>(non-)interoperability and temporarily run out of ideas.
> >>
> 
> 	Sorry to be so silent - as a consultant whose laptop died on Tuesday 
> taking all my (providentiually backed-up) business records and sw with 
> it, I've been highly distracted in the moments I've not been building 
> firewalls & dealing w/ customer's email routing issues or maintaining 
> Activities of Daily Life.
> 
> >...
> >	Is the Linix machine an AMD opteron running in 64 bit mode by chance?
> >...
> 
> 	No, it's Hyper-threaded P4 running a 2.6.7 SMP kernel. The second 
> 	Linux client, now gone, was P3 w/ the same kernel.
> 
> 	I have an OpenBSD fw on the workbench along with some Fedora mail 
> servers, so when I get a chance to finish them I can try some more 
> combinations.
> 
> 	To those who asked for examples of the difference in behavior 
> 	depending on the relative positions of the -S & -D flags:
> 
> moby(joe) ra -S 172.24.4.1 -D8
> ra[621]: 04-08-13 08:43:40.9767 ArgusFilterCompile () returning
> ra[620]: 04-08-13 08:43:40.9777 ArgusFilterCompile () waiting for filter 
> process 621 on pipe 4
> ra[620]: 04-08-13 08:43:40.9784 ArgusFilterCompile () read filter length 1
> ra[620]: 04-08-13 08:43:40.9788 ArgusFilterCompile () read filter body 8
> ra[620]: 04-08-13 08:43:40.9793 ArgusFilterCompile () returning 0
> ra[620]: 04-08-13 08:43:40.9809 Trying eshu.eshu.net port 561 Expecting 
> Argus records
> ra[620]: 04-08-13 08:43:40.9822 connected
> ra[620]: 04-08-13 08:43:40.9825 ArgusGetServerSocket (0x9c1b5fc) returning 4
> ra[620]: 04-08-13 08:43:40.9860 ArgusReadConnection() read 16 bytes
> ra[620]: 04-08-13 08:43:40.9861 ArgusReadConnection() ARGUS_START Mar.
> ra[620]: 04-08-13 08:43:40.9864 ArgusReadConnection() read failed for 
> ARGUS_START Mar Success.
> ra[620]: 04-08-13 08:43:40.9865 ArgusReadStream() ArgusRemoteFDs is empty
> ra[620]: 04-08-13 08:43:40.9866 ArgusShutDown (0)
> 
> No data seen.
> 
>     VS.
> 
> moby(joe) ra -D8 -S 172.24.4.1
> ra[646]: 04-08-13 08:43:51.5991 ArgusFree (0x96fa5fc) returning
> ra[646]: 04-08-13 08:43:51.5992 ArgusDeleteHostList () returning
> ra[646]: 04-08-13 08:43:51.5993 ArgusCalloc (1, 496) returning 0x96fa5fc
> ra[646]: 04-08-13 08:43:51.5993 ArgusAddHostList (172.24.4.1, 1) returning 1
> ra[647]: 04-08-13 08:43:51.6000 ArgusFilterCompile () returning
> ra[646]: 04-08-13 08:43:51.6005 ArgusFilterCompile () waiting for filter 
> process 647 on pipe 4
> ra[646]: 04-08-13 08:43:51.6006 ArgusFilterCompile () read filter length 1
> ra[646]: 04-08-13 08:43:51.6007 ArgusFilterCompile () read filter body 8
> ra[646]: 04-08-13 08:43:51.6007 ArgusFilterCompile () returning 0
> ra[646]: 04-08-13 08:43:51.6020 Trying eshu.eshu.net port 561 Expecting 
> Argus records
> ra[646]: 04-08-13 08:43:51.6025 connected
> ra[646]: 04-08-13 08:43:51.6025 ArgusGetServerSocket (0x96fa5fc) returning 4
> ra[646]: 04-08-13 08:43:51.6065 ArgusReadConnection() read 16 bytes
> ra[646]: 04-08-13 08:43:51.6065 ArgusReadConnection() ARGUS_START Mar.
> ra[646]: 04-08-13 08:43:51.6066 ArgusReadConnection() read failed for 
> ARGUS_START Mar Success.
> ra[646]: 04-08-13 08:43:51.6067 ArgusReadStream() ArgusRemoteFDs is empty
> ra[646]: 04-08-13 08:43:51.6067 ArgusShutDown (0)
> 
> No data seen.
> 
>     I.E. the three additional lines:
> 
> ra[646]: 04-08-13 08:43:51.5992 ArgusDeleteHostList () returning
> ra[646]: 04-08-13 08:43:51.5993 ArgusCalloc (1, 496) returning 0x96fa5fc
> ra[646]: 04-08-13 08:43:51.5993 ArgusAddHostList (172.24.4.1, 1) returning 1
> 
> when the -D preceeds to -S rather than following it. Granted this now 
> seems irrelevant, but it is still curious.
> 
> 	Joe
> 
> -- 
> ======== Joe Christy ============================== joe at eshu.net =======
> ---- Voice:831/423-7151 --- Mobile:831/227-6440 --- FAX:831/469-0804 ---
>    If I can save you any time, give it to me, I'll keep it with mine.
> ======== public keys and certificates at: www.eshu.net/PKI.html ========

More information about the argus mailing list