configure Problem with Debian/GNU Linux and 2.0.6

Russell Fulton r.fulton at auckland.ac.nz
Tue Feb 17 18:39:29 EST 2004


On Wed, 2004-02-18 at 06:24, Carter Bullard wrote:
> Hey Guys,
>    So, there is no need to test for "-l" if it doesn't
> work on these machines.  It must be that that
> style of comparison is shell dependant?  I grabbed
> that style of comparison from some other configure.in
> script, so my fault for borrowing from poor source.
> 
>    So could you guys try this patch from the original
> to see if it works for both of you?
> 
> Carter
> 
> Index: aclocal.m4
> ===================================================================
> RCS file: /usr/local/cvsroot/argus/aclocal.m4,v
> retrieving revision 1.8
> diff -r1.8 aclocal.m4
> 550c550
> <           if test $libpcap = "-l" ; then
> ---
> >           if test $libpcap = "-lpcap" ; then
> 

With this patch it builds fine on RH 7.3...

When I run it with a config file it seems to hang (only two processes
started) but if I run (what I think is) the identical thing from the
command line it works fine.

this works:
 /home/argus/sbin/argus_linux -w data/current -d -i eth1
this does not 
/home/argus/sbin/argus_linux -F /home/argus/config/argus


I've attached the config file.

Russell.
-------------- next part --------------
# Argus is capable of running as a daemon, doing all the right things
# that daemons do.  When this configuration is used for the system
# daemon process, say for /etc/argus.conf, this variable should be
# set to "yes".
#
# The default value is to not run as a daemon.
#
# This example is to support the ./support/Startup/argus script
# which requires that this variable be set to "yes".
#
# Commandline equivalent   -d
#

ARGUS_DAEMON=yes


# Argus Monitor Data is uniquely identifiable based on the source
# identifier that is included in each output record.  This is to
# allow you to work with Argus Data from multiple monitors at the
# same time.  The ID is 32 bits long, and so legitimate values are
# 0 - 4294967296 but argus also supports IP addresses as values.
# The configuration allows for you to use host names, however, do
# have some understanding how `hostname` will be resolved by the
# nameserver before commiting to this strategy completely.
#
# Commandline equivalent   -e
#
                                          
ARGUS_MONITOR_ID=10
                                          

# Argus monitors can provide a real-time remote access port
# for collecting Argus data.  This is a TCP based port service and
# the default port number is tcp/561, the "experimental monitor"
# service.  This feature is disabled by default, and can be forced
# off by setting it to zero (0).
#
# When you do want to enable this service, 561 is a good choice,
# as all ra* clients are configured to try this port by default.
#
# Commandline equivalent   -P
#

ARGUS_ACCESS_PORT=561


# By default, Argus will open the first appropriate interface on a
# system that it encounters.  For systems that have only one network
# interface, this is a reasonable thing to do.  But, when there are
# more than one suitable interface, you should specify which
# interface(s) Argus should read data from.
#
# Argus can read packets from multiple interfaces at the same time,
# although this is limited to 2 interfaces at this time.  Specify
# this in this file with multiple ARGUS_INTERFACE directives.
#
# Commandline equivalent   -i
#

ARGUS_INTERFACE=eth1


#
# Argus can write its output to one or a number of files,
# default limit is 5 concurrent files, each with their own
# independant filters.
#
# The format is:
#      ARGUS_OUTPUT_FILE=/full/path/file/name
#      ARGUS_OUTPUT_FILE=/full/path/file/name "filter"
#
# Most sites will have argus write to a file, for reliablity 
# and performance.  The example file name is used here as
# supporting programs, such as ./support/Archive/argusarchive
# are configured to use this file.
#
# Commandline equivalent   -w
#

ARGUS_OUTPUT_FILE=/home/argus/data/current


# When Argus is configured to run as a daemon, with the -d
# option, Argus can store its pid in a file, to aid in
# managing the running daemon.  However, creating a system
# pid file requires priviledges that may not be appropriate
# for all cases.
#
# When configured to generate a pid file, if Argus cannot
# create the pid file, it will fail to run.  This variable
# is available to override the default, in case this gets
# in your way.
#
# The default value is to generate a pid.
#
# No Commandline equivalent   
#

ARGUS_SET_PID=yes


# By default, Argus will put its interface in promiscuous mode
# in order to monitor all the traffic that can be collected.
# This can put an undo load on systems. 

# If the intent is to monitor only the network activity of
# the specific system, say to measure the performance of
# an HTTP service or DNS service, you'll want to turn 
# promiscuous mode off.
#
# The default value is go into prmiscuous mode.
#
# Commandline equivalent   -p
#

ARGUS_GO_PROMISCUOUS=yes


# Argus will periodically report on a flow's activity every
# ARGUS_FLOW_STATUS_INTERVAL seconds, as long as there is
# new activity on the flow.  This is so that you can get a
# view into the activity of very long lived flows.  The default
# is 60 seconds, but this number may be too low or too high
# depending on your uses.
#
# The default value is 60 seconds, but argus does support
# a minimum value of 1.  This is very useful for doing
# measurements in a controlled experimental environment
# where the number of flows is < 1000.
#
# Commandline equivalent   -S
#

ARGUS_FLOW_STATUS_INTERVAL=60


# Argus will periodically report on a its own health, providing
# interface status, total packet and bytes counts, packet drop
# rates, and flow oriented statistics.
#
# These records can be used as "keep alives" for periods when
# there is no network traffic to be monitored.
#
# The default value is 300 seconds, but a value of 60 seconds is
# very common.
#
# Commandline equivalent   -M
#

ARGUS_MAR_STATUS_INTERVAL=300


# If compiled to support this option, Argus is capable of
# generating a lot of debug information.
#
# The default value is zero (0).
#
# Commandline equivalent   -D
#
#ARGUS_DEBUG_LEVEL=0


# Argus can be configured to report on flows in a manner than
# provides the best information for calculating application
# reponse times and network round trip times.
#
# The default value is to not generate this data.
#
# Commandline equivalent   -R
#
 
ARGUS_GENERATE_RESPONSE_TIME_DATA=no


# Argus can be configured to generate packet jitter information
# on a per flow basis.  The default value is to not generate
# this data.
#
# Commandline equivalent   -J
#
 
ARGUS_GENERATE_JITTER_DATA=no 


# Argus can be configured to not provide MAC addresses in
# it audit data.  This is available if MAC address tracking
# and audit is not a requirement.
#
# The default value is to not generate this data.
#
# Commandline equivalent   -m
#
 
ARGUS_GENERATE_MAC_DATA=no


# Argus can be configured to capture a number of user data
# bytes from the packet stream.
#
# The default value is to not generate this data.
#
# Commandline equivalent   -U
#
 
ARGUS_CAPTURE_DATA_LEN=0


# Argus uses the packet filter capabilities of libpcap.  If
# there is a need to not use the libpcap filter optimizer,
# you can turn it off here.  The default is to leave it on.
#
# Commandline equivalent   -O
#

ARGUS_FILTER_OPTIMIZER=yes


# You can provide a filter expression here, if you like.
# It should be limited to 2K in length.  The default is to
# not filter.
#
# No Commandline equivalent
#

ARGUS_FILTER=""


# Argus allows you to capture packets in tcpdump() format
# if the source of the packets is a tcpdump() formatted
# file or live packet source.
#
# Specify the path to the packet capture file here.
#

# ARGUS_PACKET_CAPTURE_FILE=""




More information about the argus mailing list