argus.2.0.6.fixes.1 on OBSD 3.7
Russell Fulton
r.fulton at auckland.ac.nz
Mon Aug 22 23:54:33 EDT 2005
HI Folks,
This is my first serious foray into using argus on Open BSD. First thing I tripped over was that I got the original 2.0.6 distro from qosient and it would not use the -F conf.file. I then remembered that there had been a fix version and got that from the /dev/ directory. I've emailed Carter to say that he really should put the fixed version in /pub/ :)
Now it keeps dying with memory problems:
Aug 23 13:06:29 hihi argus_bpf[27318]: started
Aug 23 13:30:51 hihi argus_bpf[27318]: ArgusNewFlow() ArgusCalloc error Cannot allocate memory.
Aug 23 13:30:51 hihi argus_bpf[27682]: client(/home/argus/data/current) done.
The box has 512MB real memory and a GB of swap. I'm running other linux sensors on this network with less memory.
I remember Eric and Peter mentioning kernel memory being an issue with some BSD systems but could not find the posts in the archive.
BTW I'm using the generic kernel.
Russell
More information about the argus
mailing list