RC.39 'argus' segfault on Fedora Core 6

Tue Feb 27 16:26:12 EST 2007

Following is my /etc/argus.conf in a nutshell.  Oddly I don't see 
additional debug info when I set ARGUS_DEBUG_LEVEL.  I'm running as root 
while debugging.

ARGUS_FLOW_TYPE="Bidirectional"
ARGUS_FLOW_KEY="CLASSIC_5_TUPLE"
ARGUS_DAEMON=No                   # While debugging segfaults
ARGUS_MONITOR_ID=`hostname`
#ARGUS_BIND_IP="127.0.0.1"
ARGUS_ACCESS_PORT=561
ARGUS_INTERFACE=eth1
ARGUS_GO_PROMISCUOUS=yes
ARGUS_COLLECTOR=no
#ARGUS_CHROOT_DIR=/chroot_dir
#ARGUS_SETUSER_ID=argus
#ARGUS_SETGROUP_ID=argus
#      ARGUS_OUTPUT_FILE=/full/path/file/name
#      ARGUS_OUTPUT_FILE="/full/path/file/name filter"
#ARGUS_OUTPUT_FILE=/var/log/argus/argus.out
ARGUS_SET_PID=yes
ARGUS_PID_PATH="/home/argus"
ARGUS_FLOW_STATUS_INTERVAL=5
ARGUS_MAR_STATUS_INTERVAL=60
ARGUS_DEBUG_LEVEL=8               # While debugging segfaults
ARGUS_GENERATE_RESPONSE_TIME_DATA=no
ARGUS_GENERATE_JITTER_DATA=no
ARGUS_GENERATE_MAC_DATA=no
ARGUS_GENERATE_APPBYTE_METRIC=yes
ARGUS_CAPTURE_DATA_LEN=64
ARGUS_FILTER_OPTIMIZER=yes
ARGUS_FILTER=""
#ARGUS_PACKET_CAPTURE_FILE="/var/log/argus/packet.out"
ARGUS_MIN_SSF=40
ARGUS_MAX_SSF=128

-Mike

On Tue, 27 Feb 2007 at 13:13, Michael Hornung wrote:

|Same segfault in Rc.40:
|
|(gdb) bt
|#0  0x080567f4 in ArgusCreateFlowKey ()
|#1  0x08051b83 in ArgusProcessPacket ()
|#2  0x08053b4d in ArgusEtherPacket ()
|#3  0x0805dfd8 in pcap_read_linux ()
|#4  0x08054d2e in ArgusGetPackets ()
|#5  0x0804bb24 in main ()
|
|-Mike
|
|On Tue, 27 Feb 2007 at 11:07, Michael Hornung wrote:
|
||Argus regularly segfaults after running for 20 minutes or so.  I ran in gdb
||and:
||
||# gdb /usr/local/sbin/argus
||GNU gdb Red Hat Linux (6.5-15.fc6rh)
||...
||(gdb) run
||Starting program: /usr/local/sbin/argus
||(no debugging symbols found)
||(no debugging symbols found)
||(no debugging symbols found)
||(no debugging symbols found)
||(no debugging symbols found)
||(no debugging symbols found)
||(no debugging symbols found)
||argus[18372]: 27 Feb 07 10:48:42.610090 started
||argus[18372]: 27 Feb 07 10:48:42.611904 ArgusGetInterfaceStatus: interface eth1
||is up
||(no debugging symbols found)
||(no debugging symbols found)
||argus[18372]: 27 Feb 07 10:48:46.247183 connect from W.X.Y.Z
||
||Program received signal SIGSEGV, Segmentation fault.
||0x080565e4 in ArgusCreateFlowKey ()
||(gdb) bt
||#0  0x080565e4 in ArgusCreateFlowKey ()
||#1  0x08051983 in ArgusProcessPacket ()
||#2  0x0805374d in ArgusEtherPacket ()
||#3  0x0805de38 in pcap_read_linux ()
||#4  0x08054940 in ArgusGetPackets ()
||#5  0x0804ba54 in main ()
||
||Would any other information be helpful?
||I'll load RC.40 and see if this is resolved.
||
||-Mike
||
|
|