Argus SASL2

CS Lee geek00l at gmail.com
Tue Mar 27 00:40:52 EDT 2007


Carter,

I'm trying to get argus with sasl2 working, here's my config for argus

ARGUS_FLOW_TYPE="Bidirectional"
ARGUS_FLOW_KEY="CLASSIC_5_TUPLE"

ARGUS_DAEMON=no

ARGUS_MONITOR_ID="sk0"

ARGUS_ACCESS_PORT=561
ARGUS_BIND_IP="127.0.0.1"

ARGUS_INTERFACE=sk0

ARGUS_GO_PROMISCUOUS=yes

ARGUS_COLLECTOR=yes

#ARGUS_CHROOT_DIR=/chroot_dir

ARGUS_SETUSER_ID=argus
ARGUS_SETGROUP_ID=argus

#ARGUS_OUTPUT_FILE=/var/log/argus/argus.out
#ARGUS_PACKET_CAPTURE_FILE="/var/log/argus/packet.out"

ARGUS_SET_PID=yes
ARGUS_PID_PATH="/var/run"

ARGUS_FLOW_STATUS_INTERVAL=5

ARGUS_MAR_STATUS_INTERVAL=60

ARGUS_DEBUG_LEVEL=0

ARGUS_GENERATE_RESPONSE_TIME_DATA=yes
ARGUS_GENERATE_JITTER_DATA=no
ARGUS_GENERATE_MAC_DATA=yes
ARGUS_GENERATE_APPBYTE_METRIC=yes
ARGUS_GENERATE_TCP_PERF_METRIC=yes
ARGUS_GENERATE_BIDIRECTIONAL_TIMESTAMPS=yes

ARGUS_CAPTURE_DATA_LEN=1500
ARGUS_FILTER_OPTIMIZER=yes
ARGUS_FILTER="not arp"

ARGUS_MIN_SSF=40
ARGUS_MAX_SSF=128

pwcheck_method: saslauthd

Here's my config for /etc/pam,d/argus

 cat /etc/pam.d/argus
#
# $FreeBSD: src/etc/pam.d/sshd,v 1.15 2003/04/30 21:57:54 markm Exp $
#
# PAM configuration for the "sshd" service
#

# auth
auth            required        pam_nologin.so          no_warn
auth            sufficient      pam_opie.so             no_warn
no_fake_prompts
auth            requisite       pam_opieaccess.so       no_warn allow_local
#auth           sufficient      pam_krb5.so             no_warn
try_first_pass
#auth           sufficient      pam_ssh.so              no_warn
try_first_pass
auth            required        pam_unix.so             no_warn
try_first_pass

# account
#account        required        pam_krb5.so
account         required        pam_login_access.so
account         required        pam_unix.so

# session
#session        optional        pam_ssh.so
session         required        pam_permit.so

# password
#password       sufficient      pam_krb5.so             no_warn
try_first_pass
password        required        pam_unix.so             no_warn
try_first_pass


Then I start to run argus with -

argus -F /usr/local/lib/sasl2/argus-test.conf

argus[20056]: looking for plugins in '/usr/lib/sasl2', failed to open
directory, error: No such file or directory
argus[20056]: 27 Mar 07 12:38:40.316888 started
argus[20056]: 27 Mar 07 12:38:40.317197 ArgusGetInterfaceStatus: interface
sk0 is up

Why is it looking for plugins at /usr/lib/sasl2, btw I have compiled it
argus with -

./configure --prefix=/usr/local/stow/argus-3rc42 --with-sasl=/usr/local


Thanks.

-- 
Best Regards,

CS Lee<geekooL[at]gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20070327/d5a208b2/attachment.html>


More information about the argus mailing list