new code on the server
K K
kkadow at gmail.com
Wed May 9 21:04:03 EDT 2007
On 5/9/07, Carter Bullard <carter at qosient.com> wrote:
> New code on the server for testing.
Thanks for the update.
RC.44 builds and runs on OpenBSD/i386 (except for 'ratop', see below)
The netflow srcid mods work perfectly. Now I know the Network team
has 44 different routers sending flows to my poor little overworked
server.
With the ability to filter on Netflow source router (srcid), my
Internet usage summary matches up with the firewall's own accounting
records, as racluster is no longer counting the same packets twice
from two different routers.
The changes to ratop sound great, so I thought I'd give it another
look, as I haven't tried it since V2. Unfortunately, ratop
consistently segfaults in ArgusGenerateLabel(). My bad for not trying
it earlier (I rolled back the install and the same thing happens with
rc.43).
This may be an OpenBSD-specific bug, or possibly an off-by-one error
which other operating systems let slip by (a "feature" of OpenBSD's
malloc, added in release 3.8). I emailed gdb details to Carter.
Kevin
More information about the argus
mailing list