new code uploaded - argus cygwin support

Peter Van Epp vanepp at sfu.ca
Wed Sep 12 23:10:53 EDT 2007 

	Still looks good a little way in. OpenBSD is still happy, it doesn't
complain about the free when HUPed so it seems to be happy with the string
dup. Ra on the Mac reading a capture file (which used to balloon to over a gig
of memory) stayed down at the 30 meg level:


vanepp    7018   2.2 -0.1    30872   2080  p1  S     7:40PM   0:01.76 /usr/local/bin/ra3 -S 192.75.244.191:560 -n -D4 -w /var/log/argus/com_argus
vanepp    7029   0.0 -0.0    27336    360  p2  R+    7:42PM   0:00.00 grep ra3
test4:~ vanepp$ ps auxwww | grep ra3
vanepp    7025  100.0 -0.5    37136  11492  p1  R+    7:41PM   0:25.47 ra3 -r com_argus -n
vanepp    7018   1.1 -0.1    30872   2080  p1  S     7:40PM   0:01.89 /usr/local/bin/ra3 -S 192.75.244.191:560 -n -D4 -w /var/log/argus/com_argus
vanepp    7031   0.0 -0.0    18052    288  p2  R+    7:42PM   0:00.00 grep ra3
test4:~ vanepp$ ps auxwww | grep ra3
vanepp    7025  100.0 -0.6    38180  13056  p1  R+    7:41PM   0:31.81 ra3 -r com_argus -n
vanepp    7018   1.3 -0.1    30872   2080  p1  S     7:40PM   0:01.99 /usr/local/bin/ra3 -S 192.75.244.191:560 -n -D4 -w /var/log/argus/com_argus
vanepp    7033   0.0 -0.0    27376    420  p2  S+    7:42PM   0:00.00 grep ra3
test4:~ vanepp$ ps auxwww | grep ra3
vanepp    7025  100.0 -0.7    40268  15176  p1  R+    7:41PM   0:40.68 ra3 -r com_argus -n
vanepp    7018   1.1 -0.1    30872   2080  p1  S     7:40PM   0:02.13 /usr/local/bin/ra3 -S 192.75.244.191:560 -n -D4 -w /var/log/argus/com_argus
vanepp    7035   0.0 -0.0    27336    356  p2  R+    7:42PM   0:00.00 grep ra3
test4:~ vanepp$ ps auxwww | grep ra3
vanepp    7025  100.0 -0.8    41312  16908  p1  R+    7:41PM   0:48.08 ra3 -r com_argus -n
vanepp    7018   1.0 -0.1    30872   2080  p1  S     7:40PM   0:02.24 /usr/local/bin/ra3 -S 192.75.244.191:560 -n -D4 -w /var/log/argus/com_argus
vanepp    7037   0.0 -0.0    27336    348  p2  R+    7:42PM   0:00.00 grep ra3
test4:~ vanepp$ ps auxwww | grep ra3
vanepp    7018   2.0 -0.1    30872   2080  p1  S     7:40PM   0:02.36 /usr/local/bin/ra3 -S 192.75.244.191:560 -n -D4 -w /var/log/argus/com_argus
vanepp    7039   0.0 -0.0    27336    340  p2  R+    7:42PM   0:00.00 grep ra3

	argus on the sensor is low (but so is traffic right now the acid test
will be tomorrow :-)):

ps auxwwww | grep argus
root     12857 12.5  0.9  40596 37092 ?        SL   19:37   3:29 argus -J -P 560 -i eth0 -i eth1 -U 512 -m -F /scratch/argus.conf

as is the ra listening to the argus:

vanepp    7018   1.0 -0.1    30872   2140  p1- S     7:40PM   0:20.11 /usr/local/bin/ra3 -S 192.75.244.191:560 -n -D4 -w /var/log/argus/com_argus
vanepp    7092   0.7 -0.0    27336    340  p1  R+    8:06PM   0:00.00 grep ra3

	 a quick look didn't see any missing or zero time stamps (although a
more careful look with a script is probably in order). Looks good so far.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada

More information about the argus mailing list