Sparc64 OpenBSD4.1 Compile issue
Eric Pancer
epancer at pobox.com
Thu Feb 7 17:25:36 EST 2008
On Feb 7, 2008 3:46 PM, Carter Bullard <carter at qosient.com> wrote:
> Oh no, don't feel dumb!!!! That's software's job to catch that stuff.
> I was stripping out a preceding and trailing double-quote, but only
> one. I always wonder if I'm suppose to catch these types of errors
> or generate syntax errors. I think I'll just strip out as many
> as there are, as long as its not a full buffer of ".
>
> New software on the server for both argus and clients with your
> changes in them.
I spoke too soon on this working. Timestamps in flow records seem to be whacky.
$ date
Thu Feb 7 16:24:05 CST 2008
1970-01-04 00:35:0 e udp 10.15.223.2.1985 ->
224.0.0.2.1985 1 62 INT
1970-01-04 00:35:0 e udp 10.15.223.2.1985 ->
224.0.0.2.1985 1 62 INT
1970-01-11 06:01:1 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
1970-01-11 06:01:1 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
1970-01-11 05:48:1 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
1970-01-11 05:48:1 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
1970-01-11 16:24:2 e udp 10.15.223.3.1985 ->
224.0.0.2.1985 1 62 INT
1970-01-11 16:24:2 e udp 10.15.223.3.1985 ->
224.0.0.2.1985 1 62 INT
1970-01-07 11:24:2 e udp 10.15.223.2.1985 ->
224.0.0.2.1985 1 62 INT
1970-01-07 11:24:2 e udp 10.15.223.2.1985 ->
224.0.0.2.1985 1 62 INT
1970-01-11 06:05:4 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
1970-01-11 06:05:4 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
1970-01-11 06:23:5 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
1970-01-11 06:23:5 * llc 0:d:29:4b:c:25.66 ->
1:80:c2:0:0:0.66 1 60 INT
My rarc(5) file yields the following.
$ cat ~/.rarc
RA_ARGUS_SERVER=10.15.223.172:561
RA_TIME_FORMAT="%Y-%m-%d %T.%f"
Could this be due to the patches on common/argus_main.c ?
More information about the argus
mailing list