question on getting argus work with DAG card

Carter Bullard carter at qosient.com
Tue Jan 8 06:25:19 EST 2008 

I'll look at the code tonight, but maybe bump the debug a little higher?
You can always single step using gdb() and see what it is doing.

% gdb argus
gdb)  break main
gdb) run -i dag0
gdb) s


Carter

Carter Bullard
QoSient LLC
150 E. 57th Street Suite 12D
New York, New York 10022
+1 212 588-9133 Phone
+1 212 588-9134 Fax

-----Original Message-----
From: Lei Wei <lwei at cs.unc.edu>

Date: Mon, 07 Jan 2008 21:15:31 
To:Carter Bullard <carter at qosient.com>
Subject: Re: question on getting argus work with DAG card


Hi Carter,

I switched those two options but it seemed to output the same messages:

@mexico$ sudo argus -D 8 -i dag0 -w data.out
argus[87920]: 07 Jan 08 21:13:15.240860 ArgusCalloc (1, 700) returning 
0x816e000
argus[87920]: 07 Jan 08 21:13:15.241129 ArgusCalloc (1, 40) returning 
0x816f000
argus[87920]: 07 Jan 08 21:13:15.241156 ArgusNewList () returning 0x816f000
argus[87920]: 07 Jan 08 21:13:15.241181 ArgusCalloc (1, 20) returning 
0x816d080
argus[87920]: 07 Jan 08 21:13:15.241801 ArgusCalloc (65536, 4) 
returning 0x8170000
argus[87920]: 07 Jan 08 21:13:15.241837 ArgusNewHashTable (65536) 
returning 0x816d080
argus[87920]: 07 Jan 08 21:13:15.241874 ArgusCalloc (1, 104) returning 
0x81b0000
argus[87920]: 07 Jan 08 21:13:15.241899 ArgusCalloc (1, 32) returning 
0x816d0c0
argus[87920]: 07 Jan 08 21:13:15.241924 ArgusNewQueue () returning 0x816d0c0
argus[87920]: 07 Jan 08 21:13:15.241947 ArgusCalloc (1, 112) returning 
0x81b0080
argus[87920]: 07 Jan 08 21:13:15.241975 ArgusNewModeler() returning 0x816e000
argus[87920]: 07 Jan 08 21:13:15.242773 ArgusCalloc (1, 330412) 
returning 0x81b1000
argus[87920]: 07 Jan 08 21:13:15.242805 ArgusNewSource() returning 0x81b1000
argus[87920]: 07 Jan 08 21:13:15.242830 ArgusCalloc (1, 108) returning 
0x81b0100
argus[87920]: 07 Jan 08 21:13:15.242857 ArgusCalloc (1, 32) returning 
0x816d0e0
argus[87920]: 07 Jan 08 21:13:15.242881 ArgusNewQueue () returning 0x816d0e0
argus[87920]: 07 Jan 08 21:13:15.242904 ArgusNewOutput() returning retn 
0x81b0100
argus[87920]: 07 Jan 08 21:13:15.242962 setArgusMarReportInterval(60) 
returning
argus[87920]: 07 Jan 08 21:13:15.255907 setArgusID(0x816e000, 0x9802899f) done
argus[87920]: 07 Jan 08 21:13:15.255982 setArgusPortNum(561) returning
argus[87920]: 07 Jan 08 21:13:15.256086 setArgusMarReportInterval(60) 
returning
argus[87920]: 07 Jan 08 21:13:15.256198 clearArgusDevice(0x81b1000) returning
argus[87920]: 07 Jan 08 21:13:15.256224 ArgusCalloc (1, 40) returning 
0x816f240
argus[87920]: 07 Jan 08 21:13:15.256249 ArgusNewList () returning 0x816f240
argus[87920]: 07 Jan 08 21:13:15.256273 ArgusCalloc (1, 8) returning 0x820c170
argus[87920]: 07 Jan 08 21:13:15.256297 ArgusPushFrontList (0x816f240, 
0x820c170, 1) returning 0x81b1000
argus[87920]: 07 Jan 08 21:13:15.256322 setArgusDevice(dag0) returning
argus[87920]: 07 Jan 08 21:13:15.256344 ArgusDeleteList (0x0, 2) returning
argus[87920]: 07 Jan 08 21:13:15.256369 ArgusCalloc (1, 40) returning 
0x816f280
argus[87920]: 07 Jan 08 21:13:15.256393 ArgusNewList () returning 0x816f280
argus[87920]: 07 Jan 08 21:13:15.256416 ArgusCalloc (1, 12) returning 
0x820c190
argus[87920]: 07 Jan 08 21:13:15.256441 ArgusPushFrontList (0x816f280, 
0x820c190, 1) returning 0x81b0100
argus[87920]: 07 Jan 08 21:13:15.256467 setArgusInterfaceStatus(1)


Lei


Quoting Carter Bullard <carter at qosient.com>:

> Put the "-D *" option before the "-i dag" option so that the debug
> indicator is on when you open the interface.
>
> Carter
>
> On Jan 7, 2008, at 8:20 PM, Lei Wei wrote:
>
>> Hi Carter,
>>
>> Thanks for the help. I did pay attention to the output of ./ 
>> configure and it says "checking for local pcap library... ./../ 
>> libpcap-0.9.8/libpcap.a". That's the one I installed so I assume  
>> argus is using that one now.
>>
>> I did what you suggested and printed out some debug information as  
>> follows, but I have no idea what's going wrong here. Could you give  
>> me any clue on this?
>>
>> $ sudo argus -i dag0 -D 8 -w data.out
>> argus[87772]: 07 Jan 08 20:11:07.721462 ArgusCalloc (1, 700)  
>> returning 0x816e000
>> argus[87772]: 07 Jan 08 20:11:07.721730 ArgusCalloc (1, 40)  
>> returning 0x816f000
>> argus[87772]: 07 Jan 08 20:11:07.721757 ArgusNewList () returning  0x816f000
>> argus[87772]: 07 Jan 08 20:11:07.721783 ArgusCalloc (1, 20)  
>> returning 0x816d080
>> argus[87772]: 07 Jan 08 20:11:07.722374 ArgusCalloc (65536, 4)  
>> returning 0x8170000
>> argus[87772]: 07 Jan 08 20:11:07.722408 ArgusNewHashTable (65536)  
>> returning 0x816d080
>> argus[87772]: 07 Jan 08 20:11:07.722443 ArgusCalloc (1, 104)  
>> returning 0x81b0000
>> argus[87772]: 07 Jan 08 20:11:07.722469 ArgusCalloc (1, 32)  
>> returning 0x816d0c0
>> argus[87772]: 07 Jan 08 20:11:07.722493 ArgusNewQueue () returning  
>> 0x816d0c0
>> argus[87772]: 07 Jan 08 20:11:07.722516 ArgusCalloc (1, 112)  
>> returning 0x81b0080
>> argus[87772]: 07 Jan 08 20:11:07.722544 ArgusNewModeler() returning  
>> 0x816e000
>> argus[87772]: 07 Jan 08 20:11:07.723334 ArgusCalloc (1, 330412)  
>> returning 0x81b1000
>> argus[87772]: 07 Jan 08 20:11:07.723367 ArgusNewSource() returning  
>> 0x81b1000
>> argus[87772]: 07 Jan 08 20:11:07.723392 ArgusCalloc (1, 108)  
>> returning 0x81b0100
>> argus[87772]: 07 Jan 08 20:11:07.723420 ArgusCalloc (1, 32)  
>> returning 0x816d0e0
>> argus[87772]: 07 Jan 08 20:11:07.723444 ArgusNewQueue () returning  
>> 0x816d0e0
>> argus[87772]: 07 Jan 08 20:11:07.723466 ArgusNewOutput() returning  
>> retn 0x81b0100
>> argus[87772]: 07 Jan 08 20:11:07.723525  
>> setArgusMarReportInterval(60) returning
>> argus[87772]: 07 Jan 08 20:11:07.736552 setArgusID(0x816e000,  
>> 0x9802899f) done
>> argus[87772]: 07 Jan 08 20:11:07.736628 setArgusPortNum(561) returning
>> argus[87772]: 07 Jan 08 20:11:07.736733  
>> setArgusMarReportInterval(60) returning
>> argus[87772]: 07 Jan 08 20:11:07.736848 ArgusDeleteList (0x0, 2)  returning
>> argus[87772]: 07 Jan 08 20:11:07.736875 ArgusCalloc (1, 40)  
>> returning 0x816f280
>> argus[87772]: 07 Jan 08 20:11:07.736900 ArgusNewList () returning  0x816f280
>> argus[87772]: 07 Jan 08 20:11:07.736923 ArgusCalloc (1, 12)  
>> returning 0x820c190
>> argus[87772]: 07 Jan 08 20:11:07.736948 ArgusPushFrontList  
>> (0x816f280, 0x820c190, 1) returning 0x81b0100
>> argus[87772]: 07 Jan 08 20:11:07.736974 setArgusInterfaceStatus(1)
>>
>>
>> Lei
>>
>>
>>
>> Quoting Carter Bullard <carter at qosient.com>:
>>
>>> Try running argus with debug support on to see what it is doing  with the
>>> dag interface.
>>>
>>>   % touch .devel .debug
>>>   % ./configure;make clean;make
>>>
>>> You should be looking at the ./configure output to see
>>> which libpcap library is actually being used.  No guarantee that the
>>> compiler is picking up the version that you installed.  There are
>>> switches in the ./configure to specify what the search path
>>> will be to find things.
>>>
>>> Carter
>>>
>>>
>>> On Jan 7, 2008, at 5:43 PM, Lei Wei wrote:
>>>
>>>> Hello Carter,
>>>>
>>>> I've had some trouble to get argus working with DAG card for a  
>>>> while  and I wonder if you could give me some help.
>>>>
>>>> I installed the libpcap0.9.8 and compiled it with DAG-enabled. I   
>>>> tested it with tcpdump and tcpdump could read data from the DAG   
>>>> interface without problem. I also installed argus3.0. After I  
>>>> typed  "argus -i dag0 -w data", it outputs a 128bytes file but not 
>>>>  growing.  When I use "ra -r data" to display it ,it shows:
>>>>
>>>> lwei at mexico$ ra -r data.out 16:11:13.117278    man   0      0      
>>>>  19      1        0     856992   CON
>>>>
>>>> I guess argus didn't get any data from the DAG interface but I  
>>>> can't  figure out why. So I'd appreciate if you could give me any  
>>>> helpful  info about it.
>>>>
>>>> Thank you.
>>>>
>>>> Lei
>>>>
>>>
>>
>>
>>
>

More information about the argus mailing list