argus client regex matching

Carter Bullard carter at qosient.com
Wed Apr 15 11:18:40 EDT 2009


Hey CS Lee,
Hmmmmm, well I can't get grep() to match a binary file using the type
of pattern you are using either, for that matter, I can't get egrep() to
match a binary file using '-e "\x2C"', but I can get it to match using
'-e ","' (match a ",").  \x2C is the  hexidecimal for comma.

This is on my Mac OS X (leopard).

So, I'm not sure what I'm suppose to think about that.  What do you  
think?

Carter

On Apr 15, 2009, at 12:41 AM, CS Lee wrote:

> hi carter,
>
> I have reported this previously too, about the regex matching to  
> grep the flow based on the user data bytes.
>
> it seems that if i want to search the flow based on hex codes -
>
> ra -nr argus.out -e "\x4d\x5a" doesn't seem to work, this is latest  
> argus client.
>
> I'm testing out the patch now
>
>
> Cheers!
>
> -- 
> Best Regards,
>
> CS Lee<geek00L[at]gmail.com>
>
> http://geek00l.blogspot.com
> http://defcraft.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20090415/a23fde22/attachment.html>


More information about the argus mailing list