Developing an Argus client
Harry Bock
harry at oshean.org
Wed Jun 3 22:31:39 EDT 2009
Hi all,
I've published my current work to our public cgit repository.
The current periscope source code can be found at
http://projects.oshean.org/index.cgi/periscope-argus/. I hope eventually
that this work will be of some use to the community! :)
On Fri, May 29, 2009 at 3:58 PM, Harry Bock <harry at oshean.org> wrote:
> Hey Carter,
>
> Two quick questions:
> - What is the difference between records with net subtypes ARGUS_TCP_PERF,
> ARGUS_TCP_INIT, and ARGUS_TCP_STATUS? Is it possible to receive all three
> for the same flow, in three different RaProcessRecord calls?
>
> - I'm currently testing things using PCAP captures processed by the argus
> server program, but none of the TCP flows I've seen have the
> ARGUS_NORMAL_CLOSE flag set - should I assume it's a normal close if none of
> the ARGUS_RESET etc. flags are set?
>
> Thanks,
> Harry
>
--
Harry Bock
Software Developer, Package Maintainer
OSHEAN, Inc.
Email: harry at oshean.org
PGP Key ID: 546CC353
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20090603/1fc66cd6/attachment.html>
More information about the argus
mailing list