argus + sasl: does this works?

Carter Bullard carter at qosient.com
Thu Nov 12 10:11:44 EST 2009 

Hey Peter,
So the argus[-clients]-3.0.2 is good to go, so use it.  I've been swamped
with other stuff so I haven't been able to make a "its released" statement.
The modification I sent should be in the latest copy of argus-3.0.2
on the server.

The GeoIP support in configure.in was a quick and dirty job to get it in.
I'll make changes based on your suggestions in argus-clients-3.0.4, which
is ready to go as well.

Thanks again!!!!

Carter


On Nov 12, 2009, at 4:29 AM, Peter Volkov wrote:

> В Втр, 10/11/2009 в 13:57 -0500, Carter Bullard пишет:
>> Try this fix to your configure.in file.  This moves the call to CMU_SASL2(V_INCLS)
>> above the assignment of $LIBS=...... at line 241,242. 
> 
> I failed to apply patch but replacement of CMU_SASL2 above LIBS=...
> fixes the problem. Thank you.
> 
>> I believe that you said your clients compile correctly?
> 
> Yup.
> 
> BTW, I've noticed that argus-client checks for static GeoIP library.
> It's very possible that in Gentoo we'll drop most static libraries and
> since argus-client uses dynamic linking I think it's better to check
> using standard AC_CHECK* macroses. What do you think about patch in
> attachment? It just modifies some tests since some shells do not support
> negation of return status and adds check with AC_CHECK* at the top of
> all libGeoIP tests.
> 
>> With regard to ratop(), it is definitely broken.
>> 
>> I think it happened when I was cleaning something up.  I'll fix that now/today.
>> A lot of sites use radium() with SASL to collect flows of interest, and use ratop() to
>> connect to the local radium() to see the flows they are interested in.  That tends to
>> minimize the number of client->server associations, so most don't use SASL with
>> programs like ratop(). 
> 
>> Thanks for the bug report!!!!!!
> 
> Thank _you_ for taking a look at this. BTW, argus{,-client}-3.0.2 are in
> dev directory. Does this mean that this is development version and we
> should use 3.0.0 in Gentoo or is 3.0.2 a safe choice? Also could you
> send me patch for this problem or does there exist some VCS (version
> control system) repository with argus packages so I'll grub patch from
> there?
> 
>> I did find a bug in the SASL on Snow Leopard.  Seems that the PPS mech gives
>> a segmentation fault, or at least argus() dies in the PPS mech when calling sasl_decode().
>> The PPS mech seems to provide SASL access to existing accounts/passwords, so its
>> the primary one to use. I'll have to investigate that when I get some time.
> 
> I saw your mail while googled for any suggestions to get around my
> problems. Heh, but I don't know what PPS means (I suppose this is apple
> specific thing, but I'm not sure). Any way for me it's still
> questionable why sasl2 ignores argus configuration and still uses
> auxprop plugin. Heh, I'll try to get back to this problem soon.
> 
> Thank you very much for your help, Carter.
> 
> -- 
> Peter.
> <argus-clients-3.0.2-libgeoip.patch>

Carter Bullard
CEO/President
QoSient, LLC
150 E 57th Street Suite 12D
New York, New York  10022

+1 212 588-9133 Phone
+1 212 588-9134 Fax



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3815 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20091112/6d6a6007/attachment.bin>

More information about the argus mailing list