argus and filtering
Phillip Deneault
deneault at WPI.EDU
Fri Oct 2 16:39:47 EDT 2009
I'm attempting to filter using the 3.0.2 code of the argus daemon
available here:
ftp://www.qosient.com/dev/argus-3.0/argus-3.0.2.tar.gz
And I've been trying to set the ARGUS_FILTER using the following two
lines of a config file.
ARGUS_FILTER="not net 192.168.1.0/24"
ARGUS_ACCESS_PORT=561
I then use this command line to run the ra tool.
argus -X -F /etc/argus.conf.test
But I'm still getting data to and from 192.168.1.0/24. Can anyone else
confirm this is a bug they have? I'm running Centos 5.3.
Thanks,
Phil
More information about the argus
mailing list