argus-clients-3.0.3.21
Wolfgang Barth
wob at swobspace.de
Thu Dec 23 05:32:33 EST 2010
Hi Carter,
> argus clients 3.0.3.21 is available for testing. It fixes a number of problems on the mailing list,
> especially a serious timestamp problem, as well as fixes for IPv6 CIDR address filters,
Sorry, the timestamp problem with rabins is not yet fixed. My logfile
contains data from 2010-12-23 10:05 until 2010-12-23 11:26.
1) rabins -M time 1m -r test.log.gz - tcp dst port 80
works.
2) rabins -M time 1m -r test.log.gz -t 2010/12/23 - tcp dst port 80
no data, no error
3) rabins -M time 1m -r test.log.gz -t 10-11 - tcp dst port 80
rabins[6422]: 2010-12-23 11:28:29 ArgusCalloc: malloc error Cannot
allocate memory
3) rabins -M time 1m -r test.log.gz -t 10:05-11:00 - tcp dst port 80
rabins[6531]: 2010-12-23 11:29:21 ArgusCalloc: malloc error Cannot
allocate memory
this range definitively contains data.
4) rabins -M time 1m -r test.log.gz -t 10:10-10:40 - tcp dst port 80
works.
Wolfgang
--
<wob (at) swobspace de> * http://www.swobspace.de
More information about the argus
mailing list