argus-3.0.3.12 on the developer site

Carter Bullard carter at qosient.com
Wed Jun 23 17:45:02 EDT 2010 

Thread debugging is a problem on Solaris and some linux's.  You can use the native
Solaris  cc compiler and you can get better debugging support, at least that was my
experience when I was doing Solaris.

   ./configure --without-gcc

I've never liked Solaris, and these problems are in the set of reasons why ;o)
OK, so lets test for socktype for a while.  I've refreshed the argus-3.0.3.12 with
a new version with the changes, so grab and see where we get.

Carter


On Jun 23, 2010, at 5:27 PM, Michael Sanderson wrote:

> Carter, the configure.in is still slightly broken on Solaris 10.  You have
> 
> needsnprintf=no
> AC_CHECK_FUNCS(vsnprintf snprintf,,
> 	[needsnprintf=yes])
> if test $needsnprintf = yes; then
> 	AC_LIBOBJ(snprintf)
> fi
> 
> AC_CHECK_FUNCS(getaddrinfo)
> 
> #
> # Do this before checking for ether_hostton(), as it's a
> # "gethostbyname() -ish function".
> #
> AC_LBL_LIBRARY_NET
> AC_CHECK_FUNCS(getaddrinfo ether_hostton)
> 
> 
> The getaddrinfo prior to AC_LBL_LIBRARY_NET needs to go away so that we get the -lnsl -lsocket in the library list before testing for getaddrinfo().
> 
> 
> >>> Got a fix for the hp->ai_protocol switch problem.  Rather than let
> >>> the value be zero, I explicitly set it now.
> 
> This doesn't appear to have had any effect on Solaris and may be a Solaris getaddrinfo() implementation issue.  After the getaddrinfo() call in ArgusEstablishListen()
> 
> (gdb) print *host
> $2 = {ai_flags = 8, ai_family = 26, ai_socktype = 2, ai_protocol = 0,
>  ai_addrlen = 32, ai_canonname = 0x0, ai_addr = 0x547140, ai_next = 0x547168}
> 
> (gdb) print hints
> $3 = {ai_flags = 8, ai_family = 0, ai_socktype = 2, ai_protocol = 6,
>  ai_addrlen = 0, ai_canonname = 0x0, ai_addr = 0x0, ai_next = 0x0}
> 
> So Solaris has set ai_protocol to zero, despite the setting of hints.ai_protocol to IPPROTO_TCP and we subsequently fall through the switch (hp->ai_protocol) after the bind().
> 
> Putting back my tests on hp->ai_family in order to get the LISTEN to happen, argus is now working with binding to IN_ADDR_ANY.  Not sure how to explain that unless I did something bad during code modifications when I was testing earlier.
> 
> As I mentioned in other email, it was necessary to remove thread support to make this work.  Any hints on debugging the threads code to find out what is going on?
> 
>    Michael Sanderson
> 
> On 06/23/10 12:21 PM, Carter Bullard wrote:
>> Hmmmm,   We use setsockopt() to set SO_REUSEPORT and SO_REUSEADDR on the
>> new socket for the remote client connection (we don't try to set IP_OPTIONS anywhere),
>> and we use setsockopt() to set the TTL when you use udp multicast transport for argus
>> records.    So I've put a "LOG_INFO" error message if it has problems with these calls.
>> 
>> In the tcp_wrapper support code, we call a routine, fix_options(), which is in the
>> tcp_wrappers library.  You can turn this off by commenting out the #define KILL_IP_OPTIONS 1
>> around line 1572.
>> 
>> Maybe the error message will tell us something.  I've uploaded a new 3.0.3.12 to the
>> server, that has all these changes in it.
>> 
>> Carter
>> 
>> 
>> On Jun 23, 2010, at 2:54 PM, Michael Sanderson wrote:
>> 
>>> On 06/23/10 11:46 AM, Carter Bullard wrote:
>>>> Hey Michael,
>>>> 
>>>> How are specifying IN_ADDR_ANY?  Just using the default behavior does it fail?
>>> 
>>> Just the default behaviour without specifying an address to bind to.
>>> 
>>>    Michael Sanderson
>>> 
>>>> Carter
>>>> 
>>>> On Jun 22, 2010, at 6:19 AM, Michael Sanderson wrote:
>>>> 
>>>>> Carter, trying this on Solaris 10 SPARC with the patches I sent to you earlier today, it quietly exits with 'started' and 'ArgusGetInterfaceStatus: interface bge0 is up' syslog() messages showing up.
>>>>> 
>>>>> Turning off threads and enabling debugging, I eventually found that after the bind() in ArgusOutput.c'ArgusEstablishListen(), the switch on hp->ai_protocol isn't working as expected, at least in Solaris' case. hp->ai_protocol is set to 0, so the IPPROTO_TCP or IPPROTO_UDP cases fail and it quietly falls through.  Knowing that I want TCP sockets, I put in a 'case 0:' before the 'case IPPROTO_TCP:' and it now binds and gets into the LISTEN state.  That probably won't work for a bind to a UDP sockets, so the test might need to be against hp->ai_socktype for SOCK_STREAM and SOCK_DGRAM.  The remote connection from an 'ra' works in the case of a bind to a specific IP address via argus.conf, but fails in the case of a bind to IN_ADDR_ANY.  System logs (hostnames sanitized) show:
>>>>> 
>>>>> Jun 22 02:56:58 host argus[8733]: [ID 479164 daemon.warning] 22 Jun 10 02:56:58.741180 ArgusGetInterfaceStatus: interface bge0 is up
>>>>> Jun 22 02:57:11 host argus[8733]: [ID 444193 daemon.notice] connect from rahost with IP options (ignored): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>>>>> Jun 22 02:57:11 host argus[8733]: [ID 899512 daemon.error] setsockopt IP_OPTIONS NULL: Option not supported by protocol
>>>>> Jun 22 02:57:11 host argus[8733]: [ID 902185 daemon.info] 22 Jun 10 02:57:11.904408 connect from rahost
>>>>> Jun 22 02:57:11 host argus[8733]: [ID 507416 daemon.error] 22 Jun 10 02:57:11.905741 ArgusInitOutput: write(): Broken pipe
>>>>> 
>>>>> I haven't dug any farther for this.
>>>>> 
>>>>> My initial attempts to build on OpenSolaris (x86_64) and 64-bit OpenSuSE 11.2 failed, but that appears to be due to missing headers (byteswap.h) for OpenSolaris and appropriate libpcap libraries for OpenSuSE.
>>>>> 
>>>>>    Michael Sanderson
>>>>> 
>>>>> On 06/21/10 01:02 PM, Carter Bullard wrote:
>>>>>> Gentle people,
>>>>>> A new update to argus is now on the server:
>>>>>> 
>>>>>>    http://qosient.com/argus/dev/argus-3.0.3.12.tar.gz
>>>>>> 
>>>>>> This fixes all the known bugs in the argus server from the mailing
>>>>>> list, except the DAG issue reported by the good folks at NYU.  Hopefully
>>>>>> I can get that squared away this week, and we can release argus-3.0.4.
>>>>>> 
>>>>>> This round changes only a few portability issues on Ubuntu, FreeBSD,
>>>>>> and a major reworking of the "bond" and "dup" directives for interfaces.
>>>>>> Give this a run, and if there are any problems, don't hesitate to send email !!!
>>>>>> 
>>>>>> Hope all is most excellent!!!
>>>>>> 
>>>>>> Carter
>>>>>> 
>>>>>> Carter Bullard
>>>>>> CEO/President
>>>>>> QoSient, LLC
>>>>>> 150 E 57th Street Suite 12D
>>>>>> New York, New York  10022
>>>>>> 
>>>>>> +1 212 588-9133 Phone
>>>>>> +1 212 588-9134 Fax
>>>>>> 
>>>>>> 
>>>>>> 
>>>>> 
>>>>> 
>>>> 
>>>> Carter Bullard
>>>> CEO/President
>>>> QoSient, LLC
>>>> 150 E 57th Street Suite 12D
>>>> New York, New York  10022
>>>> 
>>>> +1 212 588-9133 Phone
>>>> +1 212 588-9134 Fax
>>>> 
>>>> 
>>>> 
>>> 
>>> 
>> 
>> Carter Bullard
>> CEO/President
>> QoSient, LLC
>> 150 E 57th Street Suite 12D
>> New York, New York  10022
>> 
>> +1 212 588-9133 Phone
>> +1 212 588-9134 Fax
>> 
>> 
>> 
> 
> 

Carter Bullard
CEO/President
QoSient, LLC
150 E 57th Street Suite 12D
New York, New York  10022

+1 212 588-9133 Phone
+1 212 588-9134 Fax



-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3815 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20100623/43318d9d/attachment.bin>

More information about the argus mailing list