Problem with byte-swapped IP addresses
Peter Van Epp
vanepp at sfu.ca
Wed Mar 10 17:17:18 EST 2010
<snip>
>
> Never seen anything from argus in syslog. It's not using 100% CPU, so
> I don't think it's argus being slow.
>
Thats probably a bad thing :-). It likely means that syslog isn't
configured correctly :-). One or the other of linux or FreeBSD (unfortunatly
I'm old and don't at this moment remember which :-)) needs a config change to
get argus to syslog.
On FreeBSD (where argus is running right now) I get a time stamped
start message like
Jan 14 20:35:37 hp3 argus[811]: 14 Jan 10 20:35:27 started
Jan 14 20:35:37 hp3 argus[811]: 14 Jan 10 20:35:27 ArgusGetInterfaceStatus: interface nfe0 is up
I get no messages from argus at all in the CentOS linux box that ra is
running on (and that I reinstalled sometime back) suggesting that its linux
that needs the config change. I'll see if I can remember or find what I
changed and post it. Looks like it was FreeBSD though. It would be worth
checking this
" As noted earlier it is worthwhile to delete the
#undef ARGUS_SYSLOG
at line 1757 of common/argus_util.c in the argus-3.0.1.beta.3 (and earlier)
source and rebuild. The server will then syslog various events and errors to
the daemon syslog facility (which needs to be enabled in FreeBSD 7.1 in syslog).
That may help too."
I hope that got updated in the source but it may not have (I'm not
currently running the latest argus source).
Peter Van Epp
More information about the argus
mailing list