ra 3.0.3.17 timestamp bug & several bugs in ragraph

Carter Bullard carter at qosient.com
Fri Sep 10 09:11:36 EDT 2010 

Hey Maketsi,
Thanks, I've been scratching my head on date problems for a while, and your report helped a great deal!!!!
I'll have a fix this weekend.

Carter

On Sep 10, 2010, at 3:21 AM, maketsi wrote:

> There's a bug in newest ra client version 3.0.3.17. Timerange given as
> unix timestamps is parsed incorrectly when the timerange spans
> multiple days. This worked correctly in earlier version 3.0.3.7.
> 
> # ra -n -r argus.dat -t 1284062403-1284073203
> error: invalid time range startime_t 1284148803.000000 lasttime_t
> 1284073203.000000
> ra[26499]: 2010-09-10T09:29:33 time syntax error 1284062403-1284073203
> 
> # convdate.pl 1284062403
> 2010-09-09 23:00:03
> # convdate.pl 1284073203
> 2010-09-10 02:00:03
> 
> 
> Also, there are several bugs in ragraph 3.0.3.17 that wasn't there on
> 3.0.2. I haven't tested the versions between.
> 
> # ragraph pkts -M 1m -r /opt/data/argus/log/argus.dat -R
> /opt/data/archive/argus/20100909 -t -3d -w test.png -no-legend -title
> test -width 600 -height 300  - tcp
> rabins[4557]: 1284101219.488198 ArgusCalloc: malloc error Cannot allocate memory
> usage: /opt/argus/bin/ragraph metric (srcid | proto [daddr] | dport)
> [-title "title"] [ra-options]
> /opt/argus/bin/ragraph: unable to create `/tmp/filekgWEpm.rrd': start
> time: unparsable time:
> 
> # ragraph pkts -M 1m -r /opt/data/argus/log/argus.dat -w testi.png
> -no-legend -title testi -width 600 -height 300  - tcp
> sh: line 1:  4578 Segmentation fault
> /opt/argus-clients-3.0.3.17/bin/rabins -M hard zero -p6 -GL0 -s ltime
> pkts -M 1m -r /opt/data/argus/log/argus.dat - tcp >/tmp/fileJiy88v
> usage: /opt/argus/bin/ragraph metric (srcid | proto [daddr] | dport)
> [-title "title"] [ra-options]
> /opt/argus/bin/ragraph: unable to create `/tmp/fileJiy88v.rrd': start
> time: unparsable time:
> 
> # racount -r /opt/data/argus/log/argus.dat
> racount   records     total_pkts     src_pkts       dst_pkts
> total_bytes        src_bytes          dst_bytes
>    sum   462         0              0              0              0
>               0                  0
> 
> # racount -R /opt/data/archive/argus/20100909
> racount   records     total_pkts     src_pkts       dst_pkts
> total_bytes        src_bytes          dst_bytes
>    sum   38115       11747          11747          0
> 832336             832336             0
> 
> # ragraph pkts -M 5m -r argus2.dat -t -3h -w test.png -no-legend
> -title test -width 600 -height 300  - tcp and port 445
> rabins[26736]: 1284103070.646183 ArgusInsertRecord: ArgusCalloc error
> No such file or directory
> usage: /opt/argus/bin/ragraph metric (srcid | proto [daddr] | dport)
> [-title "title"] [ra-options]
> /opt/argus/bin/ragraph: unable to create `/tmp/fileWBDZHy.rrd': start
> time: unparsable time:
> 
> # ragraph pkts -M 5m -r argus2.dat  -w test.png -no-legend -title test
> -width 600 -height 300  - tcp and port 445
> /opt/argus/bin/ragraph: unable to update `/tmp/filenmt2Kq.rrd':
> illegal attempt to update using time 1284101700 when last update time
> is 1284101700 (minimum one second step)
> 
> # racount -r argus2.dat
> racount   records     total_pkts     src_pkts       dst_pkts
> total_bytes        src_bytes          dst_bytes
>    sum   136716      315709         313286         2423
> 21747340           21492415           254925
> 
> # ratimerange -r argus2.dat
> 2010-09-10T09:58:46 - 2010-09-10T10:19:46
> 
> 
> Environment:
> 
> System:  Linux 2.6.28 #1 Fri Jan 16 16:25:22 EET 2009 i686 i686 i386 GNU/Linux
> Arch:    i686
> Paths:    /opt/argus/bin/ra /usr/sbin/tcpdump /usr/bin/make
> /usr/bin/gmake /usr/bin/gcc /usr/bin/cc
> RA:      Ra Version 3.0.3.17
> TCPDUMP: tcpdump version 3.8 libpcap version 0.8.3
> 
> GCC:     Reading specs from /usr/lib/gcc/i386-redhat-linux/3.4.6/specs
> Configured with: ../configure --prefix=/usr --mandir=/usr/share/man
> --infodir=/usr/share/info --enable-shared --enable-threads=posix
> --disable-checking --with-system-zlib --enable-__cxa_atexit
> --disable-lib$
> Thread model: posix
> gcc version 3.4.6 20060404 (Red Hat 3.4.6-10)
> 
> LIBC:
> lrwxrwxrwx  1 root root 13 Nov 18  2008 /lib/libc.so.6 -> libc-2.3.4.so
> -rwxr-xr-x  1 root root 1529720 Apr 15  2008 /lib/libc-2.3.4.so
> -rw-r--r--  1 root root 2437028 Apr 15  2008 /usr/lib/libc.a
> -rw-r--r--  1 root root 204 Apr 15  2008 /usr/lib/libc.so
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3815 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20100910/bdf8533d/attachment.bin>

More information about the argus mailing list