Argus 3.0.6 and dnaclusters

Chris Wakelin c.d.wakelin at reading.ac.uk
Thu Dec 13 19:46:28 EST 2012 

I tried -D 12 :-) Lots of:

> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929446 ArgusGetPackets: pcap_dispatch() interface  1 up
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929453 ArgusUpdateTime (0x266c1b0) not time
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929461 ArgusGetPackets: select() returned 1
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929467 ArgusGetPackets: pcap_dispatch() interface  1 up
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929474 ArgusUpdateTime (0x266c1b0) not time
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929482 ArgusGetPackets: select() returned 1
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929489 ArgusGetPackets: pcap_dispatch() interface  1 up
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.929497 ArgusUpdateTime (0x266c1b0) not time
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.936015 ArgusGetPackets: select() returned 1

finally finishing with when I 'CTRL-C'-ed it with

> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.936078 ArgusProcessEtherHdr(0x7f469e33d600, 46) returning 0x800
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.936093 ArgusProcessPacketHdrs(0x266c1b0, 0x7f469e33d600, 60, 1) returning 2048
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.936101 ArgusProcessPacketHdrs(0x266c1b0, 0x7f469e33d60e, 46, 2048) returning 0
> argus-3.0.7.2-cdw[14899.0077d58a467f0000]: 14 Dec 12 00:42:28.936113 ArgusCreateIPv4Flow (0x266c1b0, 0x9e33d60e) returning 0x266cfb0
...

Best Wishes,
Chris

On 14/12/12 00:35, Carter Bullard wrote:
> Well at least it thinks its selectable ;O)
> How bout pumping up the -D to 10 or 12?
> Carter
> 
> 
> On Dec 13, 2012, at 7:17 PM, Chris Wakelin <c.d.wakelin at reading.ac.uk> wrote:
> 
>> Here goes :)
>>
>> Best Wishes,
>> Chris
>>
>> On 14/12/12 00:05, Carter Bullard wrote:
>>> Hey Chris,
>>> If its not there, I would say there is a problem.  If you run it with "-D 3" for a few packets,
>>> where is it saying that it is ?  ArgusGetPackets ?
>>>
>>> Carter
>>>

-- 
--+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+-
Christopher Wakelin,                           c.d.wakelin at reading.ac.uk
IT Services Centre, The University of Reading,  Tel: +44 (0)118 378 8439
Whiteknights, Reading, RG6 2AF, UK              Fax: +44 (0)118 975 3094

More information about the argus mailing list