ralabel
CS Lee
geek00l at gmail.com
Fri Jun 1 02:02:53 EDT 2012
hi Carter,
Has you updated ralabel, it doesn't seem to work on version 3.0.6.1, when I
run
/usr/local/stow/argusc-3.0.6.1/bin/ralabel -f /nsmon/etc/ralabel.conf -S
10.10.10.1:561 -w - | ra -n -s stime proto saddr sport dir daddr dport
state sco dco sas das
12:28:55.523218 udp 1.2.3.4.64507 <-> 15.15.15.15.53
CON
12:28:55.597702 udp 1.2.3.4.32771 <- 2.3.4.5.53
RSP
12:28:55.647515 udp 1.2.3.4.60581 <-> 15.15.15.15.53
CON
You can see nothing shows up, if I use 3.0.5.34, it seems to be working. My
ralabel.conf has these few lines enabled
RALABEL_ARIN_COUNTRY_CODES=yes
RA_DELEGATED_IP="/nsmon/file/delegated-ipv4-latest"
RALABEL_GEOIP_ASN=yes
RALABEL_GEOIP_ASN_FILE="/nsmon/file/GeoIPASNum.dat"
Cheers!
--
Best Regards,
CS Lee<geek00L[at]gmail.com>
http://geek00l.blogspot.com
http://defcraft.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20120601/a8130cce/attachment.html>
More information about the argus
mailing list