new argus-clients-3.0.7.14 on the server

el draco eldraco at gmail.com
Tue Aug 20 15:54:12 EDT 2013 

It worked perfectly! Thanks a lot for that.
It is nice to see my labels back again!
cheers
sebas

On Tue, Aug 20, 2013 at 9:50 PM, Carter Bullard <carter at qosient.com> wrote:
> Hey Sebas,
> Here is a patch for your segmentation fault bug, if
> you're comfortable making the changes yourself.
>
>
> thoth:common carter$ p4 diff argus_label.c
> ==== //depot/argus/clients/common/argus_label.c#51 - /Volumes/Users/carter/argus/clients/common/argus_label.c ====
> 1011a1012
>>             str = strbuf;
>
> If not, I've also included a new argus_label.c, so replace your ./common/argus_label.c with this one,
> and recompile.  All should work well.
>
> I'll have a new client package up in a few days.
>
> Carter
>
>
>
> On Aug 20, 2013, at 3:21 PM, el draco <eldraco at gmail.com> wrote:
>
>> Hi Carter. ralabel still has the segfault
>>
>> RaLabeler Version 3.0.7.14
>>
>> ./bin/ralabel -f ralabel.segfault.conf
>> Segmentation fault
>>
>> Thanks for the great job you are doing!
>> Tell me if you need more tests.
>> sebas
>>
>>
>> On Tue, Aug 20, 2013 at 4:59 PM, Carter Bullard <carter at qosient.com> wrote:
>>> Gentle people,
>>> New client code up on the server.  This release fixes all
>>> known bugs that has been reported on the list, as well as
>>> having major modifications to rapath().
>>>
>>> New code has been added as guards around the reported
>>> label problems, but I am not sure that it has fixed
>>> the problem.  If we could test that, that would be great !!!
>>>
>>> We've made some big changes to rapath().  rapath() extracts
>>> topology information from argus data.  Basically it takes all
>>> data that has ICMP TXD messages mapped to it, and tabulates path
>>> information where it can.  This has the effect of capturing all
>>> traceroutes() that are observed by argus, regardless of the
>>> techniqu;  UDP, TCP or ICMP based, weather its vanilla or paris method,
>>> or several of the proprietary strategies seen in intrusions.
>>>
>>> We've changed the default output of the graph that rapath.1
>>> generates (using the -A option) to include the srcid, saddr
>>> and daddr, so that you can build topology from just the
>>> graphs.  I'll add the stime and duration as well, but need
>>> to figure out some command line options to control all these
>>> new fields.  Also rapath() is going to get a realtime mode,
>>> currently, its a " read a file, generate some output " type of
>>> tool.
>>>
>>> Please grab this code and give it a run.  I'm hoping to
>>> release 3.0.7.x as 3.0.8 in the next month, so if there are
>>> any gotchas, don't hold back.
>>>
>>> Carter
>>>
>> <ralabel.segfault.conf><test-flowfilter.conf>
>
>

More information about the argus mailing list