argus-clients-3.0.7.16 now available
Carter Bullard
carter at qosient.com
Mon Sep 30 10:20:14 EDT 2013
Hey Dave,
Thanks !!!!!!
I'll fix these today / this week.
I don't get the problems you see with GeoIP…
If you could do the gdb() thing that would be great, if not, I'll
need to know machine / OS type, how radium is called, etc… For
me to replicate the problem to debug, I'll also need the label
configuration files you are using.
I'll look at the Netflow issue, do you expect the output to be:
00:00:00:00:00:03
or would you rather it be:
3
I can make an exception for Netflow data and L2 data types, but
there isn't a real L2 type of (short int), so I'll have
to think of what to do to make this exception throughout the
whole system.
Carter
On Sep 28, 2013, at 1:10 PM, David Edelman <dedelman at iname.com> wrote:
> Carter,
>
> This version looks pretty good. I've been hammering on rasqlinsert and it
> looks very stable. I have seen two problems:
>
> 1 - If .rarc is set to only translate proto then using :n in ratop and
> setting the value to all or port does not get the port names to display.
> Setting it to all will do the hostname translation but not port. If .rarc
> is set to port, then it all works
> 2 - If I specify any of the GeoIP labeling options then radium seg faults.
> I downloaded the latest libraries and data files from MaxMind and rebuild
> the clients, but no luck. As far as ldd can tell, I am linked with the
> correct library. If you need me to, I can do some debugging on this later
> today.
>
>
> A nit, but not really a problem - dmac and smac have the NetFlow port
> index numbers but it looks like you may be doing hton conversion on the
> value so the display is a bit odd. I get 00:00:00:00:03:00 for port index
> 3
>
>
>
>
> --Dave
>
>
>
> On 9/27/13 3:32 AM, "Carter Bullard" <carter at qosient.com> wrote:
>
>> Gentle people,
>> New clients are on the development server, which fixes all known bugs,
>> well, at least the ones that I'm aware of that needed to be fixed.
>> However, if you download the code, and your problem is not resolved,
>> please holler, as I'd like to get the code ready for stable release.
>>
>> http://qosient.com/argus/dev/argus-clients-latest.tar.gz
>>
>>
>> This version has failed and now passed a large number of memory tests,
>> as we had a serious stack corruption problem after fixing the big label
>> merging and processing bugs a few weeks back.
>>
>> Lots of little nits are now working, and of course, filtering and sorting
>> with -0.0 as a valid value, are now working.
>>
>> I still need to work on ranonymize() performance, and followup on SQL
>> database performance issues.
>>
>> And then on to argus-3.0.7.5Š.
>>
>> Hope all is most excellent, and thanks for all the help !!!!!
>>
>> Carter
>>
>>
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6837 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20130930/fc3b70c2/attachment.bin>
More information about the argus
mailing list