Argus-info Digest, Vol 105, Issue 33
Jason
dn1nj4 at gmail.com
Wed May 21 11:03:00 EDT 2014
"-Z s" is for the src side of the state. I tried "-Zs" and removing it
altogether. No change.
On Wed, May 21, 2014 at 10:14 AM,
<argus-info-request at lists.andrew.cmu.edu>wrote:
> Send Argus-info mailing list submissions to
> argus-info at lists.andrew.cmu.edu
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.andrew.cmu.edu/mailman/listinfo/argus-info
> or, via email, send a message with subject or body 'help' to
> argus-info-request at lists.andrew.cmu.edu
>
> You can reach the person managing the list at
> argus-info-owner at lists.andrew.cmu.edu
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Argus-info digest..."
>
>
> Today's Topics:
>
> 1. Re: 3.0.7.28 rasqlinsert compile fails (dn1nj4)
> 2. rasqlinsert 3.0.7.28 not inserting additional data fields?
> (Jason)
> 3. Re: rasqlinsert 3.0.7.28 not inserting additional data
> fields? (David Edelman)
> 4. Re: rasqlinsert 3.0.7.28 not inserting additional data
> fields? (Carter Bullard)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 20 May 2014 21:23:02 -0400
> From: dn1nj4 <dn1nj4 at gmail.com>
> Subject: Re: [ARGUS] 3.0.7.28 rasqlinsert compile fails
> To: David Edelman <dedelman at iname.com>
> Cc: Argus <argus-info at lists.andrew.cmu.edu>
> Message-ID: <66775B2D-8E00-4B1E-9EC0-584AC4A4FFCD at gmail.com>
> Content-Type: text/plain; charset=utf-8
>
> Indeed it was that, followed by readline. Thanks to everyone who reaponded!
>
> > On May 20, 2014, at 15:50, David Edelman <dedelman at iname.com> wrote:
> >
> > it looks like you might need the ncurses dev package (it might be called
> gcurses)
> >
> > --Dave
> >
> >> On May 20, 2014, at 8:51, Jason <dn1nj4 at gmail.com> wrote:
> >>
> >> Carter,
> >>
> >> When trying to compile the 3.0.7.28 rasqlinsert client, I am getting
> the following errors:
> >>
> >> gcc -O -I. -I../../include -I../../common -I/usr/include/mysql
> -DHAVE_CONFIG_H -c ./rasqlinsert.c
> >> In file included from ./rasqlinsert.c:49:0:
> >> ./rasqlinsert.h:135:56: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:136:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:165:4: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:199:4: error: unknown type name ?attr_t?
> >> ./rasqlinsert.h:229:58: error: unknown type name ?WINDOW?
> >> In file included from ./rasqlinsert.c:49:0:
> >> ./rasqlinsert.h:230:142: error: unknown type name ?attr_t?
> >> ./rasqlinsert.h:408:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:425:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:426:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:427:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:428:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:429:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:430:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:431:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:432:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.h:433:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:244:122: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:245:119: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:246:120: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:247:121: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:248:58: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:345:58: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:365:1: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:410:27: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:411:26: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:412:27: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c: In function ?ArgusOutputProcess?:
> >> ./rasqlinsert.c:439:29: error: ?TRUE? undeclared (first use in this
> function)
> >> ./rasqlinsert.c:439:29: note: each undeclared identifier is reported
> only once for each function it appears in
> >> ./rasqlinsert.c: At top level:
> >> ./rasqlinsert.c:498:19: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:499:1: warning: no semicolon at end of struct or union
> [enabled by default]
> >> ./rasqlinsert.c:503:34: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:504:29: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:505:26: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:506:32: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:507:25: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:508:36: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:509:24: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:510:26: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:511:26: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:512:27: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:513:23: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:514:28: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:515:29: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:517:27: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:521:20: error: ?ArgusProcessCharacter? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:521:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:521:4: warning: (near initialization for
> ?ArgusInputCommandTable[0]?) [enabled by default]
> >> ./rasqlinsert.c:522:20: error: ?ArgusProcessTerminator? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:522:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:522:4: warning: (near initialization for
> ?ArgusInputCommandTable[1]?) [enabled by default]
> >> ./rasqlinsert.c:523:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:523:4: warning: (near initialization for
> ?ArgusInputCommandTable[2]?) [enabled by default]
> >> ./rasqlinsert.c:524:20: error: ?ArgusProcessBell? undeclared here (not
> in a function)
> >> ./rasqlinsert.c:524:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:524:4: warning: (near initialization for
> ?ArgusInputCommandTable[3]?) [enabled by default]
> >> ./rasqlinsert.c:525:20: error: ?ArgusProcessNewPage? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:525:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:525:4: warning: (near initialization for
> ?ArgusInputCommandTable[4]?) [enabled by default]
> >> ./rasqlinsert.c:526:20: error: ?ArgusProcessDeviceControl? undeclared
> here (not in a function)
> >> ./rasqlinsert.c:526:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:526:4: warning: (near initialization for
> ?ArgusInputCommandTable[5]?) [enabled by default]
> >> ./rasqlinsert.c:527:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:527:4: warning: (near initialization for
> ?ArgusInputCommandTable[6]?) [enabled by default]
> >> ./rasqlinsert.c:528:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:528:4: warning: (near initialization for
> ?ArgusInputCommandTable[7]?) [enabled by default]
> >> ./rasqlinsert.c:529:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:529:4: warning: (near initialization for
> ?ArgusInputCommandTable[8]?) [enabled by default]
> >> ./rasqlinsert.c:530:20: error: ?ArgusProcessDeleteLine? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:530:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:530:4: warning: (near initialization for
> ?ArgusInputCommandTable[9]?) [enabled by default]
> >> ./rasqlinsert.c:531:20: error: ?ArgusProcessEscape? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:531:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:531:4: warning: (near initialization for
> ?ArgusInputCommandTable[10]?) [enabled by default]
> >> ./rasqlinsert.c:532:20: error: ?ArgusProcessEndofTransmission?
> undeclared here (not in a function)
> >> ./rasqlinsert.c:532:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:532:4: warning: (near initialization for
> ?ArgusInputCommandTable[11]?) [enabled by default]
> >> ./rasqlinsert.c:533:5: error: ?KEY_UP? undeclared here (not in a
> function)
> >> ./rasqlinsert.c:533:20: error: ?ArgusProcessKeyUp? undeclared here (not
> in a function)
> >> ./rasqlinsert.c:533:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:533:4: warning: (near initialization for
> ?ArgusInputCommandTable[12]?) [enabled by default]
> >> ./rasqlinsert.c:534:5: error: ?KEY_DOWN? undeclared here (not in a
> function)
> >> ./rasqlinsert.c:534:20: error: ?ArgusProcessKeyDown? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:534:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:534:4: warning: (near initialization for
> ?ArgusInputCommandTable[13]?) [enabled by default]
> >> ./rasqlinsert.c:535:5: error: ?KEY_LEFT? undeclared here (not in a
> function)
> >> ./rasqlinsert.c:535:20: error: ?ArgusProcessKeyLeft? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:535:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:535:4: warning: (near initialization for
> ?ArgusInputCommandTable[14]?) [enabled by default]
> >> ./rasqlinsert.c:536:5: error: ?KEY_RIGHT? undeclared here (not in a
> function)
> >> ./rasqlinsert.c:536:20: error: ?ArgusProcessKeyRight? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:536:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:536:4: warning: (near initialization for
> ?ArgusInputCommandTable[15]?) [enabled by default]
> >> ./rasqlinsert.c:537:20: error: ?ArgusProcessBackspace? undeclared here
> (not in a function)
> >> ./rasqlinsert.c:537:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:537:4: warning: (near initialization for
> ?ArgusInputCommandTable[16]?) [enabled by default]
> >> ./rasqlinsert.c:538:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:538:4: warning: (near initialization for
> ?ArgusInputCommandTable[17]?) [enabled by default]
> >> ./rasqlinsert.c:539:5: error: ?KEY_DC? undeclared here (not in a
> function)
> >> ./rasqlinsert.c:539:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:539:4: warning: (near initialization for
> ?ArgusInputCommandTable[18]?) [enabled by default]
> >> ./rasqlinsert.c:540:5: error: ?KEY_BACKSPACE? undeclared here (not in a
> function)
> >> ./rasqlinsert.c:540:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:540:4: warning: (near initialization for
> ?ArgusInputCommandTable[19]?) [enabled by default]
> >> ./rasqlinsert.c:541:5: error: ?KEY_DL? undeclared here (not in a
> function)
> >> ./rasqlinsert.c:541:4: warning: excess elements in struct initializer
> [enabled by default]
> >> ./rasqlinsert.c:541:4: warning: (near initialization for
> ?ArgusInputCommandTable[20]?) [enabled by default]
> >> ./rasqlinsert.c:547:29: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c: In function ?ArgusProcessCursesInput?:
> >> ./rasqlinsert.c:594:47: error: ?ERR? undeclared (first use in this
> function)
> >> ./rasqlinsert.c: In function ?ArgusProcessCommand?:
> >> ./rasqlinsert.c:629:19: error: ?struct ArgusInputCommand? has no member
> named ?process?
> >> ./rasqlinsert.c: At top level:
> >> ./rasqlinsert.c:636:24: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:1646:21: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:1663:27: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:1720:20: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:1842:32: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:1858:20: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:1924:22: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:2000:22: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:2014:23: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:2028:19: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:2045:24: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:2078:25: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:2094:23: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c: In function ?ArgusDrawWindow?:
> >> ./rasqlinsert.c:2979:7: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:3054:28: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:3075:73: error: ?ERR? undeclared (first use in this
> function)
> >> ./rasqlinsert.c:3200:30: error: ?FALSE? undeclared (first use in this
> function)
> >> ./rasqlinsert.c: In function ?ArgusTouchScreen?:
> >> ./rasqlinsert.c:3559:24: error: ?TRUE? undeclared (first use in this
> function)
> >> ./rasqlinsert.c: In function ?ArgusUpdateScreen?:
> >> ./rasqlinsert.c:3568:24: error: ?TRUE? undeclared (first use in this
> function)
> >> ./rasqlinsert.c: In function ?RaRefreshDisplay?:
> >> ./rasqlinsert.c:5341:18: error: ?tvp? undeclared (first use in this
> function)
> >> ./rasqlinsert.c:5351:27: error: ?FALSE? undeclared (first use in this
> function)
> >> ./rasqlinsert.c: At top level:
> >> ./rasqlinsert.c:5373:22: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:5401:21: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:5459:22: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c: In function ?RaResizeScreen?:
> >> ./rasqlinsert.c:5764:16: error: ?stdscr? undeclared (first use in this
> function)
> >> ./rasqlinsert.c:5777:70: error: ?ERR? undeclared (first use in this
> function)
> >> ./rasqlinsert.c:5816:24: error: ?FALSE? undeclared (first use in this
> function)
> >> ./rasqlinsert.c: At top level:
> >> ./rasqlinsert.c:5962:135: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:5984:132: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:6115:133: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:6206:134: error: unknown type name ?attr_t?
> >> ./rasqlinsert.c:6220:59: error: unknown type name ?WINDOW?
> >> ./rasqlinsert.c:6247:60: error: unknown type name ?WINDOW?
> >>
> >> Am I missing an expected -dev package somewhere? 3.0.6.2 seems to
> compile without issue.
> >>
> >> Thanks,
> >> Jason
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 21 May 2014 02:29:47 -0400
> From: Jason <dn1nj4 at gmail.com>
> Subject: [ARGUS] rasqlinsert 3.0.7.28 not inserting additional data
> fields?
> To: Argus <argus-info at lists.andrew.cmu.edu>
> Message-ID:
> <
> CADBniYgsP_XFDTe3c6as8vkPS4vDPYVm_duewKqZaGK0AtQ3NQ at mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hi Carter,
>
> Appreciate all the help as I try to learn rasqlinsert. With this command:
>
> rasqlinsert -M cache -m saddr proto sport dport -r <myfile> -w
> mysql://argdb:<password>@
> localhost/argus/tempTable -L0 -Z s -u -s stime saddr proto sport dport
> sbytes runtime dbytes trans state -D3 -M mysql_engine=MyISAM
>
> In both both 3.0.6.2 and 3.0.7.28, data is inserted into "tempTable".
> However in 3.0.7.28, only the fields specified in "-m" have any data
> (saddr, proto, sport and dport). Most of the remaining fields are empty or
> zeroed out in 3.0.7.28 (stime, sbytes, runtime, dbytes and trans). state
> is either INT (tcp) or RSP (udp/arp). I see this in the debug insert
> statements.
>
> Any idea what would cause this?
>
> Jason
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> https://lists.andrew.cmu.edu/mailman/private/argus-info/attachments/20140521/3b242d20/attachment-0001.html
>
> ------------------------------
>
> Message: 3
> Date: Wed, 21 May 2014 05:59:48 -0400
> From: David Edelman <dedelman at iname.com>
> Subject: Re: [ARGUS] rasqlinsert 3.0.7.28 not inserting additional
> data fields?
> To: Jason <dn1nj4 at gmail.com>
> Cc: Argus <argus-info at lists.andrew.cmu.edu>
> Message-ID: <E00DCA7B-6E6B-441B-80C4-EAB591BC28E1 at iname.com>
> Content-Type: text/plain; charset=us-ascii
>
> There is a problem when rasqlinsert reads from a file try removing the -r
> <filename> and prepend ra -r <filename> -w - | rasqlinsert ... It still
> doesn't work but the fields are filled in for the records that it creates.
> BTW you might want to add a -X as the first parameter to each client so
> that you are sure there isn't a config file problem
>
> --Dave
>
> Dave Edelman
>
>
> > On May 21, 2014, at 2:29, Jason <dn1nj4 at gmail.com> wrote:
> >
> > Hi Carter,
> >
> > Appreciate all the help as I try to learn rasqlinsert. With this
> command:
> >
> > rasqlinsert -M cache -m saddr proto sport dport -r <myfile> -w
> mysql://argdb:<password>@
> > localhost/argus/tempTable -L0 -Z s -u -s stime saddr proto sport dport
> sbytes runtime dbytes trans state -D3 -M mysql_engine=MyISAM
> >
> > In both both 3.0.6.2 and 3.0.7.28, data is inserted into "tempTable".
> However in 3.0.7.28, only the fields specified in "-m" have any data
> (saddr, proto, sport and dport). Most of the remaining fields are empty or
> zeroed out in 3.0.7.28 (stime, sbytes, runtime, dbytes and trans). state
> is either INT (tcp) or RSP (udp/arp). I see this in the debug insert
> statements.
> >
> > Any idea what would cause this?
> >
> > Jason
>
>
> ------------------------------
>
> Message: 4
> Date: Wed, 21 May 2014 10:14:36 -0400
> From: Carter Bullard <carter at qosient.com>
> Subject: Re: [ARGUS] rasqlinsert 3.0.7.28 not inserting additional
> data fields?
> To: Jason <dn1nj4 at gmail.com>
> Cc: Argus <argus-info at lists.andrew.cmu.edu>
> Message-ID: <CF9194AD-F5E0-483E-B571-3E3F95E85FE4 at qosient.com>
> Content-Type: text/plain; charset=us-ascii
>
> Hey Jason,
> it maybe the single 's' that is in your commandline after the 'Z' ??
> Not sure what that does if it doesn't generate an error.
> Carter
>
>
> > On May 21, 2014, at 2:29 AM, Jason <dn1nj4 at gmail.com> wrote:
> >
> > Hi Carter,
> >
> > Appreciate all the help as I try to learn rasqlinsert. With this
> command:
> >
> > rasqlinsert -M cache -m saddr proto sport dport -r <myfile> -w
> mysql://argdb:<password>@
> > localhost/argus/tempTable -L0 -Z s -u -s stime saddr proto sport dport
> sbytes runtime dbytes trans state -D3 -M mysql_engine=MyISAM
> >
> > In both both 3.0.6.2 and 3.0.7.28, data is inserted into "tempTable".
> However in 3.0.7.28, only the fields specified in "-m" have any data
> (saddr, proto, sport and dport). Most of the remaining fields are empty or
> zeroed out in 3.0.7.28 (stime, sbytes, runtime, dbytes and trans). state
> is either INT (tcp) or RSP (udp/arp). I see this in the debug insert
> statements.
> >
> > Any idea what would cause this?
> >
> > Jason
>
>
> ------------------------------
>
> _______________________________________________
> Argus-info mailing list
> Argus-info at lists.andrew.cmu.edu
> https://lists.andrew.cmu.edu/mailman/listinfo/argus-info
>
>
> End of Argus-info Digest, Vol 105, Issue 33
> *******************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140521/5d7686bd/attachment.html>
More information about the argus
mailing list