Argus on FreeBSD

Carter Bullard carter at qosient.com
Tue Jul 4 11:53:18 EDT 2017


You need to BIND to localhost, if you want to access via localhost.  If BIND is to a specific address, you’ll need to “-S “ to the address.  If you want to access from localhost and the specific IP address, don’t use BIND … use a firewall to control who can get to argus or radium.  With radium and argus running together, usually argus BINDS to localhost, so anything external to the machine has to go through radium.

The v6 vs v4 shouldn't really be an issue, both argus and radium put down a “generic” listen down on the port (layer 4), which the os can support on any transport layer it likes (layer 3), so either v4 or v6 works fine.

All clients will try both v6 and v4 when it tries to get a connection, this is controlled by the os, so it shouldn’t matter.

Hope all is most excellent,
Carter


> On Jul 4, 2017, at 11:38 AM, Monah Baki <monahbaki at gmail.com> wrote:
> 
> root     radium     49424 3  tcp6   *:561                 *:*
> 
> 
> On Tue, Jul 4, 2017 at 11:37 AM, mike tancsa <mike at sentex.ca <mailto:mike at sentex.ca>> wrote:
> 
> Try
> sockstat | grep 561
> 
> to see what is bound on port 561 as it does not seem to be argus
> 
>         ---Mike
> 
> On 7/4/2017 11:29 AM, Monah Baki wrote:
> > root     argus      49407 3  tcp4   192.168.1.253:562 <http://192.168.1.253:562/>
> > <http://192.168.1.253:562 <http://192.168.1.253:562/>>     *:*
> > root     argus      49407 6  udp4   *:*                   *:*
> > root     argus      49407 7  tcp4   192.168.1.253:562 <http://192.168.1.253:562/>
> > <http://192.168.1.253:562 <http://192.168.1.253:562/>>     192.168.1.253:40196 <http://192.168.1.253:40196/>
> > <http://192.168.1.253:40196 <http://192.168.1.253:40196/>>
> >
> >
> > In my argus.conf, I did specify the IP address to bind to.
> > ARGUS_BIND_IP="192.168.1.253"
> >
> >
> >
> > Thanks
> > Monah
> >
> > On Tue, Jul 4, 2017 at 11:07 AM, Mike Tancsa <mike at sentex.net <mailto:mike at sentex.net>
> > <mailto:mike at sentex.net <mailto:mike at sentex.net>>> wrote:
> >
> >     On 7/3/2017 11:42 AM, Monah Baki wrote:
> >     >
> >     > Compiled yesterday argus 3.0.8.2 on FreeBSD 10.3-RELEASE-p18. I noticed
> >     > that running:
> >     >
> >     > netstat -an
> >     > tcp4       0      0 *.562
> >     > tcp6       0      0 *.561
> >
> >     > Is it possible that tcp6 might be the issue, not sure why it's running
> >     > on tcp6 when in my rc.cong I have the following:
> >     I usually tell it to bind to a specific IP in my argus config to make it
> >     more predictable. But what does
> >
> >     sockstat | grep argus
> >
> >     show ?
> >
> >             ---Mike
> >
> >
> >     --
> >     -------------------
> >     Mike Tancsa, tel +1 519 651 3400 <tel:%2B1%20519%20651%203400> <tel:%2B1%20519%20651%203400>
> >     Sentex Communications, mike at sentex.net <mailto:mike at sentex.net> <mailto:mike at sentex.net <mailto:mike at sentex.net>>
> >     Providing Internet services since 1994 www.sentex.net <http://www.sentex.net/>
> >     <http://www.sentex.net <http://www.sentex.net/>>
> >     Cambridge, Ontario Canada   http://www.tancsa.com/ <http://www.tancsa.com/>
> >
> >
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20170704/d3226bca/attachment.html>


More information about the argus mailing list