[ARGUS] Segmentation fault (core dumped) while using argus- client (ra) and post ARGUS_DATA_DSR len is zero

Carter Bullard carter at qosient.com
Thu Oct 13 13:07:52 EDT 2022 

Hey Arijit,
Sorry you ran into a bug … The current code is argus-3.0.8.3.  Grab a copy from GitHub (https://github.com/openargus/argus <https://github.com/openargus/argus>) and the clients are (https://github.com/openargus/clients <https://github.com/openargus/clients>) …

I ran this version against your pcap files on a Mac OS 12.6 and did not have any problems.

Carter


> On Oct 12, 2022, at 11:23 PM, Arijit <arijit at deltax.ai> wrote:
> 
> Dear Developers;
>  
> I am currently using Ra Version 3.0.8.2 and  Argus Version 3.0.8.2. 
> I installed Argus in my system using apt install argus-server argus-client
> I am using the default ra.conf and argus.conf  files
> I have also attached the files here :) 
>  
> Error 1 : Segmentation fault (core dumped)
> I did the following steps to capture traffic the read the Argus file.
> sudo tcpdump -i <interface> -w zeek_argus3.pcap
> sudo argus -r zeek_argus3.pcap -w arguslasttry.out 
> ra -r  arguslasttry.out  # prints few records before giving segmentation fault error
> OR
> ra -r arguslasttry.out > something.csv
> 
> Error 2: ArgusGenerateRecordStruct: post ARGUS_DATA_DSR len is zero
> sudo tcpdump -i <interface> -s 0 -w zeek_argus1.pcap 
> sudo argus -r zeek_argus1.pcap -w argusfile1.argus
> ra -r  argusfile.argus  #prints few records before giving  the error ArgusGenerateRecordStruct: post ARGUS_DATA_DSR len is zero 
> OR
> ra -r argusfile.argus > tired.csv
> 
> Both the pcap file workd fine with wireshark/tshark and also properly converts properly. 
>  
> Thanks in advance :)
> <argusfile1.argus><zeek_argus1.pcap><tired.csv><arguslasttry.out><something.csv><zeek_argus3.pcap>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20221013/aa484933/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1385 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20221013/aa484933/attachment.bin>

More information about the argus mailing list