headers
Carter Bullard | 1 Oct 2001 17:21

argus-2.0.2.redux

Gentle people,
   Sorry for the delay in getting argus-2.0.2.redux out for
testing.  This version should fix the OpenBSD compiling
problems that Peter solved, and has some minor fixes in
argus for memory leaks.

ftp://qosient.com/dev/argus-2.0/argus-2.0.2.redux.tar.gz

   Please give this a test, as I would like to officially
release it at the end of the week.

   argus-2.0.2.redux is being released under GNU's General
Public License, and all future releases of Argus and its
clients will be released under the GPL.  This is a
substantial change in the prior licensing strategy for
Argus.  All users should be aware that the GPL is a more
restrictive license than the QoSient Public License,
so do take time to review how this change may effect
your use of Argus technology.

   If anyone has any comments on this license change,
do send mail to the mailing list!!!

Carter

Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York  10022
(Continue reading)

Permalink | Reply | 1 comment |
headers
Shilpa Bansod | 1 Oct 2001 19:42
Picon
Favicon

Packet loss computation in non-ESP flows

Hi all,
I have been trying to figure out how Argus computes packet loss rate in
non-ESP flows but have not been able to do so as yet. I would greatly
appreciate any insight into this. 

Thanks!
-Shilpa
Permalink | Reply | 3 comments |
headers
Carter Bullard | 1 Oct 2001 20:34

RE: Packet loss computation in non-ESP flows

Hey Shilpa,
   Well, there are three basic mechanisms that argus
uses to report on packet loss/retransmission.  The
first is that argus has a complete TCP state machine
and is using that to determine drops and retransmitted
packets.  The second is to track monotonically
increasing sequence numbers when they exist.  Argus
does this with ESP and RTP flows.  And the third
scheme is to enforce symmetric reporting for strict
request/response protocols, so Argus, when run using
the -R option (response mode), Argus generates data
that allows for easy calculation of packets lost.
This mode allows for you to calculate drops for ICMP
echo, traceroute, dns, ntp, portmapper, netbios, etc ...

Carter

Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York  10022

carter <at> qosient.com
Phone +1 212 588-9133
Fax   +1 212 588-9134
http://qosient.com

> -----Original Message-----
> From: owner-argus-info <at> lists.andrew.cmu.edu 
> [mailto:owner-argus-info <at> lists.andrew.cmu.edu] On Behalf Of
(Continue reading)

Permalink | Reply | 2 comments |
headers
Shilpa Bansod | 3 Oct 2001 01:41
Picon
Favicon

RE: Packet loss computation in non-ESP flows

Hi all,
I cannot seem to find the code that actually computes packet loss. Any
pointers would be appreciated. I understand that the code might be spread
across files, hence any keywords would do too!

Thanks,
-Shilpa

On Mon, 1 Oct 2001, Carter Bullard wrote:

> Hey Shilpa,
>    Well, there are three basic mechanisms that argus
> uses to report on packet loss/retransmission.  The
> first is that argus has a complete TCP state machine
> and is using that to determine drops and retransmitted
> packets.  The second is to track monotonically
> increasing sequence numbers when they exist.  Argus
> does this with ESP and RTP flows.  And the third
> scheme is to enforce symmetric reporting for strict
> request/response protocols, so Argus, when run using
> the -R option (response mode), Argus generates data
> that allows for easy calculation of packets lost.
> This mode allows for you to calculate drops for ICMP
> echo, traceroute, dns, ntp, portmapper, netbios, etc ...
> 
> Carter
> 
> Carter Bullard
> QoSient, LLC
> 300 E. 56th Street, Suite 18K
(Continue reading)

Permalink | Reply | 1 comment |
headers
Carter Bullard | 3 Oct 2001 14:45

RE: Packet loss computation in non-ESP flows

Ooops,
   If your looking for the implementation,
its in Argus_tcp.c, Argus_esp.c and Argus_app.c.
Look for keywords like retrans, lost, and drop.

Carter

Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York  10022

carter <at> qosient.com
Phone +1 212 588-9133
Fax   +1 212 588-9134
http://qosient.com

> -----Original Message-----
> From: Shilpa Bansod [mailto:shilpa <at> mtu.edu] 
> Sent: Tuesday, October 02, 2001 7:41 PM
> To: Carter Bullard
> Cc: argus-info <at> lists.andrew.cmu.edu
> Subject: RE: Packet loss computation in non-ESP flows
> 
> 
> Hi all,
> I cannot seem to find the code that actually computes packet 
> loss. Any pointers would be appreciated. I understand that 
> the code might be spread across files, hence any keywords 
> would do too!
(Continue reading)

Permalink | Reply | 0 comments |
headers
Peter Van Epp | 5 Oct 2001 18:46
Picon
Picon
Favicon

Re: argus-2.0.2.redux

> 
> Gentle people,
>    Sorry for the delay in getting argus-2.0.2.redux out for
> testing.  This version should fix the OpenBSD compiling
> problems that Peter solved, and has some minor fixes in
> argus for memory leaks.
> 
> ftp://qosient.com/dev/argus-2.0/argus-2.0.2.redux.tar.gz
> 
>    Please give this a test, as I would like to officially
> release it at the end of the week.
> 

	Late as usual, a couple of bugs (with these two applied OpenBSD 2.8
compiles and runs and the man line prints correctly, I'll verify NetBSD and
FreeBSD in a while).

*** common/argus_util.c.orig	Fri Oct  5 01:36:50 2001
--- common/argus_util.c	Fri Oct  5 01:37:46 2001
***************
*** 1033,1039 ****

     } else {
        if (Iflag)
! #if defined(HAVE_SOLARIS) || defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD)
           strcpy (fmtstr, "%s%s%4s  pkts %9lld  bytes %12lld  drops %5d  ");
        else
           strcpy (fmtstr, "%s  %4s  pkts %9lld  bytes %12lld  drops %5d  ");
--- 1033,1039 ----
(Continue reading)

Permalink | Reply | 0 comments |
headers
Peter Van Epp | 5 Oct 2001 20:15
Picon
Picon
Favicon

argus-2.0.2.redux

	argus-2.0.2.redux (with the 2 difs applied) successfully compiles and
at a quick glance at the output appears to work with correct man counts on 
all of OpenBSD 2.8, NetBSD 1.5 and FreeBSD 4.4-RELEASE.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada
Permalink | Reply | 8 comments |
headers
Carter Bullard | 12 Oct 2001 00:00

argus-2.0.3 available for testing

Gentle people,
   Sorry for the delay in getting this out.  I've made the
changes that Peter suggested for OpenBSD porting, and
added a long waiting patch that was supplied by Kevin Miller
at CMU to allow you to control what interface Argus will
bind to for its remote access ports (sorry Kevin for the
delay).  Mods to the man pages and the support/Config/argus.conf
file are included so it should be pretty straight forward
to test.  I've uploaded argus-2.0.3 to the dev directory.

ftp://qosient.com/dev/argus-2.0/argus-2.0.3.tar.gz

If the group could please, put the final kabash to this and if
it passes, I'll announce it's availability, ASAP.

Kevin's change allows you to force the listen to a particular
interface, which can really help in the security of accessing
remote argus data.  Binding to 127.0.0.1 is pretty powerful,
and binding to a specific interface on a dual homed machine
that doesn't do routing can also be pretty powerful.  So 
thanks Kevin!!

Carter

Carter Bullard
QoSient, LLC
300 E. 56th Street, Suite 18K
New York, New York  10022

carter <at> qosient.com
(Continue reading)

Permalink | Reply | 7 comments |
headers
Peter Van Epp | 12 Oct 2001 04:55
Picon
Picon
Favicon

Re: argus-2.0.3 available for testing

	Looks good so far. Compiles and runs successfully on OpenBSD 2.8 and
FreeBSD 4.3-RELEASE. I'll check NetBSD in the morning when I can reboot the
OpenBSD machine in to NetBSD.

Peter Van Epp / Operations and Technical Support 
Simon Fraser University, Burnaby, B.C. Canada
Permalink | Reply | 1 comment |
headers
Andreas Östling | 12 Oct 2001 10:02
Picon
Picon

Re: argus-2.0.3 available for testing


On Friday 12 October 2001 04.55,  Peter Van Epp wrote:
> Looks good so far. Compiles and runs successfully on OpenBSD 2.8 and
> FreeBSD 4.3-RELEASE. I'll check NetBSD in the morning when I can
> reboot the OpenBSD machine in to NetBSD.

Compiles out of the box and seems to run successfully on OpenBSD 2.9 as 
well, although I've not tested it very much yet.

/Andreas
Permalink | Reply | 0 comments |

Gmane