Re: Undocumented flgs value

-e option - Argus Version 3.0.4

Hello all,

I am having issues with the '-e' option in ARGUS.

I run the following command:

argus -e 200 -w /tmp/testfile

and I get this in the ra output:
0.0.0.100,2012-04-02,14:52:15,2012-04-02,14:52:15,0.000000,192.168.198.137,192.168.198.1,6,22,53215,212,106,106,2,1,1,<?>,1,11,
e

As you can see the Argus Identifier is coming out as an IP address:
0.0.0.100 not 100 which I would like.  I think something changed from
the older versions.

In my python script I run the following command and pass some
variables to the command:
arguscommand = "/usr/local/sbin/argus -e "+capID+" -F
"+SCRIPTS+"/argus.conf -r "+cleancapturefile+" -w "+argusoutfile+" -
ip"

Prior to updating to the 3.0.4 version the command above would save
the identifier to the record.

Anyone else seeing a change in the format??  Or am I doing something wrong?

mab

Re: -e option - Argus Version 3.0.4

Hey Mark,
The ability to use something other than an IP address is in argus-3.0.5.x, soon to be argus-3.0.6.
I would suggest that you try argus-3.0.5.11, http://qosient.com/argus/dev/argus-latest.tar.gz.
It should be able to do what you're looking for.

Carter

On Apr 2, 2012, at 2:59 PM, Mark Bartlett wrote:

> Hello all,
> 
> I am having issues with the '-e' option in ARGUS.
> 
> I run the following command:
> 
> argus -e 200 -w /tmp/testfile
> 
> and I get this in the ra output:
> 0.0.0.100,2012-04-02,14:52:15,2012-04-02,14:52:15,0.000000,192.168.198.137,192.168.198.1,6,22,53215,212,106,106,2,1,1,<?>,1,11,
> e
> 
> As you can see the Argus Identifier is coming out as an IP address:
> 0.0.0.100 not 100 which I would like.  I think something changed from
> the older versions.
> 
> In my python script I run the following command and pass some
> variables to the command:
> arguscommand = "/usr/local/sbin/argus -e "+capID+" -F
> "+SCRIPTS+"/argus.conf -r "+cleancapturefile+" -w "+argusoutfile+" -
> ip"
> 
> Prior to updating to the 3.0.4 version the command above would save
> the identifier to the record.
> 
> Anyone else seeing a change in the format??  Or am I doing something wrong?
> 
> mab

argus[-clients]-3.0.6.rc1 available

Gentle people,
We finally fixed the last gottcha bug in argus-3.0.5.x, and I've uploaded
the release candidates for argus-3.0.6.  The web site has been updated
with all new content, examples, sample data, new man pages,, etc…….

So, please consider these new tarballs as the release candidates.
If you could give them a test run, sanity check, and the like, that would
be most excellent.  I'd like to release next week, if possible, assuming
not too much needs to be done to get the candidates releasable.

   http://qosient.com/argus/dev/argus-3.0.6.rc1.tar.gz
   http://qosient.com/argus/dev/argus-clients-3.0.6.rc1.tar.gz

Thanks for all the massive help.  Very glad that we're to this point.

We'll start argus-3.0.7.1 developers versions, almost immediately
after the release.  If you would like to start thinking about what we should
be adding, like netflowV9, complete sflow support, TLS replacement for
SASL, and more analytics, all are welcome suggestions.

Hope all is most excellent,

Carter

mods to argus[-clients]-3.0.6.rc1

Gentle people,
We've made a lot of changes to the rc1 versions, based on input from the
CMU associated groups, and from a number of individuals.  Most changes
are limited to the man pages, or to simple things, like using stout for
"-h" output, and consistent printing of mar records.

The new man pages are now on the web site.  You can get there from the
Argus main page, ' Documentation ' -> 'manuals'.  These pdf's are the actual
man pages from the new distributions.  Please take a look at these, if you
are seeing problems with man pages.

Thanks, and I'm looking for a release date of Friday, next week.
Hope all is most excellent,

Carter

License headers in argus and argus-clients sources

hello,

according to information on the Argus homepage, the software is distributed 
under GPLv3. However, during legal review, we found several source files with 
license headers that contradict this.

For example, from argus-3.0.4/argus/ArgusLcp.c :

  * THE ACCOMPANYING PROGRAM IS PROPRIETARY SOFTWARE OF QoSIENT, LLC,
  * AND CANNOT BE USED, DISTRIBUTED, COPIED OR MODIFIED WITHOUT
  * EXPRESS PERMISSION OF QoSIENT, LLC.

and on argus-clients side, argus-clients-3.0.4.1/include/argus/cons_out.h :

  * Permission to use, copy, modify, and distribute this software and
  * its documentation is restricted to personal use only.  Use, sale
  * or retransmission of this software for commercial purposes,
  * including but not limited to use as a commerical product or
  * in support of a commercial endeavor requires licensing from Carter
  * Bullard.

There are other problematic files with similar license headers:
argus-3.0.4/bin/argusbug
argus-clients-3.0.4.1/clients/raconvert.h

This unfortunately means that we cannot include Argus in the SUSE distribution. [1]

I presume that those license headers are an oversight, because both the website 
and COPYING files clearly state that the software is under GPLv3. Could you 
please have a look at this and remove the license headers, or clarify the 
licensing conditions?

thanks
Jan

p.s.: Also, as noted in [1], several files contain a GPL-incompatible BSD 
4-clause license header.

[1] https://bugzilla.novell.com/show_bug.cgi?id=739260

--

-- 
Jan Matejek
package maintainer, SUSE Linux

Re: License headers in argus and argus-clients sources

Hey Jan,
These are oversights.  The intention is for it to be completely GNU.

Please grab argus-3.0.6.rc1 and argus-clients-3.0.6.rc1 from here:
   http://qosient.com/argus/dev/argus-3.0.6.rc1.tar.gz
   http://qosient.com/argus/dev/argus-clients-3.0.6.rc1.tar.gz

I would prefer that you work with argus-3.0.6, as these will be released
within the week, and should not have these problems, but I have not gone
through it for this purpose.  I will go through it myself to make changes,
but please review these new files, as they will be the "current" argus
very soon.

If you find any additional issues, I will correct them immediately.

Carter

On Apr 6, 2012, at 1:08 PM, Jan Matějek wrote:

> hello,
> 
> according to information on the Argus homepage, the software is distributed under GPLv3. However,
during legal review, we found several source files with license headers that contradict this.
> 
> For example, from argus-3.0.4/argus/ArgusLcp.c :
> 
> * THE ACCOMPANYING PROGRAM IS PROPRIETARY SOFTWARE OF QoSIENT, LLC,
> * AND CANNOT BE USED, DISTRIBUTED, COPIED OR MODIFIED WITHOUT
> * EXPRESS PERMISSION OF QoSIENT, LLC.
> 
> and on argus-clients side, argus-clients-3.0.4.1/include/argus/cons_out.h :
> 
> * Permission to use, copy, modify, and distribute this software and
> * its documentation is restricted to personal use only.  Use, sale
> * or retransmission of this software for commercial purposes,
> * including but not limited to use as a commerical product or
> * in support of a commercial endeavor requires licensing from Carter
> * Bullard.
> 
> There are other problematic files with similar license headers:
> argus-3.0.4/bin/argusbug
> argus-clients-3.0.4.1/clients/raconvert.h
> 
> This unfortunately means that we cannot include Argus in the SUSE distribution. [1]
> 
> I presume that those license headers are an oversight, because both the website and COPYING files clearly
state that the software is under GPLv3. Could you please have a look at this and remove the license headers,
or clarify the licensing conditions?
> 
> thanks
> Jan
> 
> p.s.: Also, as noted in [1], several files contain a GPL-incompatible BSD 4-clause license header.
> 
> [1] https://bugzilla.novell.com/show_bug.cgi?id=739260
> 
> -- 
> Jan Matejek
> package maintainer, SUSE Linux

argus 2nd release candidates

Gentle people,
Rc2 versions of argus[-clients]-3.0.6 are now on the dev server.
The changes, as mentioned before, are limited to man page modifications
and the use of stdout when using the "-h" option, rather than stderr.

   http://qosient.com/argus/dev/argus-latest-tar.gz
   http://qosient.com/argus/dev/argus-clients-latest-tar.gz

This will be the last release candidates for 3.0.6 before release.
Any show stopper problems will be fixed, but rc2 code is now frozen.
Please review this as the official release tar packages.  

We should release Friday, if all is well.
Thanks for all the help !!!!

Carter

Re: License headers in argus and argus-clients sources

hello,

as per your newer e-mail, i grabbed argus 3.0.6.rc2, and simple grep for 
PROPRIETARY|commercial found those license headers again:

argus-latest:
bin/argusbug
argus/ArgusLcp.c

argus-clients-latest:
include/argus/cons_out.h

can you please fix that?
thanks
Jan

Dne 6.4.2012 20:30, Carter Bullard napsal(a):
 > Hey Jan,
 > These are oversights.  The intention is for it to be completely GNU.
 >
 > Please grab argus-3.0.6.rc1 and argus-clients-3.0.6.rc1 from here:
 >     http://qosient.com/argus/dev/argus-3.0.6.rc1.tar.gz
 >     http://qosient.com/argus/dev/argus-clients-3.0.6.rc1.tar.gz

Re: License headers in argus and argus-clients sources

Hey Jan,
Yes, I will do that late today.
If you find any others please don't hesitate.
Carter

On Apr 10, 2012, at 11:08 AM, Jan Matějek <jmatejek <at> suse.com> wrote:

> hello,
> 
> as per your newer e-mail, i grabbed argus 3.0.6.rc2, and simple grep for PROPRIETARY|commercial found
those license headers again:
> 
> argus-latest:
> bin/argusbug
> argus/ArgusLcp.c
> 
> argus-clients-latest:
> include/argus/cons_out.h
> 
> can you please fix that?
> thanks
> Jan
> 
> Dne 6.4.2012 20:30, Carter Bullard napsal(a):
> > Hey Jan,
> > These are oversights.  The intention is for it to be completely GNU.
> >
> > Please grab argus-3.0.6.rc1 and argus-clients-3.0.6.rc1 from here:
> >     http://qosient.com/argus/dev/argus-3.0.6.rc1.tar.gz
> >     http://qosient.com/argus/dev/argus-clients-3.0.6.rc1.tar.gz