diff -Nru argus-3.0.8.1/argus/ArgusApp.c argus-3.0.8.2/argus/ArgusApp.c --- argus-3.0.8.1/argus/ArgusApp.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusApp.c 2015-06-29 20:17:25.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusApp.c#28 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/argus/ArgusApp.c#29 $ + * $DateTime: 2015/06/29 16:17:25 $ + * $Change: 3027 $ */ #ifdef HAVE_CONFIG_H @@ -276,7 +276,8 @@ } } else { if ((sport == ARGUS_UDT_PORT) || (dport == ARGUS_UDT_PORT)) { - if (ArgusParseUDTHeader (model, (struct udt_header *) model->ArgusThisUpHdr)) { + unsigned int status = 0; + if (ArgusParseUDTHeader (model, (struct udt_header *) model->ArgusThisUpHdr, &status)) { struct ArgusNetworkStruct *net = (struct ArgusNetworkStruct *) flowstr->dsrs[ARGUS_NETWORK_INDEX]; if (net == NULL) { @@ -293,6 +294,9 @@ struct ArgusUDTObject *udtObject = (struct ArgusUDTObject *)(&net->hdr + 1); bcopy (ArgusThisUdtHshake, &udtObject->hshake, sizeof(*ArgusThisUdtHshake)); } + + if (status != 0) + net->net_union.udt.status |= status; } } } diff -Nru argus-3.0.8.1/argus/argus.c argus-3.0.8.2/argus/argus.c --- argus-3.0.8.1/argus/argus.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/argus.c 2015-07-02 14:42:46.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/argus.c#100 $ - * $DateTime: 2015/04/13 00:43:29 $ - * $Change: 2982 $ + * $Id: //depot/argus/argus/argus/argus.c#101 $ + * $DateTime: 2015/07/02 10:42:46 $ + * $Change: 3030 $ */ /* @@ -1408,12 +1408,12 @@ } case ARGUS_CAPTURE_FULL_CONTROL_DATA: - if ((strncasecmp(optarg, "yes", 3)) != 0) { - setArgusCaptureFlag (ArgusSourceTask, 1); - setArgusSnapLen (ArgusSourceTask, (getArgusUserDataLen(ArgusModel) + ARGUS_MINSNAPLEN)); + if (!(strncasecmp(optarg, "yes", 3))) { + setArgusCaptureFlag(ArgusSourceTask, 1); + setArgusControlMonitor(ArgusModel); + setArgusSnapLen(ArgusSourceTask, ARGUS_MAXSNAPLEN); } else { setArgusCaptureFlag (ArgusSourceTask, 0); - setArgusSnapLen (ArgusSourceTask, ARGUS_MAXSNAPLEN); } break; diff -Nru argus-3.0.8.1/argus/ArgusEvents.c argus-3.0.8.2/argus/ArgusEvents.c --- argus-3.0.8.1/argus/ArgusEvents.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusEvents.c 2016-06-01 15:21:42.000000000 +0000 @@ -416,7 +416,7 @@ trans->hdr.type = ARGUS_TRANSPORT_DSR; trans->hdr.subtype = ARGUS_SRCID | ARGUS_SEQ; - trans->hdr.argus_dsrvl8.qual = events->ArgusSrc->type;; + trans->hdr.argus_dsrvl8.qual = events->ArgusSrc->type; trans->hdr.argus_dsrvl8.len = 3; tlen += trans->hdr.argus_dsrvl8.len; diff -Nru argus-3.0.8.1/argus/ArgusIcmp.c argus-3.0.8.2/argus/ArgusIcmp.c --- argus-3.0.8.1/argus/ArgusIcmp.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusIcmp.c 2015-08-06 02:33:18.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusIcmp.c#22 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/argus/ArgusIcmp.c#23 $ + * $DateTime: 2015/08/05 22:33:18 $ + * $Change: 3042 $ */ #ifdef HAVE_CONFIG_H @@ -46,7 +46,7 @@ struct ArgusSystemFlow *retn = NULL; if (STRUCTCAPTURED(model, *icmp)) { - struct ArgusICMPv6Flow *icmpv6Flow = &model->ArgusThisFlow->icmp6_flow; + struct ArgusICMPv6Flow *icmpv6Flow = &model->ArgusThisFlow->icmpv6_flow; icmpv6Flow->type = icmp->icmp6_type; diff -Nru argus-3.0.8.1/argus/ArgusModeler.c argus-3.0.8.2/argus/ArgusModeler.c --- argus-3.0.8.1/argus/ArgusModeler.c 2015-04-17 12:11:20.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusModeler.c 2016-06-01 17:27:04.000000000 +0000 @@ -23,9 +23,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusModeler.c#135 $ - * $DateTime: 2015/04/17 08:10:46 $ - * $Change: 3011 $ + * $Id: //depot/argus/argus/argus/ArgusModeler.c#137 $ + * $DateTime: 2016/04/05 12:00:14 $ + * $Change: 3135 $ */ #ifdef HAVE_CONFIG_H @@ -175,13 +175,13 @@ model->ArgusQueueInterval.tv_usec = 50000; model->ArgusListenInterval.tv_usec = 250000; - model->ArgusIPTimeout = ARGUS_IPTIMEOUT; - model->ArgusTCPTimeout = ARGUS_TCPTIMEOUT; - model->ArgusICMPTimeout = ARGUS_ICMPTIMEOUT; - model->ArgusIGMPTimeout = ARGUS_IGMPTIMEOUT; - model->ArgusFRAGTimeout = ARGUS_FRAGTIMEOUT; - model->ArgusARPTimeout = ARGUS_ARPTIMEOUT; - model->ArgusOtherTimeout = ARGUS_OTHERTIMEOUT; + model->ArgusIPTimeout = (model->ArgusIPTimeout == 0) ? ARGUS_IPTIMEOUT : model->ArgusIPTimeout; + model->ArgusTCPTimeout = (model->ArgusTCPTimeout == 0) ? ARGUS_TCPTIMEOUT : model->ArgusTCPTimeout; + model->ArgusICMPTimeout = (model->ArgusICMPTimeout == 0) ? ARGUS_ICMPTIMEOUT : model->ArgusICMPTimeout; + model->ArgusIGMPTimeout = (model->ArgusIGMPTimeout == 0) ? ARGUS_IGMPTIMEOUT : model->ArgusIGMPTimeout; + model->ArgusFRAGTimeout = (model->ArgusFRAGTimeout == 0) ? ARGUS_FRAGTIMEOUT : model->ArgusFRAGTimeout; + model->ArgusARPTimeout = (model->ArgusARPTimeout == 0) ? ARGUS_ARPTIMEOUT : model->ArgusARPTimeout; + model->ArgusOtherTimeout = (model->ArgusOtherTimeout == 0) ? ARGUS_OTHERTIMEOUT : model->ArgusOtherTimeout; if ((tvp = getArgusFarReportInterval(model)) != NULL) model->ArgusStatusQueue->timeout = tvp->tv_sec; @@ -594,6 +594,7 @@ int ArgusProcessLLCHdr (struct ArgusModelerStruct *, char *, int); int ArgusProcess80211Hdr (struct ArgusModelerStruct *, char *, int); int ArgusProcessUDToEHdr (struct ArgusModelerStruct *, char *, int); +int ArgusProcessErspanIIHdr (struct ArgusModelerStruct *, char *, int); int @@ -602,6 +603,12 @@ int retn = 0; switch (type) { + case ETHERTYPE_ERSPAN_II: + model->ArgusThisNetworkFlowType = ETHERTYPE_ERSPAN_II; + if ((retn = ArgusProcessErspanIIHdr(model, p, length)) < 0) + model->ArgusThisUpHdr = (void *)p; + break; + case ETHERTYPE_TRANS_BRIDGE: case ARGUS_ETHER_HDR: model->ArgusThisNetworkFlowType = ARGUS_ETHER_HDR; @@ -690,8 +697,12 @@ struct ip *ip = (struct ip *) p; if (STRUCTCAPTURED(model,*ip)) { - if (((ntohs(ip->ip_len)) >= 20) && ((ip->ip_v == 4) || (ip->ip_v == 6))) { - model->ArgusThisNetworkFlowType = type; + if ((ntohs(ip->ip_len)) >= 20) { + if (ip->ip_v == 4) + model->ArgusThisNetworkFlowType = ETHERTYPE_IP; + else if (ip->ip_v == 6) + model->ArgusThisNetworkFlowType = ETHERTYPE_IPV6; + model->ArgusThisIpHdr = (void *)ip; switch (ip->ip_p) { case IPPROTO_TTP: { /* Preparation for Juniper TTP */ @@ -912,6 +923,8 @@ #define GRE_VERS_MASK 0x0007 /* protocol version */ +#define GRESRE_IP 0x0800 /* IP */ +#define GRESRE_ASN 0xfffe /* ASN */ #define GRE_CP 0x8000 /* checksum present */ #define GRE_RP 0x4000 /* routing present */ #define GRE_KP 0x2000 /* key present */ @@ -1310,6 +1323,10 @@ case PPP_MP: break; } + + model->ArgusThisUpHdr += hdr_len; + model->ArgusThisLength -= hdr_len; + model->ArgusSnapLength -= hdr_len; } #ifdef ARGUSDEBUG @@ -1443,6 +1460,28 @@ } +int ArgusProcessErspanIIHdr(struct ArgusModelerStruct *model, char *p, int length) +{ + int retn = 0; + struct erspan_ii_header *erspan; + + if ((erspan = (struct erspan_ii_header *) p) != NULL) { + if (length <= sizeof (struct erspan_ii_header)) + return retn; + + if ( ERSPAN_VER(erspan) != 0x1) + return retn; + + model->ArgusThisEncaps |= ARGUS_ENCAPS_ERSPAN_II; + model->ArgusThisUpHdr = (unsigned char *)p + sizeof(struct erspan_ii_header); + model->ArgusThisLength -= sizeof(struct erspan_ii_header); + model->ArgusSnapLength -= sizeof(struct erspan_ii_header); + retn = ARGUS_ETHER_HDR; + } + return retn; +} + + int ArgusProcessLcpPacket (struct ArgusSourceStruct *, struct lcp_hdr *, int, struct timeval *); int diff -Nru argus-3.0.8.1/argus/ArgusModeler.h argus-3.0.8.2/argus/ArgusModeler.h --- argus-3.0.8.1/argus/ArgusModeler.h 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusModeler.h 2016-06-01 16:53:36.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusModeler.h#59 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/argus/ArgusModeler.h#60 $ + * $DateTime: 2015/06/29 16:17:25 $ + * $Change: 3027 $ */ @@ -387,6 +387,14 @@ struct ArgusCanonRecord canon; }; +struct erspan_ii_header { + u_int16_t ver_vlan; + u_int16_t cos_ent_session; + u_int32_t resvert_index; +}; + +#define ERSPAN_VER(x) ( ntohs(((struct erspan_ii_header *) x)->ver_vlan) >> 12 ) + #if defined(ArgusModeler) @@ -478,7 +486,7 @@ extern struct udt_control_handshake *ArgusThisUdtHshake; -extern int ArgusParseUDTHeader (struct ArgusModelerStruct *, struct udt_header *); +extern int ArgusParseUDTHeader (struct ArgusModelerStruct *, struct udt_header *, unsigned int *); int getArgusdflag(struct ArgusModelerStruct *); void setArgusdflag(struct ArgusModelerStruct *, int); @@ -660,7 +668,7 @@ extern struct timeval *getArgusListenInterval(void); extern struct udt_control_handshake *ArgusThisUdtHshake; -extern int ArgusParseUDTHeader (struct ArgusModelerStruct *, struct udt_header *); +extern int ArgusParseUDTHeader (struct ArgusModelerStruct *, struct udt_header *, unsigned int *); extern int getArgusGenerateTime(struct ArgusModelerStruct *); extern void setArgusGenerateTime(struct ArgusModelerStruct *, int); diff -Nru argus-3.0.8.1/argus/ArgusNetflow.c argus-3.0.8.2/argus/ArgusNetflow.c --- argus-3.0.8.1/argus/ArgusNetflow.c 2015-04-14 18:06:04.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusNetflow.c 2016-06-01 15:42:48.000000000 +0000 @@ -1266,9 +1266,10 @@ break; } case k_CiscoV9IpV6IcmpType: { - flow->canon.icmp.icmp_type = value.val8[0]; - flow->dsrindex |= 1 << ARGUS_ICMP_INDEX; - flow->dsrs[ARGUS_ICMP_INDEX] = &flow->canon.icmp.hdr; + struct ArgusICMPv6Flow *icmpv6Flow = &flow->canon.flow.icmpv6_flow; + icmpv6Flow->type = value.val8[0]; + flow->dsrindex |= 1 << ARGUS_FLOW_INDEX; + flow->dsrs[ARGUS_FLOW_INDEX] = &flow->canon.flow.hdr; break; } case k_CiscoV9IpV6MulIgmpType: { @@ -1473,14 +1474,14 @@ break; } case k_CiscoV9IcmpTypeV6: { - struct ArgusICMPv6Flow *icmpv6Flow = &flow->canon.flow.icmp6_flow; + struct ArgusICMPv6Flow *icmpv6Flow = &flow->canon.flow.icmpv6_flow; icmpv6Flow->type = value.val8[0]; flow->dsrindex |= 1 << ARGUS_FLOW_INDEX; flow->dsrs[ARGUS_FLOW_INDEX] = &flow->canon.flow.hdr; break; } case k_CiscoV9IcmpCodeV6: { - struct ArgusICMPv6Flow *icmpv6Flow = &flow->canon.flow.icmp6_flow; + struct ArgusICMPv6Flow *icmpv6Flow = &flow->canon.flow.icmpv6_flow; icmpv6Flow->code = value.val8[0]; flow->dsrindex |= 1 << ARGUS_FLOW_INDEX; flow->dsrs[ARGUS_FLOW_INDEX] = &flow->canon.flow.hdr; diff -Nru argus-3.0.8.1/argus/ArgusOutput.c argus-3.0.8.2/argus/ArgusOutput.c --- argus-3.0.8.1/argus/ArgusOutput.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusOutput.c 2016-06-01 15:50:43.000000000 +0000 @@ -520,6 +520,12 @@ sigfillset(&blocked_signals); pthread_sigmask(SIG_BLOCK, &blocked_signals, NULL); +#if defined(HAVE_SOLARIS) + sigignore(SIGPIPE); +#else + (void) signal (SIGPIPE, SIG_IGN); +#endif + while ((list = output->ArgusInputList) == NULL) { struct timespec tsbuf = {0, 10000000}, *ts = &tsbuf; #ifdef ARGUSDEBUG @@ -870,7 +876,7 @@ char *baddr = NULL; int s = -1; - if (port) { + if (port > 0) { if (output->ArgusListens > 0) { int i = output->ArgusListens; for (i = 0; i < output->ArgusListens; i++) { diff -Nru argus-3.0.8.1/argus/ArgusSource.c argus-3.0.8.2/argus/ArgusSource.c --- argus-3.0.8.1/argus/ArgusSource.c 2015-04-15 11:56:23.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusSource.c 2016-04-05 16:00:14.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusSource.c#132 $ - * $DateTime: 2015/04/15 07:55:45 $ - * $Change: 3008 $ + * $Id: //depot/argus/argus/argus/ArgusSource.c#134 $ + * $DateTime: 2016/04/05 12:00:14 $ + * $Change: 3135 $ */ /* @@ -307,7 +307,9 @@ case PCAP_ERROR_ACTIVATED: case PCAP_ERROR_NO_SUCH_DEVICE: case PCAP_ERROR_PERM_DENIED: +#if defined(PCAP_ERROR_PROMISC_PERM_DENIED) case PCAP_ERROR_PROMISC_PERM_DENIED: +#endif case PCAP_ERROR: { ArgusLog (LOG_WARNING, "ArgusOpenInterface %s: %s\n", device->name, pcap_geterr(inf->ArgusPd)); pcap_close(inf->ArgusPd); @@ -318,7 +320,9 @@ case PCAP_ERROR_IFACE_NOT_UP: case PCAP_WARNING_PROMISC_NOTSUP: +#if defined(PCAP_WARNING_TSTAMP_TYPE_NOTSUP) case PCAP_WARNING_TSTAMP_TYPE_NOTSUP: +#endif case PCAP_WARNING: default: retn = 1; @@ -3735,7 +3739,9 @@ src->type = stask->type; } src->type = device->type; + ArgusPushBackList(src->ArgusDeviceList, (struct ArgusListRecord *) device, ARGUS_LOCK); + if (ArgusInitSource (src) > 0) { stask->srcs[ArgusThreads] = src; diff -Nru argus-3.0.8.1/argus/ArgusTcp.c argus-3.0.8.2/argus/ArgusTcp.c --- argus-3.0.8.1/argus/ArgusTcp.c 2015-04-14 22:22:14.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusTcp.c 2016-06-01 16:06:32.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusTcp.c#50 $ - * $DateTime: 2015/04/14 18:22:14 $ - * $Change: 3006 $ + * $Id: //depot/argus/argus/argus/ArgusTcp.c#51 $ + * $DateTime: 2015/07/02 10:42:46 $ + * $Change: 3030 $ */ #ifdef HAVE_CONFIG_H @@ -274,35 +274,34 @@ } } - ArgusUpdateTCPSequence(model, flowstr, tcp); - - switch (ArgusUpdateTCPStateMachine(model, flowstr, tcp)) { - case TCPS_LISTEN: - if (flags == TH_SYN) { - ArgusThisTCPsrc->bytes -= model->ArgusThisLength; - model->ArgusThisUpHdr -= tcphlen; - model->ArgusThisLength = tcplen; - model->ArgusSnapLength += tcphlen; - - ArgusRemoveFromQueue (flowstr->qhdr.queue, &flowstr->qhdr, ARGUS_LOCK); - ArgusSendFlowRecord (model, flowstr, ARGUS_STOP); - ArgusInitializeTCP (model, flowstr); - ArgusPushQueue(model->ArgusStatusQueue, &flowstr->qhdr, ARGUS_LOCK); - return; - } - break; + if (ArgusUpdateTCPSequence(model, flowstr, tcp)) { + switch (ArgusUpdateTCPStateMachine(model, flowstr, tcp)) { + case TCPS_LISTEN: + if (flags == TH_SYN) { + ArgusThisTCPsrc->bytes -= model->ArgusThisLength; + model->ArgusThisUpHdr -= tcphlen; + model->ArgusThisLength = tcplen; + model->ArgusSnapLength += tcphlen; + + ArgusRemoveFromQueue (flowstr->qhdr.queue, &flowstr->qhdr, ARGUS_LOCK); + ArgusSendFlowRecord (model, flowstr, ARGUS_STOP); + ArgusInitializeTCP (model, flowstr); + ArgusPushQueue(model->ArgusStatusQueue, &flowstr->qhdr, ARGUS_LOCK); + return; + } + break; - case TCPS_CLOSED: - case TCPS_TIME_WAIT: - if (!(tcpExt->status & ARGUS_RESET)) - tcpExt->status |= ARGUS_NORMAL_CLOSE; - flowstr->timeout = 10; - break; + case TCPS_CLOSED: + case TCPS_TIME_WAIT: + if (!(tcpExt->status & ARGUS_RESET)) + tcpExt->status |= ARGUS_NORMAL_CLOSE; + flowstr->timeout = 10; + break; + } } - - ArgusThisTCPsrc->lasttime.tv_sec = model->ArgusGlobalTime.tv_sec; - ArgusThisTCPsrc->lasttime.tv_usec = model->ArgusGlobalTime.tv_usec; } + ArgusThisTCPsrc->lasttime.tv_sec = model->ArgusGlobalTime.tv_sec; + ArgusThisTCPsrc->lasttime.tv_usec = model->ArgusGlobalTime.tv_usec; } } } @@ -523,7 +522,7 @@ unsigned char flags = tcp->th_flags; int len = model->ArgusThisLength; - int retn = 1, win; + int retn = 1, win, ArgusDuplicatePacket = 0; unsigned int maxseq = 0; unsigned int seq = tcp->th_seq; unsigned int newseq = seq + len; @@ -595,14 +594,15 @@ ArgusThisTCPsrc->seqbase = seq; ArgusThisTCPsrc->seq = newseq; } else { + if (len) { if (model->ArgusTrackDuplicates && (tipid && ((ipid != 0) && (*tipid == ipid)))) { -/* if (model->ArgusThisDir) - tcpExt->sdups++; + ArgusThisTCPsrc->status |= ARGUS_SRC_DUPLICATES; else - tcpExt->ddups++; -*/ + ArgusThisTCPdst->status |= ARGUS_DST_DUPLICATES; + ArgusDuplicatePacket = 1; + } else { if (ArgusThisTCPdst->win != 0) { /* not first packet seen in this direction */ if (tcp->th_seq < ArgusThisTCPdst->ack) { @@ -657,34 +657,37 @@ } - if (tcp->th_ack && (flags & TH_ACK)) { - if (ArgusThisTCPsrc->ack) { - if (ArgusThisTCPdst->seq > ArgusThisTCPsrc->ack) - ArgusThisTCPdst->winbytes = (ArgusThisTCPdst->seq - 1) - ArgusThisTCPsrc->ack; - } + if (!(ArgusDuplicatePacket)) { + if (tcp->th_ack && (flags & TH_ACK)) { + if (ArgusThisTCPsrc->ack) { + if (ArgusThisTCPdst->seq > ArgusThisTCPsrc->ack) + ArgusThisTCPdst->winbytes = (ArgusThisTCPdst->seq - 1) - ArgusThisTCPsrc->ack; + } - if (!(ArgusThisTCPsrc->ack == (tcp->th_ack - 1))) { - if (!(ArgusThisTCPsrc->ack) || (ArgusThisTCPdst->seq == tcp->th_ack)) { - - ArgusThisTCPdst->winbytes = 0; - if (!(ArgusThisTCPsrc->ack == (tcp->th_ack - 1))) - if (ArgusThisTCPdst->seq == tcp->th_ack) - ArgusThisTCPdst->winnum++; + if (!(ArgusThisTCPsrc->ack == (tcp->th_ack - 1))) { + if (!(ArgusThisTCPsrc->ack) || (ArgusThisTCPdst->seq == tcp->th_ack)) { - } else { - if (!(flags & TH_SYN)) - if (ArgusThisTCPsrc->ack) { - win = (tcp->th_ack - 1) - ArgusThisTCPsrc->ack; - win = (ArgusThisTCPdst->winbytes < win) ? ArgusThisTCPdst->winbytes : win; - ArgusThisTCPdst->winbytes -= win; - ArgusThisTCPdst->winnum++; - } - } + ArgusThisTCPdst->winbytes = 0; + if (!(ArgusThisTCPsrc->ack == (tcp->th_ack - 1))) + if (ArgusThisTCPdst->seq == tcp->th_ack) + ArgusThisTCPdst->winnum++; + + } else { + if (!(flags & TH_SYN)) + if (ArgusThisTCPsrc->ack) { + win = (tcp->th_ack - 1) - ArgusThisTCPsrc->ack; + win = (ArgusThisTCPdst->winbytes < win) ? ArgusThisTCPdst->winbytes : win; + ArgusThisTCPdst->winbytes -= win; + ArgusThisTCPdst->winnum++; + } + } - ArgusThisTCPsrc->ack = tcp->th_ack - 1; + ArgusThisTCPsrc->ack = tcp->th_ack - 1; + } } - } + } else + retn = 0; /* ArgusInProtocol = 1; */ @@ -939,30 +942,33 @@ net->hdr.argus_dsrvl8.qual = 0; - tcp->status &= ~ARGUS_RESET; + tcp->status &= ~(ARGUS_RESET | ARGUS_PKTS_RETRANS | ARGUS_WINDOW_SHUT | ARGUS_OUTOFORDER | ARGUS_DUPLICATES); + if (tcp->src.status & ARGUS_RESET) tcp->status |= ARGUS_SRC_RESET; if (tcp->dst.status & ARGUS_RESET) tcp->status |= ARGUS_DST_RESET; - tcp->status &= ~ARGUS_PKTS_RETRANS; if (tcp->src.status & ARGUS_PKTS_RETRANS) tcp->status |= ARGUS_SRC_PKTS_RETRANS; if (tcp->dst.status & ARGUS_PKTS_RETRANS) tcp->status |= ARGUS_DST_PKTS_RETRANS; - tcp->status &= ~ARGUS_WINDOW_SHUT; if (tcp->src.status & ARGUS_WINDOW_SHUT) tcp->status |= ARGUS_SRC_WINDOW_SHUT; if (tcp->dst.status & ARGUS_WINDOW_SHUT) tcp->status |= ARGUS_DST_WINDOW_SHUT; - tcp->status &= ~ARGUS_OUTOFORDER; if (tcp->src.status & ARGUS_OUTOFORDER) tcp->status |= ARGUS_SRC_OUTOFORDER; if (tcp->dst.status & ARGUS_OUTOFORDER) tcp->status |= ARGUS_DST_OUTOFORDER; + if (tcp->src.status & ARGUS_DUPLICATES) + tcp->status |= ARGUS_SRC_DUPLICATES; + if (tcp->dst.status & ARGUS_DUPLICATES) + tcp->status |= ARGUS_DST_DUPLICATES; + switch (net->hdr.subtype) { case ARGUS_TCP_INIT: net->hdr.argus_dsrvl8.len = ((sizeof(struct ArgusTCPInitStatus)+3))/4 + 1; diff -Nru argus-3.0.8.1/argus/ArgusUdt.c argus-3.0.8.2/argus/ArgusUdt.c --- argus-3.0.8.1/argus/ArgusUdt.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusUdt.c 2015-06-29 20:17:25.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusUdt.c#9 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/argus/ArgusUdt.c#10 $ + * $DateTime: 2015/06/29 16:17:25 $ + * $Change: 3027 $ */ #ifdef HAVE_CONFIG_H @@ -176,9 +176,6 @@ hshake->wsize = ntohl(hshake->wsize); hshake->conntype = ntohl(hshake->conntype); hshake->sockid = ntohl(hshake->sockid); - - } else { -// ArgusLog(LOG_ERR, "ArgusUpdateUDToEState: hshake version is %d", ntohl(hshake->version)); } #ifdef ARGUSDEBUG ArgusDebug (4, "ArgusUpdateUDToEState(%p, %d) UDT_CONTROL_HANDSHAKE type %d seqNum %d size %d maxWin %d conn %d sockid 0x%x\n", @@ -285,7 +282,8 @@ case UDTOE_CONTROL_DROPREQ: { struct udt_control_dropreq *drop = (void *)(udtc + 1); if (drop->firstseqnum == 0) - ArgusLog(LOG_ERR, "drop request firstseqnum is 0"); + if (net != NULL) + net->net_union.udt.status |= ARGUS_UDT_FIRSTDROPZERO; #ifdef ARGUSDEBUG ArgusDebug (4, "ArgusUpdateUDToEState(%p, %d) UDT_CONTROL_DROPREQ\n", flowstr, *state); #endif @@ -534,7 +532,8 @@ case UDT_CONTROL_DROPREQ: { struct udt_control_dropreq *drop = (void *)(udtc + 1); if (drop->firstseqnum == 0) - ArgusLog(LOG_ERR, "drop request firstseqnum is 0"); + if (net != NULL) + net->net_union.udt.status |= ARGUS_UDT_FIRSTDROPZERO; #ifdef ARGUSDEBUG ArgusDebug (4, "ArgusUpdateUDTState(%p, %d) UDT_CONTROL_DROPREQ\n", flowstr, *state); #endif @@ -648,10 +647,10 @@ struct udt_control_handshake *ArgusThisUdtHshake = NULL; -int ArgusParseUDToEHeader (struct ArgusModelerStruct *, struct udt_header *); +int ArgusParseUDToEHeader (struct ArgusModelerStruct *, struct udt_header *, unsigned int *); int -ArgusParseUDToEHeader (struct ArgusModelerStruct *model, struct udt_header *udt) +ArgusParseUDToEHeader (struct ArgusModelerStruct *model, struct udt_header *udt, unsigned int *status) { int retn = 0; @@ -667,8 +666,8 @@ if (ntohl(hshake->version) == 4) { ArgusThisUdtHshake = hshake; retn = 1; - } else -// ArgusLog(LOG_ERR, "ArgusParseUDToEHeader: hshake version is %d", ntohl(hshake->version)); + } else + *status |= ARGUS_UDT_BADVERSION; break; } case UDTOE_CONTROL_KEEPALIVE: @@ -676,9 +675,6 @@ break; case UDTOE_CONTROL_ACK: { -/* - struct udt_control_ack *ack = (void *) (udtc + 1); -*/ retn = 1; break; } @@ -695,7 +691,7 @@ case UDTOE_CONTROL_DROPREQ: { struct udt_control_dropreq *drop = (void *)(udtc + 1); if (drop->firstseqnum == 0) - ArgusLog(LOG_ERR, "drop request firstseqnum is 0"); + *status |= ARGUS_UDT_FIRSTDROPZERO; retn = 1; break; } @@ -713,7 +709,7 @@ int -ArgusParseUDTHeader (struct ArgusModelerStruct *model, struct udt_header *udt) +ArgusParseUDTHeader (struct ArgusModelerStruct *model, struct udt_header *udt, unsigned int *status) { int retn = 0; @@ -730,7 +726,7 @@ ArgusThisUdtHshake = hshake; retn = 1; } else -// ArgusLog(LOG_ERR, "ArgusParseUDTHeader: hshake version is %d", ntohl(hshake->version)); + *status |= ARGUS_UDT_BADVERSION; break; } case UDT_CONTROL_KEEPALIVE: @@ -757,7 +753,7 @@ case UDT_CONTROL_DROPREQ: { struct udt_control_dropreq *drop = (void *)(udt + 1); if (drop->firstseqnum == 0) - ArgusLog(LOG_ERR, "drop request firstseqnum is 0"); + *status |= ARGUS_UDT_FIRSTDROPZERO; retn = 1; break; } diff -Nru argus-3.0.8.1/argus/ArgusUtil.c argus-3.0.8.2/argus/ArgusUtil.c --- argus-3.0.8.1/argus/ArgusUtil.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/argus/ArgusUtil.c 2015-08-06 20:48:45.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/argus/ArgusUtil.c#87 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/argus/ArgusUtil.c#88 $ + * $DateTime: 2015/08/06 16:35:55 $ + * $Change: 3044 $ */ /* ArgusUtil.c */ @@ -169,9 +169,9 @@ } case ARGUS_BIND_ADDR_LIST: { - struct ArgusListObjectStruct *lobj = (struct ArgusListObjectStruct *) retn; - if (lobj->obj != NULL) { - free(lobj); + struct ArgusBindAddrStruct *baddr = (struct ArgusBindAddrStruct *) retn; + if (baddr->addr != NULL) { + free(baddr->addr); } ArgusFree(retn); break; diff -Nru argus-3.0.8.1/ChangeLog argus-3.0.8.2/ChangeLog --- argus-3.0.8.1/ChangeLog 2015-04-17 12:14:48.000000000 +0000 +++ argus-3.0.8.2/ChangeLog 2016-06-01 16:26:00.000000000 +0000 @@ -1,3 +1,15 @@ +Mon Mar 21 14:08:52 EDT 2016 +Snap encapsulation header processing fixes + +Wed Jan 13 09:32:04 EST 2016 +ICMPv6 processing fixes + +Thu Oct 1 12:19:11 EDT 2015 +Mods for duplicate processing in TCP + +Mon Jun 29 16:16:11 EDT 2015 +Mods to remove use of ArgusLog(LOG_ERR, ...) in ArgusUdt.c + Fri Apr 17 08:11:43 EDT 2015 Modify outer header parsing to deal with GRE arp packets. diff -Nru argus-3.0.8.1/common/argus_util.c argus-3.0.8.2/common/argus_util.c --- argus-3.0.8.1/common/argus_util.c 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/common/argus_util.c 2015-08-06 02:33:18.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/common/argus_util.c#84 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/common/argus_util.c#85 $ + * $DateTime: 2015/08/05 22:33:18 $ + * $Change: 3042 $ */ #ifdef HAVE_CONFIG_H @@ -948,6 +948,11 @@ flow->ipv6_flow.sport = htons(flow->ipv6_flow.sport); flow->ipv6_flow.dport = htons(flow->ipv6_flow.dport); break; + + case IPPROTO_ICMPV6: + flow->icmpv6_flow.id = htons(flow->icmpv6_flow.id); + break; + case IPPROTO_ESP: flow->esp6_flow.spi = htonl(flow->esp6_flow.spi); break; diff -Nru argus-3.0.8.1/debian/changelog argus-3.0.8.2/debian/changelog --- argus-3.0.8.1/debian/changelog 2016-04-28 14:57:05.000000000 +0000 +++ argus-3.0.8.2/debian/changelog 2016-09-13 11:28:21.000000000 +0000 @@ -1,3 +1,9 @@ +argus (2:3.0.8.2-1) unstable; urgency=low + + * New upstream version + + -- Michael Stone Tue, 13 Sep 2016 07:28:21 -0400 + argus (2:3.0.8.1-2) unstable; urgency=low * Build without sasl for now diff -Nru argus-3.0.8.1/events/argus-extip.pl argus-3.0.8.2/events/argus-extip.pl --- argus-3.0.8.1/events/argus-extip.pl 1970-01-01 00:00:00.000000000 +0000 +++ argus-3.0.8.2/events/argus-extip.pl 2015-12-02 16:43:45.000000000 +0000 @@ -0,0 +1,39 @@ +#!@PERLBIN@ +# +# Argus Software +# Copyright (c) 2006-2015 QoSient, LLC +# All rights reserved. +# +# argus-lsof - Report open inet sockets and provide application names as +# XML oriented argus events. +# +# Carter Bullard +# QoSient, LLC +# + +use POSIX; +use strict; + +my $wget = `which wget`; +my $host = "qosient.com/argus/argusPublicIP.php"; +my $options = "-q -O -"; + +chomp($wget); + +my @args = "$wget $host $options"; +my $data; + +print "\n"; +print " \n"; + +open(SESAME, "@args |"); + +while ($data = ) { + $data =~ s//>\n/gs; + print "$data"; +} +close(SESAME); + +print " \n"; +print "\n"; diff -Nru argus-3.0.8.1/events/Makefile.in argus-3.0.8.2/events/Makefile.in --- argus-3.0.8.1/events/Makefile.in 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/events/Makefile.in 2015-12-02 16:46:39.000000000 +0000 @@ -77,14 +77,18 @@ @rm -f $@ $(CC) $(CFLAGS) -c $< -SRC = argus-lsof.pl argus-snmp.sh argus-vmstat.sh +SRC = argus-extip.pl argus-lsof.pl argus-snmp.sh argus-vmstat.sh -PROG = @INSTALL_BIN@/argus-lsof @INSTALL_BIN@/argus-snmp @INSTALL_BIN@/argus-vmstat +PROG = @INSTALL_BIN@/argus-extip @INSTALL_BIN@/argus-lsof @INSTALL_BIN@/argus-snmp @INSTALL_BIN@/argus-vmstat CLEANFILES = $(PROG) all: $(PROG) +@INSTALL_BIN@/argus-extip: argus-extip.pl + sed 's+@PERLBIN@+$(PERL)+' argus-extip.pl > $@ + chmod +x $@ + @INSTALL_BIN@/argus-lsof: argus-lsof.pl sed 's+@PERLBIN@+$(PERL)+' argus-lsof.pl > $@ chmod +x $@ @@ -98,11 +102,13 @@ install: all force [ -d $(DESTDIR)$(SBINDIR) ] || \ (mkdir -p $(DESTDIR)$(SBINDIR); chmod 755 $(DESTDIR)$(SBINDIR)) + $(INSTALL) $(srcdir)/../bin/argus-extip $(DESTDIR)$(BINDIR)/argus-extip $(INSTALL) $(srcdir)/../bin/argus-lsof $(DESTDIR)$(BINDIR)/argus-lsof $(INSTALL) $(srcdir)/../bin/argus-snmp $(DESTDIR)$(BINDIR)/argus-snmp $(INSTALL) $(srcdir)/../bin/argus-vmstat $(DESTDIR)$(BINDIR)/argus-vmstat uninstall: all force + rm -f $(DESTDIR)$(BINDIR)/argus-extip rm -f $(DESTDIR)$(BINDIR)/argus-lsof rm -f $(DESTDIR)$(BINDIR)/argus-snmp rm -f $(DESTDIR)$(BINDIR)/argus-vmstat diff -Nru argus-3.0.8.1/include/argus_def.h argus-3.0.8.2/include/argus_def.h --- argus-3.0.8.1/include/argus_def.h 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/include/argus_def.h 2015-07-02 13:02:44.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/include/argus_def.h#47 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/include/argus_def.h#49 $ + * $DateTime: 2015/07/02 09:02:44 $ + * $Change: 3029 $ */ /* Argus_def.h */ @@ -1595,6 +1595,10 @@ #define ARGUS_SRC_OUTOFORDER 0x00010000 #define ARGUS_DST_OUTOFORDER 0x00020000 +#define ARGUS_DUPLICATES 0x000C0000 +#define ARGUS_SRC_DUPLICATES 0x00040000 +#define ARGUS_DST_DUPLICATES 0x00080000 + #define ARGUS_TCP_OPTIONS 0xFFF00000 #define ARGUS_TCP_MAXSEG 0x00100000 #define ARGUS_TCP_WSCALE 0x00200000 @@ -1609,6 +1613,10 @@ #define ARGUS_TCP_SRC_ECN 0x40000000 #define ARGUS_TCP_DST_ECN 0x80000000 +#define ARGUS_UDT_OPTIONS 0xFFF00000 +#define ARGUS_UDT_BADVERSION 0x00100000 +#define ARGUS_UDT_FIRSTDROPZERO 0x01000000 + /* ESP State Constatans and Reporting Values */ #define ARGUS_ESP_ROLLOVER 0x1000 #define ARGUS_ESP_SEQFAILURE 0x2000 diff -Nru argus-3.0.8.1/include/argus_encapsulations.h argus-3.0.8.2/include/argus_encapsulations.h --- argus-3.0.8.1/include/argus_encapsulations.h 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/include/argus_encapsulations.h 2016-06-01 17:54:34.000000000 +0000 @@ -41,33 +41,41 @@ char *label, *desc; }; -#define ARGUS_ENCAPS_TYPE 25 +#define ARGUS_ENCAPS_TYPE 28 + #define ARGUS_ENCAPS_MPLS 0x01 #define ARGUS_ENCAPS_ETHER 0x02 #define ARGUS_ENCAPS_8021Q 0x04 #define ARGUS_ENCAPS_LLC 0x08 #define ARGUS_ENCAPS_PPP 0x10 + #define ARGUS_ENCAPS_ISL 0x20 #define ARGUS_ENCAPS_GRE 0x40 #define ARGUS_ENCAPS_AH 0x80 #define ARGUS_ENCAPS_IP 0x100 #define ARGUS_ENCAPS_IPV6 0x200 + #define ARGUS_ENCAPS_HDLC 0x400 #define ARGUS_ENCAPS_CHDLC 0x800 #define ARGUS_ENCAPS_ATM 0x1000 #define ARGUS_ENCAPS_SLL 0x2000 #define ARGUS_ENCAPS_FDDI 0x4000 + #define ARGUS_ENCAPS_SLIP 0x8000 #define ARGUS_ENCAPS_ARCNET 0x10000 #define ARGUS_ENCAPS_802_11 0x20000 #define ARGUS_ENCAPS_PRISM 0x40000 #define ARGUS_ENCAPS_AVS 0x80000 + #define ARGUS_ENCAPS_IB_LRH 0x100000 #define ARGUS_ENCAPS_IB_GRH 0x200000 #define ARGUS_ENCAPS_TEREDO 0x400000 #define ARGUS_ENCAPS_UDT 0x800000 #define ARGUS_ENCAPS_SPI 0x1000000 + #define ARGUS_ENCAPS_JUNIPER 0x2000000 +#define ARGUS_ENCAPS_ERSPAN_II 0x4000000 + #if defined(ArgusUtil) struct ArgusEncapsulationStruct argus_encapsulations [] = { @@ -96,6 +104,7 @@ { ARGUS_ENCAPS_TEREDO,"teredo", "Teredo IPV6 Tunneling"}, { ARGUS_ENCAPS_SPI, "enc", "IPsec Tunnel"}, { ARGUS_ENCAPS_JUNIPER, "juniper", "Juniper Ethernet"}, + { ARGUS_ENCAPS_ERSPAN_II, "erspan_ii", "Cisco ERSPAN II"}, { 0, (char *) NULL, (char *) NULL }, }; diff -Nru argus-3.0.8.1/include/argus_ethertype.h argus-3.0.8.2/include/argus_ethertype.h --- argus-3.0.8.1/include/argus_ethertype.h 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/include/argus_ethertype.h 2016-06-01 16:37:50.000000000 +0000 @@ -159,6 +159,9 @@ #ifndef ETHERTYPE_PPPOES #define ETHERTYPE_PPPOES 0x8864 #endif +#ifndef ETHERTYPE_ERSPAN_II +#define ETHERTYPE_ERSPAN_II 0x88BE +#endif #ifndef ETHERTYPE_LOOPBACK #define ETHERTYPE_LOOPBACK 0x9000 #endif diff -Nru argus-3.0.8.1/include/argus_out.h argus-3.0.8.2/include/argus_out.h --- argus-3.0.8.1/include/argus_out.h 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/include/argus_out.h 2015-08-06 02:33:18.000000000 +0000 @@ -20,9 +20,9 @@ */ /* - * $Id: //depot/argus/argus/include/argus_out.h#52 $ - * $DateTime: 2015/04/06 10:38:44 $ - * $Change: 2973 $ + * $Id: //depot/argus/argus/include/argus_out.h#53 $ + * $DateTime: 2015/08/05 22:33:18 $ + * $Change: 3042 $ */ @@ -527,7 +527,7 @@ #define ipv6_flow flow_un.ipv6 #define ip_flow flow_un.ip -#define icmp6_flow flow_un.icmpv6 +#define icmpv6_flow flow_un.icmpv6 #define icmp_flow flow_un.icmp #define igmp_flow flow_un.igmp #define igmp6_flow flow_un.igmpv6 diff -Nru argus-3.0.8.1/lib/argus.spec argus-3.0.8.2/lib/argus.spec --- argus-3.0.8.1/lib/argus.spec 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/lib/argus.spec 2016-06-01 16:26:14.000000000 +0000 @@ -1,6 +1,6 @@ %define ver 3.0 %if %{?rel:0}%{!?rel:1} -%define rel 8.1 +%define rel 8.2 %endif %if %{?srcext:0}%{!?srcext:1} %define srcext .gz diff -Nru argus-3.0.8.1/MANIFEST argus-3.0.8.2/MANIFEST --- argus-3.0.8.1/MANIFEST 2015-04-17 12:15:21.000000000 +0000 +++ argus-3.0.8.2/MANIFEST 2016-06-01 18:31:25.000000000 +0000 @@ -19,299 +19,300 @@ * */ -Argus 3.0.8.1 distribution +Argus 3.0.8.2 distribution total 896 --r--r--r-- 1 carter staff 515 Apr 14 10:48 AUTHORS --r--r--r-- 1 carter staff 32477 Apr 14 10:32 COPYING --r--r--r-- 1 carter staff 6720 Apr 14 10:32 CREDITS --r--r--r-- 1 carter staff 8777 Apr 17 08:14 ChangeLog --r--r--r-- 1 carter staff 12570 Apr 14 10:32 INSTALL --rw-r--r-- 1 carter staff 13004 Apr 17 08:15 MANIFEST --r--r--r-- 1 carter staff 5054 Apr 14 10:32 Makefile.in --r--r--r-- 1 carter staff 3480 Apr 14 10:32 README --r--r--r-- 1 carter staff 8 Apr 14 10:32 VERSION --r--r--r-- 1 carter staff 609 Apr 14 10:32 aclocal.m4 --r--r--r-- 1 carter staff 52979 Apr 14 10:32 acsite.m4 -drwxr-xr-x 33 carter staff 1122 Apr 17 08:14 argus -drwxr-xr-x 4 carter staff 136 Apr 17 08:14 bin -drwxr-xr-x 9 carter staff 306 Apr 17 08:14 common -drwxr-xr-x 6 carter staff 204 Apr 14 10:32 config --r-xr-xr-x 1 carter staff 281305 Apr 14 10:45 configure --r--r--r-- 1 carter staff 10959 Apr 14 10:32 configure.ac -drwxr-xr-x 15 carter staff 510 Apr 14 10:52 debian -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 doc -drwxr-xr-x 7 carter staff 238 Apr 17 08:14 events -drwxr-xr-x 34 carter staff 1156 Apr 17 08:14 include -drwxr-xr-x 3 carter staff 102 Apr 17 08:14 lib -drwxr-xr-x 4 carter staff 136 Apr 14 10:32 man -drwxr-xr-x 5 carter staff 170 Apr 14 10:32 pkg -drwxr-xr-x 8 carter staff 272 Apr 14 10:32 support +-r--r--r-- 1 carter staff 515 Apr 14 2015 AUTHORS +-r--r--r-- 1 carter staff 32477 Apr 14 2015 COPYING +-r--r--r-- 1 carter staff 6720 Apr 14 2015 CREDITS +-r--r--r-- 1 carter staff 9060 Jun 1 12:26 ChangeLog +-r--r--r-- 1 carter staff 12570 Apr 14 2015 INSTALL +-r--r--r-- 1 carter staff 13066 Jun 1 14:31 MANIFEST +-r--r--r-- 1 carter staff 5054 Apr 14 2015 Makefile.in +-r--r--r-- 1 carter staff 3480 Apr 14 2015 README +-r--r--r-- 1 carter staff 8 Jun 1 12:26 VERSION +-r--r--r-- 1 carter staff 609 Apr 14 2015 aclocal.m4 +-r--r--r-- 1 carter staff 52979 Apr 14 2015 acsite.m4 +drwxr-xr-x 33 carter staff 1122 Jun 1 14:28 argus +drwxr-xr-x 4 carter staff 136 Jun 1 14:03 bin +drwxr-xr-x 9 carter staff 306 Jun 1 14:28 common +drwxr-xr-x 6 carter staff 204 Apr 14 2015 config +-rwxr-xr-x 1 carter staff 281305 Jun 1 14:29 configure +-r--r--r-- 1 carter staff 10959 Apr 14 2015 configure.ac +drwxr-xr-x 15 carter staff 510 Apr 14 2015 debian +drwxr-xr-x 3 carter staff 102 Apr 14 2015 doc +drwxr-xr-x 8 carter staff 272 Jun 1 14:28 events +drwxr-xr-x 34 carter staff 1156 Jun 1 14:28 include +drwxr-xr-x 3 carter staff 102 Jun 1 14:28 lib +drwxr-xr-x 4 carter staff 136 Apr 14 2015 man +drwxr-xr-x 5 carter staff 170 Apr 14 2015 pkg +drwxr-xr-x 8 carter staff 272 Apr 14 2015 support ./argus: -total 2048 --r--r--r-- 1 carter staff 9801 Apr 14 10:32 Argus802.11.c --r--r--r-- 1 carter staff 21312 Apr 14 10:32 ArgusApp.c --r--r--r-- 1 carter staff 9225 Apr 17 08:11 ArgusArp.c --r--r--r-- 1 carter staff 9373 Apr 14 10:32 ArgusAuth.c --r--r--r-- 1 carter staff 5201 Apr 14 10:32 ArgusEsp.c --r--r--r-- 1 carter staff 14156 Apr 14 10:32 ArgusEvents.c --r--r--r-- 1 carter staff 2762 Apr 14 10:32 ArgusEvents.h --r--r--r-- 1 carter staff 19495 Apr 14 10:32 ArgusFrag.c --r--r--r-- 1 carter staff 14837 Apr 14 10:32 ArgusIcmp.c --r--r--r-- 1 carter staff 4205 Apr 14 10:32 ArgusIgmp.c --r--r--r-- 1 carter staff 31630 Apr 14 10:32 ArgusIsis.c --r--r--r-- 1 carter staff 3288 Apr 14 10:32 ArgusLcp.c --r--r--r-- 1 carter staff 1573 Apr 14 10:32 ArgusMac.c --r--r--r-- 1 carter staff 174063 Apr 17 08:11 ArgusModeler.c --r--r--r-- 1 carter staff 27857 Apr 14 10:32 ArgusModeler.h --r--r--r-- 1 carter staff 85700 Apr 14 14:06 ArgusNetflow.c --r--r--r-- 1 carter staff 2255 Apr 14 10:32 ArgusNetflow.h --r--r--r-- 1 carter staff 67138 Apr 14 10:32 ArgusOutput.c --r--r--r-- 1 carter staff 6081 Apr 14 10:32 ArgusOutput.h --r--r--r-- 1 carter staff 46626 Apr 14 10:32 ArgusSflow.c --r--r--r-- 1 carter staff 1185 Apr 14 10:32 ArgusSflow.h --r--r--r-- 1 carter staff 152221 Apr 15 07:56 ArgusSource.c --r--r--r-- 1 carter staff 34985 Apr 14 10:32 ArgusSource.h --r--r--r-- 1 carter staff 40852 Apr 14 18:22 ArgusTcp.c --r--r--r-- 1 carter staff 2206 Apr 14 10:32 ArgusUdp.c --r--r--r-- 1 carter staff 29541 Apr 14 10:32 ArgusUdt.c --r--r--r-- 1 carter staff 81037 Apr 14 10:32 ArgusUtil.c --r--r--r-- 1 carter staff 12345 Apr 14 10:32 ArgusUtil.h --r--r--r-- 1 carter staff 3837 Apr 14 10:32 Makefile.in --r--r--r-- 1 carter staff 65906 Apr 14 10:32 argus.c --r--r--r-- 1 carter staff 3950 Apr 14 10:32 argus.h +total 2056 +-r--r--r-- 1 carter staff 9801 Apr 14 2015 Argus802.11.c +-r--r--r-- 1 carter staff 21537 Jun 29 2015 ArgusApp.c +-r--r--r-- 1 carter staff 9225 Apr 17 2015 ArgusArp.c +-r--r--r-- 1 carter staff 9373 Apr 14 2015 ArgusAuth.c +-r--r--r-- 1 carter staff 5201 Apr 14 2015 ArgusEsp.c +-rw-r--r-- 1 carter staff 14155 Jun 1 11:21 ArgusEvents.c +-r--r--r-- 1 carter staff 2762 Apr 14 2015 ArgusEvents.h +-r--r--r-- 1 carter staff 19495 Apr 14 2015 ArgusFrag.c +-r--r--r-- 1 carter staff 14838 Aug 5 2015 ArgusIcmp.c +-r--r--r-- 1 carter staff 4205 Apr 14 2015 ArgusIgmp.c +-r--r--r-- 1 carter staff 31630 Apr 14 2015 ArgusIsis.c +-r--r--r-- 1 carter staff 3288 Apr 14 2015 ArgusLcp.c +-r--r--r-- 1 carter staff 1573 Apr 14 2015 ArgusMac.c +-rw-r--r-- 1 carter staff 175781 Jun 1 13:27 ArgusModeler.c +-r--r--r-- 1 carter staff 28091 Jun 1 12:53 ArgusModeler.h +-rw-r--r-- 1 carter staff 85787 Jun 1 11:42 ArgusNetflow.c +-r--r--r-- 1 carter staff 2255 Apr 14 2015 ArgusNetflow.h +-rw-r--r-- 1 carter staff 67242 Jun 1 11:50 ArgusOutput.c +-r--r--r-- 1 carter staff 6081 Apr 14 2015 ArgusOutput.h +-r--r--r-- 1 carter staff 46626 Apr 14 2015 ArgusSflow.c +-r--r--r-- 1 carter staff 1185 Apr 14 2015 ArgusSflow.h +-r--r--r-- 1 carter staff 152326 Apr 5 12:00 ArgusSource.c +-r--r--r-- 1 carter staff 34985 Apr 14 2015 ArgusSource.h +-rw-r--r-- 1 carter staff 41321 Jun 1 12:06 ArgusTcp.c +-r--r--r-- 1 carter staff 2206 Apr 14 2015 ArgusUdp.c +-r--r--r-- 1 carter staff 29329 Jun 29 2015 ArgusUdt.c +-r--r--r-- 1 carter staff 81043 Aug 6 2015 ArgusUtil.c +-r--r--r-- 1 carter staff 12345 Apr 14 2015 ArgusUtil.h +-r--r--r-- 1 carter staff 3837 Apr 14 2015 Makefile.in +-r--r--r-- 1 carter staff 65847 Jul 2 2015 argus.c +-r--r--r-- 1 carter staff 3950 Apr 14 2015 argus.h ./bin: total 32 --r-xr-xr-x 1 carter staff 10073 Apr 14 10:32 argusbug --r-xr-xr-x 1 carter staff 2395 Apr 14 10:32 mkdep +-r-xr-xr-x 1 carter staff 10073 Apr 14 2015 argusbug +-r-xr-xr-x 1 carter staff 2395 Apr 14 2015 mkdep ./common: total 784 --r--r--r-- 1 carter staff 3659 Apr 14 10:32 Makefile.in --r--r--r-- 1 carter staff 14197 Apr 14 10:32 argus_auth.c --r--r--r-- 1 carter staff 147274 Apr 14 18:22 argus_code.c --r--r--r-- 1 carter staff 87217 Apr 14 10:32 argus_filter.c --r--r--r-- 1 carter staff 114412 Apr 14 10:32 argus_util.c --r-xr-xr-x 1 carter staff 14718 Apr 14 10:32 grammar.y --r-xr-xr-x 1 carter staff 11783 Apr 14 10:32 scanner.l +-r--r--r-- 1 carter staff 3659 Apr 14 2015 Makefile.in +-r--r--r-- 1 carter staff 14197 Apr 14 2015 argus_auth.c +-r--r--r-- 1 carter staff 147274 Apr 14 2015 argus_code.c +-r--r--r-- 1 carter staff 87217 Apr 14 2015 argus_filter.c +-r--r--r-- 1 carter staff 114617 Aug 5 2015 argus_util.c +-r-xr-xr-x 1 carter staff 14718 Apr 14 2015 grammar.y +-r-xr-xr-x 1 carter staff 11783 Apr 14 2015 scanner.l ./config: total 184 --r-xr-xr-x 1 carter staff 42856 Apr 14 10:32 config.guess --r-xr-xr-x 1 carter staff 35740 Apr 14 10:32 config.sub --r-xr-xr-x 1 carter staff 5585 Apr 14 10:32 install-sh --r-xr-xr-x 1 carter staff 616 Apr 14 10:32 mkinstalldirs +-r-xr-xr-x 1 carter staff 42856 Apr 14 2015 config.guess +-r-xr-xr-x 1 carter staff 35740 Apr 14 2015 config.sub +-r-xr-xr-x 1 carter staff 5585 Apr 14 2015 install-sh +-r-xr-xr-x 1 carter staff 616 Apr 14 2015 mkinstalldirs ./debian: total 96 --rwxr-xr-x 1 carter staff 1058 Apr 14 10:32 argus.postinst --rwxr-xr-x 1 carter staff 181 Apr 14 10:32 argus.postrm --rwxr-xr-x 1 carter staff 719 Apr 14 10:32 argus.preinst --rwxr-xr-x 1 carter staff 151 Apr 14 10:32 argus.prerm --rw-r--r-- 1 carter staff 153 Apr 14 10:32 changelog --rw-r--r-- 1 carter staff 2 Apr 14 10:32 compat --rw-r--r-- 1 carter staff 611 Apr 14 10:32 control --rw-r--r-- 1 carter staff 1812 Apr 14 10:40 copyright --rw-r--r-- 1 carter staff 7 Apr 14 10:32 docs --rw-r--r-- 1 carter staff 180 Apr 14 10:32 install --rw-r--r-- 1 carter staff 64 Apr 14 10:52 manpages --rwxr-xr-x 1 carter staff 538 Apr 14 10:32 rules -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 source +-rwxr-xr-x 1 carter staff 1058 Apr 14 2015 argus.postinst +-rwxr-xr-x 1 carter staff 181 Apr 14 2015 argus.postrm +-rwxr-xr-x 1 carter staff 719 Apr 14 2015 argus.preinst +-rwxr-xr-x 1 carter staff 151 Apr 14 2015 argus.prerm +-rw-r--r-- 1 carter staff 153 Apr 14 2015 changelog +-rw-r--r-- 1 carter staff 2 Apr 14 2015 compat +-rw-r--r-- 1 carter staff 611 Apr 14 2015 control +-rw-r--r-- 1 carter staff 1812 Apr 14 2015 copyright +-rw-r--r-- 1 carter staff 7 Apr 14 2015 docs +-rw-r--r-- 1 carter staff 180 Apr 14 2015 install +-rw-r--r-- 1 carter staff 64 Apr 14 2015 manpages +-rwxr-xr-x 1 carter staff 538 Apr 14 2015 rules +drwxr-xr-x 3 carter staff 102 Apr 14 2015 source ./debian/source: total 8 --rw-r--r-- 1 carter staff 12 Apr 14 10:32 format +-rw-r--r-- 1 carter staff 12 Apr 14 2015 format ./doc: total 8 --r--r--r-- 1 carter staff 1333 Apr 14 10:32 README +-r--r--r-- 1 carter staff 1333 Apr 14 2015 README ./events: -total 40 --r--r--r-- 1 carter staff 3113 Apr 14 10:32 Makefile.in --r--r--r-- 1 carter staff 3217 Apr 14 10:32 README --r-xr-xr-x 1 carter staff 596 Apr 14 10:32 argus-lsof.pl --r-xr-xr-x 1 carter staff 1599 Apr 14 10:32 argus-snmp.sh --r-xr-xr-x 1 carter staff 842 Apr 14 10:32 argus-vmstat.sh +total 48 +-r--r--r-- 1 carter staff 3371 Dec 2 2015 Makefile.in +-r--r--r-- 1 carter staff 3217 Apr 14 2015 README +-r-xr-xr-x 1 carter staff 735 Dec 2 2015 argus-extip.pl +-r-xr-xr-x 1 carter staff 596 Apr 14 2015 argus-lsof.pl +-r-xr-xr-x 1 carter staff 1599 Apr 14 2015 argus-snmp.sh +-r-xr-xr-x 1 carter staff 842 Apr 14 2015 argus-vmstat.sh ./include: total 832 --r--r--r-- 1 carter staff 17917 Apr 14 10:32 CflowdFlowPdu.h -drwxr-xr-x 16 carter staff 544 Apr 14 10:32 argus --r--r--r-- 1 carter staff 3974 Apr 14 10:32 argus-namedb.h --r--r--r-- 1 carter staff 12168 Apr 14 10:32 argus_client.h --r--r--r-- 1 carter staff 6414 Apr 14 10:32 argus_compat.h --r--r--r-- 1 carter staff 16500 Apr 14 10:32 argus_config.h.in --r--r--r-- 1 carter staff 2326 Apr 14 10:32 argus_dag.h --r--r--r-- 1 carter staff 2166 Apr 14 10:32 argus_debug.h --r--r--r-- 1 carter staff 98944 Apr 14 10:32 argus_def.h --r--r--r-- 1 carter staff 120 Apr 14 10:32 argus_def_v2.h --r--r--r-- 1 carter staff 2987 Apr 14 10:32 argus_dscodepoints.h --r--r--r-- 1 carter staff 3726 Apr 14 10:32 argus_encapsulations.h --r--r--r-- 1 carter staff 11827 Apr 14 10:32 argus_ethernames.h --r--r--r-- 1 carter staff 4386 Apr 14 10:32 argus_ethertype.h --r--r--r-- 1 carter staff 8927 Apr 14 10:32 argus_filter.h --r--r--r-- 1 carter staff 1039 Apr 14 10:32 argus_gmpls.h --r--r--r-- 1 carter staff 1878 Apr 14 10:32 argus_gre.h --r--r--r-- 1 carter staff 2704 Apr 14 10:32 argus_int.h --r--r--r-- 1 carter staff 18623 Apr 14 10:32 argus_isis.h --r--r--r-- 1 carter staff 4248 Apr 14 10:32 argus_llc.h --r--r--r-- 1 carter staff 4010 Apr 14 10:32 argus_namedb.h --r--r--r-- 1 carter staff 4559 Apr 14 10:32 argus_os.h --r--r--r-- 1 carter staff 29477 Apr 14 10:32 argus_out.h --r--r--r-- 1 carter staff 52784 Apr 14 10:32 argus_parse.h --r--r--r-- 1 carter staff 4615 Apr 14 10:32 argus_parser.h --r--r--r-- 1 carter staff 3237 Apr 14 10:32 argus_udt.h --r--r--r-- 1 carter staff 5174 Apr 14 10:32 argus_util.h --r--r--r-- 1 carter staff 43120 Apr 14 10:32 argus_v3_def.h -drwxr-xr-x 7 carter staff 238 Apr 14 10:32 cygwin-include -drwxr-xr-x 8 carter staff 272 Apr 14 10:32 net -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 netbsd-include -drwxr-xr-x 4 carter staff 136 Apr 14 10:32 netinet +-r--r--r-- 1 carter staff 17917 Apr 14 2015 CflowdFlowPdu.h +drwxr-xr-x 16 carter staff 544 Apr 14 2015 argus +-r--r--r-- 1 carter staff 3974 Apr 14 2015 argus-namedb.h +-r--r--r-- 1 carter staff 12168 Apr 14 2015 argus_client.h +-r--r--r-- 1 carter staff 6414 Apr 14 2015 argus_compat.h +-r--r--r-- 1 carter staff 16500 Apr 14 2015 argus_config.h.in +-r--r--r-- 1 carter staff 2326 Apr 14 2015 argus_dag.h +-r--r--r-- 1 carter staff 2166 Apr 14 2015 argus_debug.h +-r--r--r-- 1 carter staff 99194 Jul 2 2015 argus_def.h +-r--r--r-- 1 carter staff 120 Apr 14 2015 argus_def_v2.h +-r--r--r-- 1 carter staff 2987 Apr 14 2015 argus_dscodepoints.h +-r--r--r-- 1 carter staff 3837 Jun 1 13:54 argus_encapsulations.h +-r--r--r-- 1 carter staff 11827 Apr 14 2015 argus_ethernames.h +-r--r--r-- 1 carter staff 4457 Jun 1 12:37 argus_ethertype.h +-r--r--r-- 1 carter staff 8927 Apr 14 2015 argus_filter.h +-r--r--r-- 1 carter staff 1039 Apr 14 2015 argus_gmpls.h +-r--r--r-- 1 carter staff 1878 Apr 14 2015 argus_gre.h +-r--r--r-- 1 carter staff 2704 Apr 14 2015 argus_int.h +-r--r--r-- 1 carter staff 18623 Apr 14 2015 argus_isis.h +-r--r--r-- 1 carter staff 4248 Apr 14 2015 argus_llc.h +-r--r--r-- 1 carter staff 4010 Apr 14 2015 argus_namedb.h +-r--r--r-- 1 carter staff 4559 Apr 14 2015 argus_os.h +-r--r--r-- 1 carter staff 29477 Aug 5 2015 argus_out.h +-r--r--r-- 1 carter staff 52784 Apr 14 2015 argus_parse.h +-r--r--r-- 1 carter staff 4615 Apr 14 2015 argus_parser.h +-r--r--r-- 1 carter staff 3237 Apr 14 2015 argus_udt.h +-r--r--r-- 1 carter staff 5174 Apr 14 2015 argus_util.h +-r--r--r-- 1 carter staff 43120 Apr 14 2015 argus_v3_def.h +drwxr-xr-x 7 carter staff 238 Apr 14 2015 cygwin-include +drwxr-xr-x 8 carter staff 272 Apr 14 2015 net +drwxr-xr-x 3 carter staff 102 Apr 14 2015 netbsd-include +drwxr-xr-x 4 carter staff 136 Apr 14 2015 netinet ./include/argus: total 248 --r--r--r-- 1 carter staff 23545 Apr 14 10:32 CflowdFlowPdu.h --r--r--r-- 1 carter staff 3786 Apr 14 10:32 bootp.h --r--r--r-- 1 carter staff 3262 Apr 14 10:32 cflowd.h --r--r--r-- 1 carter staff 4553 Apr 14 10:32 cons_def.h --r--r--r-- 1 carter staff 4368 Apr 14 10:32 cons_out.h --r--r--r-- 1 carter staff 8596 Apr 14 10:32 extract.h --r--r--r-- 1 carter staff 3781 Apr 14 10:32 fddi.h --r--r--r-- 1 carter staff 9916 Apr 14 10:32 gencode.h --r--r--r-- 1 carter staff 956 Apr 14 10:32 global.h --r--r--r-- 1 carter staff 18685 Apr 14 10:32 ieee802_11.h --r--r--r-- 1 carter staff 1470 Apr 14 10:32 md5.h --r--r--r-- 1 carter staff 2424 Apr 14 10:32 ppp.h --r--r--r-- 1 carter staff 4827 Apr 14 10:32 saslint.h --r--r--r-- 1 carter staff 5667 Apr 14 10:32 sll.h +-r--r--r-- 1 carter staff 23545 Apr 14 2015 CflowdFlowPdu.h +-r--r--r-- 1 carter staff 3786 Apr 14 2015 bootp.h +-r--r--r-- 1 carter staff 3262 Apr 14 2015 cflowd.h +-r--r--r-- 1 carter staff 4553 Apr 14 2015 cons_def.h +-r--r--r-- 1 carter staff 4368 Apr 14 2015 cons_out.h +-r--r--r-- 1 carter staff 8596 Apr 14 2015 extract.h +-r--r--r-- 1 carter staff 3781 Apr 14 2015 fddi.h +-r--r--r-- 1 carter staff 9916 Apr 14 2015 gencode.h +-r--r--r-- 1 carter staff 956 Apr 14 2015 global.h +-r--r--r-- 1 carter staff 18685 Apr 14 2015 ieee802_11.h +-r--r--r-- 1 carter staff 1470 Apr 14 2015 md5.h +-r--r--r-- 1 carter staff 2424 Apr 14 2015 ppp.h +-r--r--r-- 1 carter staff 4827 Apr 14 2015 saslint.h +-r--r--r-- 1 carter staff 5667 Apr 14 2015 sll.h ./include/cygwin-include: total 0 -drwxr-xr-x 4 carter staff 136 Apr 14 10:32 linux -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 net -drwxr-xr-x 11 carter staff 374 Apr 14 10:32 netinet -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 protocols -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 sys +drwxr-xr-x 4 carter staff 136 Apr 14 2015 linux +drwxr-xr-x 3 carter staff 102 Apr 14 2015 net +drwxr-xr-x 11 carter staff 374 Apr 14 2015 netinet +drwxr-xr-x 3 carter staff 102 Apr 14 2015 protocols +drwxr-xr-x 3 carter staff 102 Apr 14 2015 sys ./include/cygwin-include/linux: total 16 --r--r--r-- 1 carter staff 1728 Apr 14 10:32 if_arp.h --r--r--r-- 1 carter staff 3092 Apr 14 10:32 igmp.h +-r--r--r-- 1 carter staff 1728 Apr 14 2015 if_arp.h +-r--r--r-- 1 carter staff 3092 Apr 14 2015 igmp.h ./include/cygwin-include/net: total 8 --r--r--r-- 1 carter staff 1734 Apr 14 10:32 if_arp.h +-r--r--r-- 1 carter staff 1734 Apr 14 2015 if_arp.h ./include/cygwin-include/netinet: total 104 --r--r--r-- 1 carter staff 8866 Apr 14 10:32 icmp6.h --r--r--r-- 1 carter staff 1984 Apr 14 10:32 if_ether.h --r--r--r-- 1 carter staff 3480 Apr 14 10:32 igmp.h --r--r--r-- 1 carter staff 3729 Apr 14 10:32 ip6.h --r--r--r-- 1 carter staff 5013 Apr 14 10:32 ip_icmp.h --r--r--r-- 1 carter staff 3198 Apr 14 10:32 ip_var.h --r--r--r-- 1 carter staff 6380 Apr 14 10:32 tcp_var.h --r--r--r-- 1 carter staff 1033 Apr 14 10:32 tcpip.h --r--r--r-- 1 carter staff 1086 Apr 14 10:32 udp_var.h +-r--r--r-- 1 carter staff 8866 Apr 14 2015 icmp6.h +-r--r--r-- 1 carter staff 1984 Apr 14 2015 if_ether.h +-r--r--r-- 1 carter staff 3480 Apr 14 2015 igmp.h +-r--r--r-- 1 carter staff 3729 Apr 14 2015 ip6.h +-r--r--r-- 1 carter staff 5013 Apr 14 2015 ip_icmp.h +-r--r--r-- 1 carter staff 3198 Apr 14 2015 ip_var.h +-r--r--r-- 1 carter staff 6380 Apr 14 2015 tcp_var.h +-r--r--r-- 1 carter staff 1033 Apr 14 2015 tcpip.h +-r--r--r-- 1 carter staff 1086 Apr 14 2015 udp_var.h ./include/cygwin-include/protocols: total 8 --r--r--r-- 1 carter staff 2340 Apr 14 10:32 routed.h +-r--r--r-- 1 carter staff 2340 Apr 14 2015 routed.h ./include/cygwin-include/sys: total 8 --r--r--r-- 1 carter staff 49 Apr 14 10:32 mbuf.h +-r--r--r-- 1 carter staff 49 Apr 14 2015 mbuf.h ./include/net: total 72 --r--r--r-- 1 carter staff 3222 Apr 14 10:32 arcnet.h --r--r--r-- 1 carter staff 2172 Apr 14 10:32 etherdefs.h --r--r--r-- 1 carter staff 12674 Apr 14 10:32 nff.h --r--r--r-- 1 carter staff 3563 Apr 14 10:32 ppp.h --r--r--r-- 1 carter staff 3873 Apr 14 10:32 slcompress.h --r--r--r-- 1 carter staff 1103 Apr 14 10:32 slip.h +-r--r--r-- 1 carter staff 3222 Apr 14 2015 arcnet.h +-r--r--r-- 1 carter staff 2172 Apr 14 2015 etherdefs.h +-r--r--r-- 1 carter staff 12674 Apr 14 2015 nff.h +-r--r--r-- 1 carter staff 3563 Apr 14 2015 ppp.h +-r--r--r-- 1 carter staff 3873 Apr 14 2015 slcompress.h +-r--r--r-- 1 carter staff 1103 Apr 14 2015 slip.h ./include/netbsd-include: total 0 -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 netinet +drwxr-xr-x 3 carter staff 102 Apr 14 2015 netinet ./include/netbsd-include/netinet: total 8 --r--r--r-- 1 carter staff 1570 Apr 14 10:32 rtp.h +-r--r--r-- 1 carter staff 1570 Apr 14 2015 rtp.h ./include/netinet: total 24 --r--r--r-- 1 carter staff 4892 Apr 14 10:32 rtp.h --r--r--r-- 1 carter staff 2182 Apr 14 10:32 tcp_fsm.h +-r--r--r-- 1 carter staff 4892 Apr 14 2015 rtp.h +-r--r--r-- 1 carter staff 2182 Apr 14 2015 tcp_fsm.h ./lib: total 8 --r--r--r-- 1 carter staff 2000 Apr 14 10:32 argus.spec +-r--r--r-- 1 carter staff 2000 Jun 1 12:26 argus.spec ./man: total 0 -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 man5 -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 man8 +drwxr-xr-x 3 carter staff 102 Apr 14 2015 man5 +drwxr-xr-x 3 carter staff 102 Apr 14 2015 man8 ./man/man5: total 40 --r-xr-xr-x 1 carter staff 19826 Apr 14 10:32 argus.conf.5 +-r-xr-xr-x 1 carter staff 19826 Apr 14 2015 argus.conf.5 ./man/man8: total 24 --r-xr-xr-x 1 carter staff 11249 Apr 14 10:32 argus.8 +-r-xr-xr-x 1 carter staff 11249 Apr 14 2015 argus.8 ./pkg: total 64 --r--r--r-- 1 carter staff 4201 Apr 14 10:32 README --r--r--r-- 1 carter staff 21769 Apr 14 10:32 argus.conf -drwxr-xr-x 4 carter staff 136 Apr 14 10:32 rhel +-r--r--r-- 1 carter staff 4201 Apr 14 2015 README +-r--r--r-- 1 carter staff 21769 Apr 14 2015 argus.conf +drwxr-xr-x 4 carter staff 136 Apr 14 2015 rhel ./pkg/rhel: total 0 -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 init.d -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 sysconfig +drwxr-xr-x 3 carter staff 102 Apr 14 2015 init.d +drwxr-xr-x 3 carter staff 102 Apr 14 2015 sysconfig ./pkg/rhel/init.d: total 8 --r-xr-xr-x 1 carter staff 2796 Apr 14 10:32 argus +-r-xr-xr-x 1 carter staff 2796 Apr 14 2015 argus ./pkg/rhel/sysconfig: total 8 --r--r--r-- 1 carter staff 551 Apr 14 10:32 argus +-r--r--r-- 1 carter staff 551 Apr 14 2015 argus ./support: total 8 -drwxr-xr-x 4 carter staff 136 Apr 14 10:32 Archive -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 Config -drwxr-xr-x 3 carter staff 102 Apr 14 10:32 Deployment --r--r--r-- 1 carter staff 2026 Apr 14 10:32 README -drwxr-xr-x 6 carter staff 204 Apr 14 10:32 Startup -drwxr-xr-x 4 carter staff 136 Apr 14 10:32 System +drwxr-xr-x 4 carter staff 136 Apr 14 2015 Archive +drwxr-xr-x 3 carter staff 102 Apr 14 2015 Config +drwxr-xr-x 3 carter staff 102 Apr 14 2015 Deployment +-r--r--r-- 1 carter staff 2026 Apr 14 2015 README +drwxr-xr-x 6 carter staff 204 Apr 14 2015 Startup +drwxr-xr-x 4 carter staff 136 Apr 14 2015 System ./support/Archive: total 48 --r--r--r-- 1 carter staff 5181 Apr 14 10:32 README.argusarchive --r-xr-xr-x 1 carter staff 14629 Apr 14 10:32 argusarchive +-r--r--r-- 1 carter staff 5181 Apr 14 2015 README.argusarchive +-r-xr-xr-x 1 carter staff 14629 Apr 14 2015 argusarchive ./support/Config: total 48 --r-xr-xr-x 1 carter staff 21756 Apr 14 10:32 argus.conf +-r-xr-xr-x 1 carter staff 21756 Apr 14 2015 argus.conf ./support/Deployment: total 16 --r-xr-xr-x 1 carter staff 7623 Apr 14 10:32 sample +-r-xr-xr-x 1 carter staff 7623 Apr 14 2015 sample ./support/Startup: total 32 --r--r--r-- 1 carter staff 3693 Apr 14 10:32 README --r--r--r-- 1 carter staff 3104 Apr 14 10:32 argus --r--r--r-- 1 carter staff 559 Apr 14 10:32 argus.service --r--r--r-- 1 carter staff 723 Apr 14 10:32 com.qosient.argus.plist +-r--r--r-- 1 carter staff 3693 Apr 14 2015 README +-r--r--r-- 1 carter staff 3104 Apr 14 2015 argus +-r--r--r-- 1 carter staff 559 Apr 14 2015 argus.service +-r--r--r-- 1 carter staff 723 Apr 14 2015 com.qosient.argus.plist ./support/System: total 16 --r-xr-xr-x 1 carter staff 1170 Apr 14 10:32 crontab --r-xr-xr-x 1 carter staff 1094 Apr 14 10:32 magic +-r-xr-xr-x 1 carter staff 1170 Apr 14 2015 crontab +-r-xr-xr-x 1 carter staff 1094 Apr 14 2015 magic diff -Nru argus-3.0.8.1/VERSION argus-3.0.8.2/VERSION --- argus-3.0.8.1/VERSION 2015-04-14 14:32:33.000000000 +0000 +++ argus-3.0.8.2/VERSION 2016-06-01 16:26:31.000000000 +0000 @@ -1 +1 @@ -3.0.8.1 +3.0.8.2