diff --git a/AUTHORS b/AUTHORS index 900fae5..d0e9b26 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,14 +1,14 @@ # -# Argus Software. -# Copyright (c) 2000-2020 QoSient, LLC +# Argus-5.0 Software. +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # $Id: //depot/gargoyle/argus/AUTHORS#5 $ # $DateTime: 2015/04/13 00:39:28 $ # $Change: 2980 $ -Argus and its client software are written, maintained and copyrighted -by Carter Bullard . +Argus and their client software are written, maintained and +copyrighted by Carter Bullard and QoSient, LLC. Many contributions of fixes, bug reports and design have been submitted to the argus developers mailing list over Argus's 30 years. diff --git a/CREDITS b/CREDITS index 17b4d37..d019572 100644 --- a/CREDITS +++ b/CREDITS @@ -1,6 +1,6 @@ /* - * Argus Software - README - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software - README + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * This program is free software, released under the GNU General diff --git a/INSTALL b/INSTALL index 5714ac7..43d69bb 100644 --- a/INSTALL +++ b/INSTALL @@ -1,5 +1,6 @@ /* - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus flow data generation + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/MANIFEST b/MANIFEST index c5fd08b..a0d4d8d 100644 --- a/MANIFEST +++ b/MANIFEST @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus flow data generation. + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -21,233 +21,250 @@ * */ -Argus 3.0.8.3 distribution -total 896 --rw-r--r-- 1 carter staff 498 Aug 23 10:30 AUTHORS --rw-r--r-- 1 carter staff 32477 Aug 23 10:24 COPYING --rw-r--r-- 1 carter staff 6720 Aug 23 10:30 CREDITS --rw-r--r-- 1 carter staff 9140 Aug 23 10:24 ChangeLog --rw-r--r-- 1 carter staff 12570 Aug 23 10:31 INSTALL --rw-r--r-- 1 carter staff 13066 Aug 23 10:31 MANIFEST --rw-r--r-- 1 carter staff 5076 Aug 23 10:31 Makefile.in --rw-r--r-- 1 carter staff 3480 Aug 23 10:31 README --rw-r--r-- 1 carter staff 8 Aug 23 10:24 VERSION --rw-r--r-- 1 carter staff 609 Aug 23 10:24 aclocal.m4 --rw-r--r-- 1 carter staff 52979 Aug 23 10:31 acsite.m4 -drwxr-xr-x 33 carter staff 1056 Aug 23 10:27 argus -drwxr-xr-x 4 carter staff 128 Aug 23 10:24 bin -drwxr-xr-x 9 carter staff 288 Aug 23 10:24 common -drwxr-xr-x 6 carter staff 192 Aug 23 10:24 config --rwxr-xr-x 1 carter staff 281305 Aug 23 10:24 configure --rw-r--r-- 1 carter staff 10959 Aug 23 10:31 configure.ac -drwxr-xr-x 15 carter staff 480 Aug 23 10:24 debian -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 doc -drwxr-xr-x 8 carter staff 256 Aug 23 10:24 events -drwxr-xr-x 34 carter staff 1088 Aug 23 10:30 include -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 lib -drwxr-xr-x 4 carter staff 128 Aug 23 10:24 man -drwxr-xr-x 5 carter staff 160 Aug 23 10:24 pkg -drwxr-xr-x 8 carter staff 256 Aug 23 10:24 support +Argus-5.0.0 distribution +.: +total 536 +-rw-r--r-- 1 carter carter 609 Jan 9 16:09 aclocal.m4 +-rw-rw-r-- 1 carter carter 55958 Jan 29 14:26 acsite.m4 +drwxr-xr-x 2 carter carter 4096 Jan 29 14:30 argus +-rw-rw-r-- 1 carter carter 525 Jan 29 14:26 AUTHORS +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 bin +-rw-rw-r-- 1 carter carter 2148 Jan 29 14:26 ChangeLog +drwxr-xr-x 2 carter carter 4096 Jan 29 14:30 common +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 config +-rwxrwxr-x 1 carter carter 318929 Jan 29 14:26 configure +-rw-rw-r-- 1 carter carter 12042 Jan 29 14:26 configure.ac +-rw-r--r-- 1 carter carter 32477 Jan 9 16:09 COPYING +-rw-rw-r-- 1 carter carter 6805 Jan 29 14:26 CREDITS +drwxr-xr-x 3 carter carter 4096 Jan 9 16:09 debian +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 doc +drwxr-xr-x 2 carter carter 4096 Jan 29 14:30 events +drwxr-xr-x 7 carter carter 4096 Jan 29 14:30 include +-rw-rw-r-- 1 carter carter 13395 Jan 29 14:26 INSTALL +drwxr-xr-x 2 carter carter 4096 Jan 29 14:30 lib +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 licenses +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 logo +-rw-rw-r-- 1 carter carter 5308 Jan 29 14:26 Makefile.in +drwxr-xr-x 4 carter carter 4096 Jan 9 16:09 man +-rw-rw-r-- 1 carter carter 15036 Jan 29 14:32 MANIFEST +drwxr-xr-x 6 carter carter 4096 Jan 29 14:26 pkg +-rw-r--r-- 1 carter carter 2511 Jan 9 16:09 README.rst +drwxr-xr-x 7 carter carter 4096 Jan 29 14:26 support +-rw-rw-r-- 1 carter carter 6 Jan 29 14:29 VERSION ./argus: -total 2056 --rw-r--r-- 1 carter staff 9801 Aug 23 10:26 Argus802.11.c --rw-r--r-- 1 carter staff 21537 Aug 23 10:26 ArgusApp.c --rw-r--r-- 1 carter staff 9295 Aug 23 10:26 ArgusArp.c --rw-r--r-- 1 carter staff 9448 Aug 23 10:26 ArgusAuth.c --rw-r--r-- 1 carter staff 5201 Aug 23 10:26 ArgusEsp.c --rw-r--r-- 1 carter staff 14155 Aug 23 10:26 ArgusEvents.c --rw-r--r-- 1 carter staff 2762 Aug 23 10:24 ArgusEvents.h --rw-r--r-- 1 carter staff 19495 Aug 23 10:26 ArgusFrag.c --rw-r--r-- 1 carter staff 14838 Aug 23 10:26 ArgusIcmp.c --rw-r--r-- 1 carter staff 4205 Aug 23 10:26 ArgusIgmp.c --rw-r--r-- 1 carter staff 31630 Aug 23 10:27 ArgusIsis.c --rw-r--r-- 1 carter staff 3288 Aug 23 10:27 ArgusLcp.c --rw-r--r-- 1 carter staff 1573 Aug 23 10:27 ArgusMac.c --rw-r--r-- 1 carter staff 175523 Aug 23 10:27 ArgusModeler.c --rw-r--r-- 1 carter staff 28091 Aug 23 10:24 ArgusModeler.h --rw-r--r-- 1 carter staff 85787 Aug 23 10:27 ArgusNetflow.c --rw-r--r-- 1 carter staff 2255 Aug 23 10:24 ArgusNetflow.h --rw-r--r-- 1 carter staff 67406 Aug 23 10:27 ArgusOutput.c --rw-r--r-- 1 carter staff 6081 Aug 23 10:24 ArgusOutput.h --rw-r--r-- 1 carter staff 46626 Aug 23 10:27 ArgusSflow.c --rw-r--r-- 1 carter staff 1185 Aug 23 10:24 ArgusSflow.h --rw-r--r-- 1 carter staff 154120 Aug 23 10:27 ArgusSource.c --rw-r--r-- 1 carter staff 35199 Aug 23 10:24 ArgusSource.h --rw-r--r-- 1 carter staff 41239 Aug 23 10:27 ArgusTcp.c --rw-r--r-- 1 carter staff 2206 Aug 23 10:27 ArgusUdp.c --rw-r--r-- 1 carter staff 29329 Aug 23 10:27 ArgusUdt.c --rw-r--r-- 1 carter staff 81043 Aug 23 10:27 ArgusUtil.c --rw-r--r-- 1 carter staff 12345 Aug 23 10:24 ArgusUtil.h --rw-r--r-- 1 carter staff 3853 Aug 23 10:24 Makefile.in --rw-r--r-- 1 carter staff 66102 Aug 23 10:27 argus.c --rw-r--r-- 1 carter staff 3853 Aug 23 10:24 argus.h +total 1160 +-rw-rw-r-- 1 carter carter 9948 Jan 29 14:26 Argus802.11.c +-rw-rw-r-- 1 carter carter 22039 Jan 29 14:26 ArgusApp.c +-rw-rw-r-- 1 carter carter 9491 Jan 29 14:26 ArgusArp.c +-rw-rw-r-- 1 carter carter 9586 Jan 29 14:26 ArgusAuth.c +-rw-rw-r-- 1 carter carter 78235 Jan 29 14:26 argus.c +-rw-rw-r-- 1 carter carter 5339 Jan 29 14:26 ArgusEsp.c +-rw-rw-r-- 1 carter carter 16147 Jan 29 14:26 ArgusEvents.c +-rw-rw-r-- 1 carter carter 2977 Jan 29 14:26 ArgusEvents.h +-rw-rw-r-- 1 carter carter 20945 Jan 29 14:26 ArgusFrag.c +-rw-rw-r-- 1 carter carter 1557 Jan 29 14:26 ArgusGetTimeOfDay.h +-rw-rw-r-- 1 carter carter 4018 Jan 29 14:26 argus.h +-rw-rw-r-- 1 carter carter 15220 Jan 29 14:26 ArgusIcmp.c +-rw-rw-r-- 1 carter carter 3701 Jan 29 14:26 ArgusIfnam.c +-rw-rw-r-- 1 carter carter 1365 Jan 29 14:26 ArgusIfnam.h +-rw-rw-r-- 1 carter carter 4341 Jan 29 14:26 ArgusIgmp.c +-rw-rw-r-- 1 carter carter 30701 Jan 29 14:26 ArgusIsis.c +-rw-rw-r-- 1 carter carter 2683 Jan 29 14:26 ArgusL2TP.c +-rw-rw-r-- 1 carter carter 6461 Jan 29 14:26 ArgusL2TP.h +-rw-rw-r-- 1 carter carter 3424 Jan 29 14:26 ArgusLcp.c +-rw-rw-r-- 1 carter carter 1709 Jan 29 14:26 ArgusMac.c +-rw-rw-r-- 1 carter carter 192720 Jan 29 14:26 ArgusModeler.c +-rw-rw-r-- 1 carter carter 30355 Jan 29 14:26 ArgusModeler.h +-rw-rw-r-- 1 carter carter 86344 Jan 29 14:26 ArgusNetflow.c +-rw-rw-r-- 1 carter carter 2362 Jan 29 14:26 ArgusNetflow.h +-rw-rw-r-- 1 carter carter 76134 Jan 29 14:26 ArgusOutput.c +-rw-rw-r-- 1 carter carter 6827 Jan 29 14:26 ArgusOutput.h +-rw-rw-r-- 1 carter carter 47236 Jan 29 14:26 ArgusSflow.c +-rw-rw-r-- 1 carter carter 1293 Jan 29 14:26 ArgusSflow.h +-rw-rw-r-- 1 carter carter 193888 Jan 29 14:26 ArgusSource.c +-rw-rw-r-- 1 carter carter 36019 Jan 29 14:26 ArgusSource.h +-rw-rw-r-- 1 carter carter 42062 Jan 29 14:26 ArgusTcp.c +-rw-rw-r-- 1 carter carter 2284 Jan 29 14:26 ArgusTimeDiff.h +-rw-rw-r-- 1 carter carter 2335 Jan 29 14:26 ArgusUdp.c +-rw-r--r-- 1 carter carter 29337 Jan 9 16:09 ArgusUdt.c +-rw-rw-r-- 1 carter carter 82456 Jan 29 14:26 ArgusUtil.c +-rw-rw-r-- 1 carter carter 12009 Jan 29 14:26 ArgusUtil.h +-rw-rw-r-- 1 carter carter 2093 Jan 29 14:26 ArgusVxLan.c +-rw-rw-r-- 1 carter carter 1262 Jan 29 14:26 ArgusVxLan.h +-rwxrwxr-x 1 carter carter 4251 Jan 29 14:26 Makefile.in ./bin: -total 32 --rwxr-xr-x 1 carter staff 10073 Aug 23 10:24 argusbug --rwxr-xr-x 1 carter staff 2395 Aug 23 10:24 mkdep +total 16 +-rwxrwxr-x 1 carter carter 10043 Jan 29 14:26 argusbug +-rwxr-xr-x 1 carter carter 2395 Jan 9 16:09 mkdep ./common: -total 736 --rw-r--r-- 1 carter staff 3675 Aug 23 10:24 Makefile.in --rw-r--r-- 1 carter staff 14197 Aug 23 10:24 argus_auth.c --rw-r--r-- 1 carter staff 147274 Aug 23 10:24 argus_code.c --rw-r--r-- 1 carter staff 87227 Aug 23 10:24 argus_filter.c --rw-r--r-- 1 carter staff 86288 Aug 23 10:24 argus_util.c --rwxr-xr-x 1 carter staff 14718 Aug 23 10:24 grammar.y --rwxr-xr-x 1 carter staff 11783 Aug 23 10:24 scanner.l +total 368 +-rw-rw-r-- 1 carter carter 14427 Jan 29 14:26 argus_auth.c +-rw-rw-r-- 1 carter carter 147408 Jan 29 14:26 argus_code.c +-rw-rw-r-- 1 carter carter 87386 Jan 29 14:26 argus_filter.c +-rw-rw-r-- 1 carter carter 87398 Jan 29 14:26 argus_util.c +-rwxrwxr-x 1 carter carter 14858 Jan 29 14:26 grammar.y +-rwxrwxr-x 1 carter carter 4064 Jan 29 14:26 Makefile.in +-rwxrwxr-x 1 carter carter 11831 Jan 29 14:26 scanner.l ./config: -total 184 --rwxr-xr-x 1 carter staff 42856 Aug 23 10:24 config.guess --rwxr-xr-x 1 carter staff 35740 Aug 23 10:24 config.sub --rwxr-xr-x 1 carter staff 5585 Aug 23 10:24 install-sh --rwxr-xr-x 1 carter staff 616 Aug 23 10:24 mkinstalldirs +total 92 +-rwxr-xr-x 1 carter carter 42856 Jan 9 16:09 config.guess +-rwxr-xr-x 1 carter carter 35740 Jan 9 16:09 config.sub +-rwxr-xr-x 1 carter carter 5585 Jan 9 16:09 install-sh +-rwxr-xr-x 1 carter carter 616 Jan 9 16:09 mkinstalldirs ./debian: -total 96 --rwxr-xr-x 1 carter staff 1058 Aug 23 10:24 argus.postinst --rwxr-xr-x 1 carter staff 181 Aug 23 10:24 argus.postrm --rwxr-xr-x 1 carter staff 719 Aug 23 10:24 argus.preinst --rwxr-xr-x 1 carter staff 151 Aug 23 10:24 argus.prerm --rw-r--r-- 1 carter staff 153 Aug 23 10:24 changelog --rw-r--r-- 1 carter staff 2 Aug 23 10:24 compat --rw-r--r-- 1 carter staff 611 Aug 23 10:24 control --rw-r--r-- 1 carter staff 1812 Aug 23 10:24 copyright --rw-r--r-- 1 carter staff 7 Aug 23 10:24 docs --rw-r--r-- 1 carter staff 180 Aug 23 10:24 install --rw-r--r-- 1 carter staff 64 Aug 23 10:24 manpages --rwxr-xr-x 1 carter staff 538 Aug 23 10:24 rules -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 source +total 52 +-rwxr-xr-x 1 carter carter 1058 Jan 9 16:09 argus.postinst +-rwxr-xr-x 1 carter carter 181 Jan 9 16:09 argus.postrm +-rwxr-xr-x 1 carter carter 719 Jan 9 16:09 argus.preinst +-rwxr-xr-x 1 carter carter 151 Jan 9 16:09 argus.prerm +-rw-r--r-- 1 carter carter 153 Jan 9 16:09 changelog +-rw-r--r-- 1 carter carter 2 Jan 9 16:09 compat +-rw-r--r-- 1 carter carter 611 Jan 9 16:09 control +-rw-r--r-- 1 carter carter 1786 Jan 9 16:09 copyright +-rw-r--r-- 1 carter carter 7 Jan 9 16:09 docs +-rw-r--r-- 1 carter carter 180 Jan 9 16:09 install +-rw-r--r-- 1 carter carter 64 Jan 9 16:09 manpages +-rwxr-xr-x 1 carter carter 538 Jan 9 16:09 rules +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 source ./debian/source: -total 8 --rw-r--r-- 1 carter staff 12 Aug 23 10:24 format +total 4 +-rw-r--r-- 1 carter carter 12 Jan 9 16:09 format ./doc: -total 8 --rw-r--r-- 1 carter staff 1333 Aug 23 10:24 README +total 4 +-rw-rw-r-- 1 carter carter 1711 Jan 29 14:26 README ./events: -total 48 --rw-r--r-- 1 carter staff 3387 Aug 23 10:24 Makefile.in --rw-r--r-- 1 carter staff 3217 Aug 23 10:24 README --rwxr-xr-x 1 carter staff 733 Aug 23 10:24 argus-extip.pl --rwxr-xr-x 1 carter staff 596 Aug 23 10:24 argus-lsof.pl --rwxr-xr-x 1 carter staff 1599 Aug 23 10:24 argus-snmp.sh --rwxr-xr-x 1 carter staff 842 Aug 23 10:24 argus-vmstat.sh +total 56 +-rwxrwxr-x 1 carter carter 1456 Jan 29 14:26 argus-airport.sh +-rwxrwxr-x 1 carter carter 1519 Jan 29 14:26 argus-extip.pl +-rwxrwxr-x 1 carter carter 1417 Jan 29 14:26 argus-ipaddr.pl +-rwxrwxr-x 1 carter carter 1447 Jan 29 14:26 argus-ipmitool.pl +-rwxrwxr-x 1 carter carter 1414 Jan 29 14:26 argus-lsof.pl +-rwxrwxr-x 1 carter carter 4150 Jan 29 14:26 argus-netstat.pl +-rwxrwxr-x 1 carter carter 2410 Jan 29 14:26 argus-snmp.sh +-rwxrwxr-x 1 carter carter 1404 Jan 29 14:26 argus-stumble.pl +-rwxrwxr-x 1 carter carter 3181 Jan 29 14:26 argus-stumbler.pl +-rwxrwxr-x 1 carter carter 1653 Jan 29 14:26 argus-vmstat.sh +-rwxrwxr-x 1 carter carter 5115 Jan 29 14:26 Makefile.in +-rw-rw-r-- 1 carter carter 2598 Jan 29 14:26 README ./include: -total 832 --rw-r--r-- 1 carter staff 17917 Aug 23 10:24 CflowdFlowPdu.h -drwxr-xr-x 16 carter staff 512 Aug 23 10:24 argus --rw-r--r-- 1 carter staff 3974 Aug 23 10:28 argus-namedb.h --rw-r--r-- 1 carter staff 12168 Aug 23 10:28 argus_client.h --rw-r--r-- 1 carter staff 6414 Aug 23 10:28 argus_compat.h --rw-r--r-- 1 carter staff 16500 Aug 23 10:24 argus_config.h.in --rw-r--r-- 1 carter staff 2326 Aug 23 10:28 argus_dag.h --rw-r--r-- 1 carter staff 2166 Aug 23 10:28 argus_debug.h --rw-r--r-- 1 carter staff 99194 Aug 23 10:28 argus_def.h --rw-r--r-- 1 carter staff 120 Aug 23 10:24 argus_def_v2.h --rw-r--r-- 1 carter staff 2987 Aug 23 10:28 argus_dscodepoints.h --rw-r--r-- 1 carter staff 3838 Aug 23 10:28 argus_encapsulations.h --rw-r--r-- 1 carter staff 11827 Aug 23 10:28 argus_ethernames.h --rw-r--r-- 1 carter staff 4457 Aug 23 10:24 argus_ethertype.h --rw-r--r-- 1 carter staff 8927 Aug 23 10:28 argus_filter.h --rw-r--r-- 1 carter staff 1039 Aug 23 10:24 argus_gmpls.h --rw-r--r-- 1 carter staff 1878 Aug 23 10:29 argus_gre.h --rw-r--r-- 1 carter staff 2704 Aug 23 10:29 argus_int.h --rw-r--r-- 1 carter staff 18623 Aug 23 10:29 argus_isis.h --rw-r--r-- 1 carter staff 4248 Aug 23 10:24 argus_llc.h --rw-r--r-- 1 carter staff 4010 Aug 23 10:29 argus_namedb.h --rw-r--r-- 1 carter staff 4559 Aug 23 10:29 argus_os.h --rw-r--r-- 1 carter staff 29477 Aug 23 10:29 argus_out.h --rw-r--r-- 1 carter staff 52689 Aug 23 10:29 argus_parse.h --rw-r--r-- 1 carter staff 4615 Aug 23 10:29 argus_parser.h --rw-r--r-- 1 carter staff 3237 Aug 23 10:29 argus_udt.h --rw-r--r-- 1 carter staff 5174 Aug 23 10:29 argus_util.h --rw-r--r-- 1 carter staff 43120 Aug 23 10:29 argus_v3_def.h -drwxr-xr-x 7 carter staff 224 Aug 23 10:24 cygwin-include -drwxr-xr-x 8 carter staff 256 Aug 23 10:24 net -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 netbsd-include -drwxr-xr-x 4 carter staff 128 Aug 23 10:24 netinet +total 456 +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 argus +-rw-rw-r-- 1 carter carter 12304 Jan 29 14:26 argus_client.h +-rw-rw-r-- 1 carter carter 6709 Jan 29 14:26 argus_compat.h +-rw-r--r-- 1 carter carter 17862 Jan 9 18:18 argus_config.h.in +-rw-rw-r-- 1 carter carter 2504 Jan 29 14:26 argus_dag.h +-rw-rw-r-- 1 carter carter 2342 Jan 29 14:26 argus_debug.h +-rw-rw-r-- 1 carter carter 103190 Jan 29 14:26 argus_def.h +-rw-rw-r-- 1 carter carter 1083 Jan 29 14:26 argus_def_v2.h +-rw-rw-r-- 1 carter carter 3162 Jan 29 14:26 argus_dscodepoints.h +-rw-rw-r-- 1 carter carter 4104 Jan 29 14:26 argus_encapsulations.h +-rw-rw-r-- 1 carter carter 12000 Jan 29 14:26 argus_ethernames.h +-rw-r--r-- 1 carter carter 4391 Jan 9 16:09 argus_ethertype.h +-rw-rw-r-- 1 carter carter 8889 Jan 29 14:26 argus_filter.h +-rw-r--r-- 1 carter carter 1042 Jan 9 16:09 argus_gmpls.h +-rw-rw-r-- 1 carter carter 2007 Jan 29 14:26 argus_gre.h +-rw-rw-r-- 1 carter carter 2845 Jan 29 14:26 argus_int.h +-rw-rw-r-- 1 carter carter 18756 Jan 29 14:26 argus_isis.h +-rw-rw-r-- 1 carter carter 5263 Jan 29 14:26 argus_llc.h +-rw-rw-r-- 1 carter carter 4110 Jan 29 14:26 argus-namedb.h +-rw-rw-r-- 1 carter carter 4145 Jan 29 14:26 argus_namedb.h +-rw-rw-r-- 1 carter carter 5986 Jan 29 14:26 argus_os.h +-rw-rw-r-- 1 carter carter 32019 Jan 29 14:26 argus_out.h +-rw-rw-r-- 1 carter carter 52828 Jan 29 14:26 argus_parse.h +-rw-rw-r-- 1 carter carter 4759 Jan 29 14:26 argus_parser.h +-rw-rw-r-- 1 carter carter 3374 Jan 29 14:26 argus_udt.h +-rw-rw-r-- 1 carter carter 5505 Jan 29 14:26 argus_util.h +-rw-rw-r-- 1 carter carter 43456 Jan 29 14:26 argus_v3_def.h +-rw-r--r-- 1 carter carter 17920 Jan 9 16:09 CflowdFlowPdu.h +drwxr-xr-x 7 carter carter 4096 Jan 9 16:09 cygwin-include +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 net +drwxr-xr-x 3 carter carter 4096 Jan 9 16:09 netbsd-include +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 netinet ./include/argus: -total 248 --rw-r--r-- 1 carter staff 23545 Aug 23 10:24 CflowdFlowPdu.h --rw-r--r-- 1 carter staff 3786 Aug 23 10:24 bootp.h --rw-r--r-- 1 carter staff 3262 Aug 23 10:24 cflowd.h --rw-r--r-- 1 carter staff 4553 Aug 23 10:24 cons_def.h --rw-r--r-- 1 carter staff 4368 Aug 23 10:24 cons_out.h --rw-r--r-- 1 carter staff 8596 Aug 23 10:24 extract.h --rw-r--r-- 1 carter staff 3781 Aug 23 10:24 fddi.h --rw-r--r-- 1 carter staff 9916 Aug 23 10:24 gencode.h --rw-r--r-- 1 carter staff 956 Aug 23 10:24 global.h --rw-r--r-- 1 carter staff 18685 Aug 23 10:24 ieee802_11.h --rw-r--r-- 1 carter staff 1470 Aug 23 10:24 md5.h --rw-r--r-- 1 carter staff 2424 Aug 23 10:24 ppp.h --rw-r--r-- 1 carter staff 4827 Aug 23 10:24 saslint.h --rw-r--r-- 1 carter staff 5667 Aug 23 10:24 sll.h +total 124 +-rw-r--r-- 1 carter carter 3789 Jan 9 16:09 bootp.h +-rw-rw-r-- 1 carter carter 23710 Jan 29 14:26 CflowdFlowPdu.h +-rw-r--r-- 1 carter carter 3262 Jan 9 16:09 cflowd.h +-rw-rw-r-- 1 carter carter 4724 Jan 29 14:26 cons_def.h +-rw-rw-r-- 1 carter carter 4505 Jan 29 14:26 cons_out.h +-rw-rw-r-- 1 carter carter 8776 Jan 29 14:26 extract.h +-rw-rw-r-- 1 carter carter 3918 Jan 29 14:26 fddi.h +-rw-rw-r-- 1 carter carter 10088 Jan 29 14:26 gencode.h +-rw-r--r-- 1 carter carter 956 Jan 9 16:09 global.h +-rw-r--r-- 1 carter carter 18690 Jan 9 16:09 ieee802_11.h +-rw-r--r-- 1 carter carter 1470 Jan 9 16:09 md5.h +-rw-r--r-- 1 carter carter 2424 Jan 9 16:09 ppp.h +-rw-r--r-- 1 carter carter 4830 Jan 9 16:09 saslint.h +-rw-r--r-- 1 carter carter 5670 Jan 9 16:09 sll.h ./include/cygwin-include: -total 0 -drwxr-xr-x 4 carter staff 128 Aug 23 10:24 linux -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 net -drwxr-xr-x 11 carter staff 352 Aug 23 10:24 netinet -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 protocols -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 sys +total 20 +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 linux +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 net +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 netinet +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 protocols +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 sys ./include/cygwin-include/linux: -total 16 --rw-r--r-- 1 carter staff 1728 Aug 23 10:24 if_arp.h --rw-r--r-- 1 carter staff 3092 Aug 23 10:24 igmp.h +total 8 +-rw-r--r-- 1 carter carter 1728 Jan 9 16:09 if_arp.h +-rw-r--r-- 1 carter carter 3092 Jan 9 16:09 igmp.h ./include/cygwin-include/net: -total 8 --rw-r--r-- 1 carter staff 1734 Aug 23 10:24 if_arp.h +total 4 +-rw-r--r-- 1 carter carter 1734 Jan 9 16:09 if_arp.h ./include/cygwin-include/netinet: -total 104 --rw-r--r-- 1 carter staff 8866 Aug 23 10:24 icmp6.h --rw-r--r-- 1 carter staff 1984 Aug 23 10:24 if_ether.h --rw-r--r-- 1 carter staff 3480 Aug 23 10:24 igmp.h --rw-r--r-- 1 carter staff 3729 Aug 23 10:24 ip6.h --rw-r--r-- 1 carter staff 5013 Aug 23 10:24 ip_icmp.h --rw-r--r-- 1 carter staff 3198 Aug 23 10:24 ip_var.h --rw-r--r-- 1 carter staff 6380 Aug 23 10:24 tcp_var.h --rw-r--r-- 1 carter staff 1033 Aug 23 10:24 tcpip.h --rw-r--r-- 1 carter staff 1086 Aug 23 10:24 udp_var.h +total 52 +-rw-r--r-- 1 carter carter 8866 Jan 9 16:09 icmp6.h +-rw-r--r-- 1 carter carter 1984 Jan 9 16:09 if_ether.h +-rw-r--r-- 1 carter carter 3480 Jan 9 16:09 igmp.h +-rw-r--r-- 1 carter carter 3729 Jan 9 16:09 ip6.h +-rw-r--r-- 1 carter carter 5013 Jan 9 16:09 ip_icmp.h +-rw-r--r-- 1 carter carter 3198 Jan 9 16:09 ip_var.h +-rw-r--r-- 1 carter carter 1033 Jan 9 16:09 tcpip.h +-rw-r--r-- 1 carter carter 6380 Jan 9 16:09 tcp_var.h +-rw-r--r-- 1 carter carter 1086 Jan 9 16:09 udp_var.h ./include/cygwin-include/protocols: -total 8 --rw-r--r-- 1 carter staff 2340 Aug 23 10:24 routed.h +total 4 +-rw-r--r-- 1 carter carter 2340 Jan 9 16:09 routed.h ./include/cygwin-include/sys: -total 8 --rw-r--r-- 1 carter staff 49 Aug 23 10:24 mbuf.h +total 4 +-rw-r--r-- 1 carter carter 49 Jan 9 16:09 mbuf.h ./include/net: -total 72 --rw-r--r-- 1 carter staff 3222 Aug 23 10:24 arcnet.h --rw-r--r-- 1 carter staff 2172 Aug 23 10:24 etherdefs.h --rw-r--r-- 1 carter staff 12674 Aug 23 10:24 nff.h --rw-r--r-- 1 carter staff 3563 Aug 23 10:24 ppp.h --rw-r--r-- 1 carter staff 3873 Aug 23 10:24 slcompress.h --rw-r--r-- 1 carter staff 1103 Aug 23 10:24 slip.h +total 36 +-rw-r--r-- 1 carter carter 3225 Jan 9 16:09 arcnet.h +-rw-r--r-- 1 carter carter 2175 Jan 9 16:09 etherdefs.h +-rw-r--r-- 1 carter carter 12674 Jan 9 16:09 nff.h +-rw-r--r-- 1 carter carter 3566 Jan 9 16:09 ppp.h +-rw-r--r-- 1 carter carter 3876 Jan 9 16:09 slcompress.h +-rw-r--r-- 1 carter carter 1106 Jan 9 16:09 slip.h ./include/netbsd-include: -total 0 -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 netinet +total 4 +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 netinet ./include/netbsd-include/netinet: -total 8 --rw-r--r-- 1 carter staff 1570 Aug 23 10:24 rtp.h +total 4 +-rw-r--r-- 1 carter carter 1570 Jan 9 16:09 rtp.h ./include/netinet: -total 24 --rw-r--r-- 1 carter staff 4892 Aug 23 10:24 rtp.h --rw-r--r-- 1 carter staff 2182 Aug 23 10:24 tcp_fsm.h +total 12 +-rw-r--r-- 1 carter carter 4895 Jan 9 16:09 rtp.h +-rw-r--r-- 1 carter carter 2185 Jan 9 16:09 tcp_fsm.h ./lib: total 16 @@ -261,71 +278,101 @@ total 12 -rw-rw-r-- 1 carter carter 89 Jan 9 18:20 arguspro_sensor_workstation.lic.template ./logo: -total 8 --rw-r--r-- 1 carter staff 2187 Aug 23 10:24 argus.spec +total 4 +-rw-r--r-- 1 carter carter 2491 Jan 9 16:09 argus_logo_medium-6aac34a9.png ./man: -total 0 -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 man5 -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 man8 +total 8 +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 man5 +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 man8 ./man/man5: -total 40 --rwxr-xr-x 1 carter staff 19826 Aug 23 10:24 argus.conf.5 +total 28 +-rwxr-xr-x 1 carter carter 24746 Jan 9 16:09 argus.conf.5 ./man/man8: -total 24 --rwxr-xr-x 1 carter staff 11249 Aug 23 10:24 argus.8 +total 12 +-rwxr-xr-x 1 carter carter 11795 Jan 9 16:09 argus.8 ./pkg: -total 64 --rw-r--r-- 1 carter staff 4201 Aug 23 10:24 README --rw-r--r-- 1 carter staff 21769 Aug 23 10:24 argus.conf -drwxr-xr-x 4 carter staff 128 Aug 23 10:24 rhel +total 48 +-rw-rw-r-- 1 carter carter 27003 Jan 29 14:26 argus.conf +drwxrwxr-x 2 carter carter 4096 Jan 29 14:26 init.d +drwxr-xr-x 3 carter carter 4096 Jan 29 14:26 osx +-rw-rw-r-- 1 carter carter 1346 Jan 29 14:26 README +drwxrwxr-x 2 carter carter 4096 Jan 29 14:26 sysconfig +drwxrwxr-x 2 carter carter 4096 Jan 29 14:26 systemd -./pkg/rhel: -total 0 -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 init.d -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 sysconfig +./pkg/init.d: +total 4 +-rwxrwxr-x 1 carter carter 2798 Jan 29 14:26 argus -./pkg/rhel/init.d: -total 8 --rwxr-xr-x 1 carter staff 2796 Aug 23 10:24 argus +./pkg/osx: +total 4 +drwxr-xr-x 3 carter carter 4096 Jan 29 14:26 osx-pkg -./pkg/rhel/sysconfig: -total 8 --rw-r--r-- 1 carter staff 551 Aug 23 10:24 argus +./pkg/osx/osx-pkg: +total 4 +drwxr-xr-x 3 carter carter 4096 Jan 9 16:09 Library + +./pkg/osx/osx-pkg/Library: +total 4 +drwxr-xr-x 3 carter carter 4096 Jan 9 16:09 PreferencePanes + +./pkg/osx/osx-pkg/Library/PreferencePanes: +total 4 +drwxr-xr-x 3 carter carter 4096 Jan 9 16:09 Argus.prefPane + +./pkg/osx/osx-pkg/Library/PreferencePanes/Argus.prefPane: +total 4 +drwxr-xr-x 3 carter carter 4096 Jan 9 16:09 Contents + +./pkg/osx/osx-pkg/Library/PreferencePanes/Argus.prefPane/Contents: +total 4 +drwxr-xr-x 2 carter carter 4096 Jan 9 16:09 Resources + +./pkg/osx/osx-pkg/Library/PreferencePanes/Argus.prefPane/Contents/Resources: +total 4 +-rw-r--r-- 1 carter carter 499 Jan 9 16:09 Argus-apps.plist + +./pkg/sysconfig: +total 4 +-rw-rw-r-- 1 carter carter 271 Jan 29 14:26 argus + +./pkg/systemd: +total 4 +-rw-rw-r-- 1 carter carter 264 Jan 29 14:26 argus.service ./support: -total 8 -drwxr-xr-x 4 carter staff 128 Aug 23 10:24 Archive -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 Config -drwxr-xr-x 3 carter staff 96 Aug 23 10:24 Deployment --rw-r--r-- 1 carter staff 2026 Aug 23 10:24 README -drwxr-xr-x 6 carter staff 192 Aug 23 10:24 Startup -drwxr-xr-x 4 carter staff 128 Aug 23 10:24 System +total 24 +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 Archive +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 Config +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 Deployment +-rw-rw-r-- 1 carter carter 2390 Jan 29 14:26 README +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 Startup +drwxr-xr-x 2 carter carter 4096 Jan 29 14:26 System ./support/Archive: -total 48 --rw-r--r-- 1 carter staff 5181 Aug 23 10:24 README.argusarchive --rwxr-xr-x 1 carter staff 14629 Aug 23 10:24 argusarchive +total 24 +-rwxrwxr-x 1 carter carter 14984 Jan 29 14:26 argusarchive +-rw-r--r-- 1 carter carter 5181 Jan 9 16:09 README.argusarchive ./support/Config: -total 48 --rwxr-xr-x 1 carter staff 21756 Aug 23 10:24 argus.conf +total 28 +-rwxrwxr-x 1 carter carter 27077 Jan 29 14:26 argus.conf ./support/Deployment: -total 16 --rwxr-xr-x 1 carter staff 7623 Aug 23 10:24 sample +total 8 +-rwxrwxr-x 1 carter carter 7521 Jan 29 14:26 sample ./support/Startup: -total 32 --rw-r--r-- 1 carter staff 3693 Aug 23 10:24 README --rw-r--r-- 1 carter staff 3104 Aug 23 10:24 argus --rw-r--r-- 1 carter staff 559 Aug 23 10:24 argus.service --rw-r--r-- 1 carter staff 723 Aug 23 10:24 com.qosient.argus.plist +total 16 +-rw-rw-r-- 1 carter carter 3008 Jan 29 14:26 argus +-rw-r--r-- 1 carter carter 559 Jan 9 16:09 argus.service +-rw-r--r-- 1 carter carter 723 Jan 9 16:09 com.qosient.argus.plist +-rw-rw-r-- 1 carter carter 3577 Jan 29 14:26 README ./support/System: -total 16 --rwxr-xr-x 1 carter staff 1170 Aug 23 10:24 crontab --rwxr-xr-x 1 carter staff 1094 Aug 23 10:24 magic +total 8 +-rwxrwxr-x 1 carter carter 1053 Jan 29 14:26 crontab +-rwxrwxr-x 1 carter carter 705 Jan 29 14:26 magic diff --git a/Makefile.in b/Makefile.in index 921e5a8..687f299 100644 --- a/Makefile.in +++ b/Makefile.in @@ -1,6 +1,27 @@ +# +# Argus-5.0 Software. Argus flow data generation. +# Copyright (c) 2000-2024 QoSient, LLC +# All rights reserved. +# +# This program is free software, released under the GNU General +# Public License; you can redistribute it and/or modify it under the terms +# of the GNU General Public License as published by the Free Software +# Foundation; either version 3, or any later version. # -# Makefile for Argus -# Copyright (C) 1996-2020 QoSient, LLC +# Other licenses are available through QoSient, LLC. +# Inquire at info@qosient.com. +# +# This program is distributed WITHOUT ANY WARRANTY; without even the +# implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# See the * GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + +# +# Makefile for Argus-5.0 +# Copyright (C) 1996-2024 QoSient, LLC # All rights reserved # #### Start of system configuration section. #### diff --git a/acsite.m4 b/acsite.m4 index 2c70f16..4bfb471 100644 --- a/acsite.m4 +++ b/acsite.m4 @@ -1,5 +1,23 @@ dnl -dnl Copyright (C) 2000-2020 QoSient, LLC. +dnl Argus-5.0 Software. Argus flow data generation. +dnl Copyright (c) 2000-2024 QoSient, LLC +dnl All rights reserved. +dnl +dnl This program is free software, released under the GNU General +dnl Public License; you can redistribute it and/or modify it under the terms +dnl of the GNU General Public License as published by the Free Software +dnl Foundation; either version 3, or any later version. +dnl +dnl Other licenses are available through QoSient, LLC. +dnl Inquire at info@qosient.com. +dnl +dnl This program is distributed WITHOUT ANY WARRANTY; without even the +dnl implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +dnl See the * GNU General Public License for more details. +dnl +dnl You should have received a copy of the GNU General Public License +dnl along with this program; if not, write to the Free Software +dnl Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. dnl dnl Copyright (c) 1995, 1996, 1997, 1998 dnl The Regents of the University of California. All rights reserved. @@ -134,8 +152,8 @@ m4_define([AC_LBL_C_INIT], ac_cv_lbl_gcc_vers=0 AC_MSG_CHECKING(gcc version) AC_CACHE_VAL(ac_cv_lbl_gcc_vers, - ac_cv_lbl_gcc_vers=`$CC --version 2>&1 | \ - sed -e '/^ version /!d' \ + ac_cv_lbl_gcc_vers=`$CC -v 2>&1 | \ + sed -e '/^gcc version /!d' \ -e 's/^gcc version //' \ -e 's/ .*//' -e 's/^[[[^0-9]]]*//' \ -e 's/\..*//'`) @@ -281,10 +299,8 @@ AC_DEFUN([AC_LBL_UNALIGNED_ACCESS], # include # include # include -# include -# include unsigned char a[[5]] = { 1, 2, 3, 4, 5 }; - int main() { + main() { unsigned int i; pid_t pid; int status; @@ -374,7 +390,6 @@ AC_DEFUN([AC_LBL_DEVEL], ;; esac fi - AC_CHECK_FUNCS(backtrace) fi]) dnl diff --git a/argus/Argus802.11.c b/argus/Argus802.11.c index 2046474..548611b 100644 --- a/argus/Argus802.11.c +++ b/argus/Argus802.11.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Arp Procession - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - 802.11 Wireless processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/Argus802.11.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + #ifdef HAVE_CONFIG_H #include "argus_config.h" #endif diff --git a/argus/ArgusApp.c b/argus/ArgusApp.c index 320b20c..057bac5 100644 --- a/argus/ArgusApp.c +++ b/argus/ArgusApp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Application Level - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Application Level + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusApp.c#8 $ + * $DateTime: 2016/02/23 00:04:12 $ + * $Change: 3099 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusArp.c b/argus/ArgusArp.c index 2964c8d..6d52e87 100644 --- a/argus/ArgusArp.c +++ b/argus/ArgusArp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Arp Procession - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Arp Processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusArp.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" @@ -137,7 +142,7 @@ ArgusCreateArpFlow (struct ArgusModelerStruct *model, struct ether_header *ep) { struct arphdr *ahdr = (struct arphdr *)model->ArgusThisUpHdr; struct ArgusSystemFlow *retn = NULL; - unsigned int arp_tpa = 0, arp_spa = 0; + unsigned int arp_tpa, arp_spa; if (STRUCTCAPTURED(model, *ahdr)) { retn = model->ArgusThisFlow; @@ -205,6 +210,11 @@ ArgusCreateArpFlow (struct ArgusModelerStruct *model, struct ether_header *ep) retn->hdr.argus_dsrvl8.len = sizeof(struct ArgusRarpFlow)/4 + 1; retn->hdr.argus_dsrvl8.qual = ARGUS_TYPE_RARP; + bcopy (TPA(ahdr), &arp_tpa, sizeof(arp_tpa)); + +#ifdef _LITTLE_ENDIAN + arp_tpa = ntohl(arp_tpa); +#endif retn->rarp_flow.hrd = HRD(ahdr); retn->rarp_flow.pro = PRO(ahdr); retn->rarp_flow.hln = HLN(ahdr); diff --git a/argus/ArgusAuth.c b/argus/ArgusAuth.c index a29b38d..813bbe8 100644 --- a/argus/ArgusAuth.c +++ b/argus/ArgusAuth.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Authentication - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Authentication + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusAuth.c#5 $ + * $DateTime: 2016/09/20 14:50:14 $ + * $Change: 3197 $ + */ + /* * Copyright (c) 2000 Carnegie Mellon University. All rights reserved. * diff --git a/argus/ArgusEsp.c b/argus/ArgusEsp.c index 64b5081..e4b97df 100644 --- a/argus/ArgusEsp.c +++ b/argus/ArgusEsp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - ESP layer processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - ESP layer processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusEsp.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusEvents.c b/argus/ArgusEvents.c index 95af3f9..db9dac8 100644 --- a/argus/ArgusEvents.c +++ b/argus/ArgusEvents.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Modeler - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Events processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusEvents.c#10 $ + * $DateTime: 2016/10/03 10:25:27 $ + * $Change: 3209 $ + */ + #ifdef HAVE_CONFIG_H #include "argus_config.h" #endif diff --git a/argus/ArgusEvents.h b/argus/ArgusEvents.h index 5b9c83d..8630f0a 100644 --- a/argus/ArgusEvents.h +++ b/argus/ArgusEvents.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Modeler - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Events include files + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusEvents.h#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + #ifndef ArgusEvents_h #define ArgusEvents_h diff --git a/argus/ArgusFrag.c b/argus/ArgusFrag.c index efd6542..66e8919 100644 --- a/argus/ArgusFrag.c +++ b/argus/ArgusFrag.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Fragment processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Fragment processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusFrag.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusIcmp.c b/argus/ArgusIcmp.c index 5651342..0c00adb 100644 --- a/argus/ArgusIcmp.c +++ b/argus/ArgusIcmp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - ICMP protocol processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - ICMP protocol processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusIcmp.c#5 $ + * $DateTime: 2016/04/01 14:32:31 $ + * $Change: 3134 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusIgmp.c b/argus/ArgusIgmp.c index c948c7b..790cc1d 100644 --- a/argus/ArgusIgmp.c +++ b/argus/ArgusIgmp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - IGMP protocol processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - IGMP protocol processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusIgmp.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusIsis.c b/argus/ArgusIsis.c index cc316ef..ea76c25 100644 --- a/argus/ArgusIsis.c +++ b/argus/ArgusIsis.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Modeler - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - ISIS flow tracking + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusIsis.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + #ifdef HAVE_CONFIG_H #include "argus_config.h" #endif diff --git a/argus/ArgusLcp.c b/argus/ArgusLcp.c index 4234a70..afef677 100644 --- a/argus/ArgusLcp.c +++ b/argus/ArgusLcp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - main argus processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Lcp flow processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusLcp.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusMac.c b/argus/ArgusMac.c index 7917596..8fd0b32 100644 --- a/argus/ArgusMac.c +++ b/argus/ArgusMac.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Layer 2 processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Layer 2 processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusMac.c#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusModeler.c b/argus/ArgusModeler.c index fb82abe..2800b6d 100644 --- a/argus/ArgusModeler.c +++ b/argus/ArgusModeler.c @@ -1,6 +1,6 @@ -/* - * Argus Software. Argus files - Modeler - * Copyright (c) 2000-2020 QoSient, LLC +/* + * Argus-5.0 Software. Argus files - Modeler + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusModeler.c#19 $ + * $DateTime: 2016/10/04 10:36:36 $ + * $Change: 3213 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" @@ -92,8 +97,12 @@ ArgusCheckTimeout(const struct ArgusModelerStruct * const model, retn = 0; else { if ((timeout->tv_sec > 0) || (timeout->tv_usec > 0)) { - diff = ArgusTimeDiff (&model->ArgusGlobalTime, ts); + diff = ArgusTimeDiff (ts1, ts2); +#if defined(ARGUS_NANOSECONDS) + tdiff = (timeout->tv_sec * 1000000000LL + timeout->tv_usec); +#else tdiff = (timeout->tv_sec * 1000000LL + timeout->tv_usec); +#endif if (diff >= tdiff) retn = 1; @@ -104,8 +113,13 @@ ArgusCheckTimeout(const struct ArgusModelerStruct * const model, } #ifdef ARGUSDEBUG - ArgusDebug (11, "ArgusCheckTimeout (%p, %d.%06d, %d.%06d) diff %f returning %d\n", model, ts->tv_sec, ts->tv_usec, +#if defined(ARGUS_NANOSECONDS) + ArgusDebug (11, "ArgusCheckTimeout (%p, %d.%09d, %d.%09d) diff %f returning %d\n", model, ts1->tv_sec, ts1->tv_usec, + timeout->tv_sec, timeout->tv_usec, (diff / 1000000000.0), retn); +#else + ArgusDebug (11, "ArgusCheckTimeout (%p, %d.%06d, %d.%06d) diff %f returning %d\n", model, ts1->tv_sec, ts1->tv_usec, timeout->tv_sec, timeout->tv_usec, (diff / 1000000.0), retn); +#endif #endif return (retn); @@ -150,6 +164,7 @@ ArgusNewModeler() if ((retn = (struct ArgusModelerStruct *) ArgusCalloc (1, sizeof (struct ArgusModelerStruct))) == NULL) ArgusLog (LOG_ERR, "ArgusNewModeler () ArgusCalloc error %s\n", strerror(errno)); + retn->ArgusHashTableSize = ARGUS_HASHTABLESIZE; setArgusFlowKey (retn, ARGUS_FLOW_KEY_CLASSIC5TUPLE); setArgusFlowType (retn, ARGUS_BIDIRECTIONAL); @@ -247,8 +262,8 @@ ArgusInitModeler(struct ArgusModelerStruct *model) ArgusInitMallocList(sizeof(struct ArgusRecordStruct)); - if (getArgusTunnelDiscovery(model) || getArgusVxLanParsing(model) || getArgusGreParsing(model)) - ArgusInitTunnelPortNumbers(); + if (getArgusTunnelDiscovery(model)) + ArgusInitTunnelPortNumbers (); #ifdef ARGUSDEBUG ArgusDebug (1, "ArgusInitModeler(%p) done\n", model); @@ -793,13 +808,12 @@ ArgusProcessPacketHdrs (struct ArgusModelerStruct *model, char *p, int length, i break; } case IPPROTO_UDP: { /* RCP 4380 */ - if (getArgusTunnelDiscovery(model) || getArgusVxLanParsing(model)) + if (getArgusTunnelDiscovery(model)) retn = ArgusProcessUdpHdr(model, ip, length); break; } case IPPROTO_GRE: { /* RFC 2784 */ - if (getArgusTunnelDiscovery(model) || getArgusGreParsing(model)) - retn = ArgusProcessGreHdr(model, ip, length); + retn = ArgusProcessGreHdr(model, ip, length); break; } default: @@ -916,14 +930,15 @@ ArgusProcessTtpHdr (struct ArgusModelerStruct *model, struct ip *ip, int length) return (retn); } -void ArgusInitUDPTunnelPortNumbers(void); -void ArgusInitTunnelPortNumbers(void) +void ArgusInitUDPTunnelPortNumbers (void); + +void +ArgusInitTunnelPortNumbers (void) { int i = 0; - bzero(ArgusTransportParseRoutines, sizeof(ArgusTransportParseRoutines)); - for (i = 0; i < MAX_PORT_ALG_TYPES; i++) - { + bzero (ArgusTransportParseRoutines, sizeof(ArgusTransportParseRoutines)); + for (i = 0; i < MAX_PORT_ALG_TYPES; i++) { ArgusTransportParseRoutines[RaPortAlgorithmTable[i].port] = RaPortAlgorithmTable[i].parse; } } @@ -942,10 +957,12 @@ ArgusProcessUdpHdr (struct ArgusModelerStruct *model, struct ip *ip, int length) sport = ntohs(up->uh_sport); dport = ntohs(up->uh_dport); - if (!((sport == 53) || (dport == 53) || (sport == 5353) || (dport == 5353))) { - char *ptr = (char *) (up + 1); - struct ip6_hdr *ipv6 = (struct ip6_hdr *) ptr; - int isipv6 = 0; + if (ArgusTransportParseRoutines[dport] != NULL) { + if ((retn = ArgusTransportParseRoutines[dport](model, up + 1)) < 0) { +#ifdef ARGUSDEBUG + ArgusDebug (4, "ArgusTransportParseRoutines(%p, %p, %d) error %d\n", model, ip, length, retn); +#endif + } } else { if (!((sport == 53) || (dport == 53))) { @@ -2527,20 +2544,21 @@ ArgusUpdateBasicFlow (struct ArgusModelerStruct *model, struct ArgusFlowStruct * } if (model->ArgusThisEncaps & ARGUS_ENCAPS_VXLAN) { - if ((vxlan = (struct ArgusVxLanStruct *)flow->dsrs[ARGUS_VXLAN_INDEX]) == NULL) { - vxlan = (struct ArgusVxLanStruct *)&flow->canon.vxlan; + if ((vxlan = (struct ArgusVxLanStruct *) flow->dsrs[ARGUS_VXLAN_INDEX]) == NULL) { + vxlan = (struct ArgusVxLanStruct *) &flow->canon.vxlan; memset(vxlan, 0, sizeof(*vxlan)); - flow->dsrs[ARGUS_VXLAN_INDEX] = (struct ArgusDSRHeader *)vxlan; - vxlan->hdr.type = ARGUS_VXLAN_DSR; - vxlan->hdr.subtype = 0; - vxlan->hdr.argus_dsrvl8.qual = 0; - vxlan->hdr.argus_dsrvl8.len = 3; + flow->dsrs[ARGUS_VXLAN_INDEX] = (struct ArgusDSRHeader *) vxlan; + vxlan->hdr.type = ARGUS_VXLAN_DSR; + vxlan->hdr.subtype = 0; + vxlan->hdr.argus_dsrvl8.qual = 0; + vxlan->hdr.argus_dsrvl8.len = 3; flow->dsrindex |= 1 << ARGUS_VXLAN_INDEX; } if (model->ArgusThisDir) { vxlan->svnid = model->ArgusThisVxLanVni; vxlan->hdr.argus_dsrvl8.qual |= ARGUS_SRC_VXLAN; + } else { vxlan->dvnid = model->ArgusThisVxLanVni; vxlan->hdr.argus_dsrvl8.qual |= ARGUS_DST_VXLAN; @@ -4314,9 +4332,9 @@ ArgusCreateIPv6Flow (struct ArgusModelerStruct *model, struct ip6_hdr *ip) struct ArgusSystemFlow *tflow; if ((ip != NULL) && STRUCTCAPTURED(model, *ip)) { - int nxt, done = 0, i = 0; - unsigned int *sp = (void *) &ip->ip6_src; - unsigned int *dp = (void *) &ip->ip6_dst; + int nxt = 0, done = 0, i = 0; + unsigned int saddr[4], *sp = saddr; + unsigned int daddr[4], *dp = daddr; unsigned short alen, sport = 0, dport = 0; unsigned int *rsp, *rdp; @@ -4579,7 +4597,7 @@ ArgusCreateIPv4Flow (struct ArgusModelerStruct *model, struct ip *ip) sport = ntohs(up->uh_sport); dport = ntohs(up->uh_dport); } - if ((sport == 53) || (dport == 53) || (sport == 5353) || (dport == 5353)) { + if ((sport == 53) || (dport == 53)) { unsigned short pad = ntohs(*(u_int16_t *)(up + 1)); bcopy(&pad, &model->ArgusThisFlow->ip_flow.smask, 2); } @@ -4984,26 +5002,6 @@ setArgusTunnelDiscovery (struct ArgusModelerStruct *model, int value) model->ArgusTunnelDiscovery = value; } -int getArgusGreParsing(struct ArgusModelerStruct *model) -{ - return (model->ArgusGreParsing); -} - -void setArgusGreParsing(struct ArgusModelerStruct *model, int value) -{ - model->ArgusGreParsing = value; -} - -int getArgusVxLanParsing(struct ArgusModelerStruct *model) -{ - return (model->ArgusVXLanParsing); -} - -void setArgusVxLanParsing(struct ArgusModelerStruct *model, int value) -{ - model->ArgusVXLanParsing = value; -} - int getArgusTrackDuplicates (struct ArgusModelerStruct *model) { diff --git a/argus/ArgusModeler.h b/argus/ArgusModeler.h index aba215c..a879448 100644 --- a/argus/ArgusModeler.h +++ b/argus/ArgusModeler.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Modeler includes - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Modeler includes + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,13 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusModeler.h#8 $ + * $DateTime: 2016/02/23 00:04:12 $ + * $Change: 3099 $ + */ + + #ifndef ArgusModeler_h #define ArgusModeler_h @@ -311,12 +318,6 @@ struct ArgusModelerStruct { int ArgusMinorVersion; int ArgusSnapLen; - int ArgusTunnelDiscovery; - int ArgusGreParsing; - int ArgusVXLanParsing; - - int ArgusUserDataLen; - int ArgusTunnelDiscovery; int ArgusOSFingerPrinting; int ArgusUserDataLen; @@ -485,12 +486,6 @@ void setArgusControlPlaneProtocols(struct ArgusModelerStruct *, char *); int getArgusTunnelDiscovery (struct ArgusModelerStruct *); void setArgusTunnelDiscovery (struct ArgusModelerStruct *, int); -int getArgusGreParsing(struct ArgusModelerStruct *); -void setArgusGreParsing(struct ArgusModelerStruct *, int); - -int getArgusVxLanParsing(struct ArgusModelerStruct *); -void setArgusVxLanParsing(struct ArgusModelerStruct *, int); - int getArgusTrackDuplicates (struct ArgusModelerStruct *); void setArgusTrackDuplicates (struct ArgusModelerStruct *, int); @@ -624,21 +619,6 @@ extern void ArgusUpdateArpState (struct ArgusModelerStruct *, struct ArgusFlowSt extern int ArgusUpdateFRAGState (struct ArgusModelerStruct *, struct ArgusFlowStruct *, unsigned char, unsigned short); extern void ArgusUpdateESPState (struct ArgusModelerStruct *, struct ArgusFlowStruct *, unsigned char *); -extern unsigned short ArgusParseVxLan (struct ArgusModelerStruct *, void *); - -#define MAX_PORT_ALG_TYPES 2 -struct ArgusTransportRoutines { - char *field; - unsigned short type, port; - unsigned short (*parse)(struct ArgusModelerStruct *, void *ptr); -}; - -struct ArgusTransportRoutines -RaPortAlgorithmTable[MAX_PORT_ALG_TYPES] = { -#define ARGUS_PARSE_VXLAN 0 - { "vxlan", ARGUS_PARSE_VXLAN, 4789, ArgusParseVxLan}, - { "vxlan", ARGUS_PARSE_VXLAN, 8472, ArgusParseVxLan}, -}; extern unsigned short ArgusParseVxLan (struct ArgusModelerStruct *, void *); extern unsigned short ArgusParseL2TP (struct ArgusModelerStruct *, void *); @@ -724,12 +704,6 @@ extern void setArgusControlPlaneProtocols(struct ArgusModelerStruct *, char *); extern int getArgusTunnelDiscovery(struct ArgusModelerStruct *); extern void setArgusTunnelDiscovery(struct ArgusModelerStruct *, int); -extern int getArgusGreParsing(struct ArgusModelerStruct *); -extern void setArgusGreParsing(struct ArgusModelerStruct *, int); - -extern int getArgusVxLanParsing(struct ArgusModelerStruct *); -extern void setArgusVxLanParsing(struct ArgusModelerStruct *, int); - extern int getArgusTrackDuplicates (struct ArgusModelerStruct *); extern void setArgusTrackDuplicates (struct ArgusModelerStruct *, int); diff --git a/argus/ArgusNetflow.c b/argus/ArgusNetflow.c index 708fab1..7997753 100644 --- a/argus/ArgusNetflow.c +++ b/argus/ArgusNetflow.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Fragment processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Netflow processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/argus/argus/argus/ArgusNetflow.c#23 $ + * $DateTime: 2011/01/26 17:21:20 $ + * $Change: 2089 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusNetflow.h b/argus/ArgusNetflow.h index ebe7326..ec3dd3a 100644 --- a/argus/ArgusNetflow.h +++ b/argus/ArgusNetflow.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Modeler - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Netflow processing includes + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,8 +24,12 @@ * */ -#ifndef ArgusNetflow_h -#define ArgusNetflow_h +/* + * $Id: //depot/argus/argus/argus/ArgusNetflow.h#1 $ + * $DateTime: 2011/01/26 17:21:20 $ + * $Change: 2089 $ + */ + #define CISCO_VERSION_1 1 #define CISCO_VERSION_5 5 @@ -57,4 +61,3 @@ extern void ArgusParseCiscoRecordV7 (struct ArgusModelerStruct *, void *); extern void ArgusParseCiscoRecordV8 (struct ArgusModelerStruct *, void *); extern void ArgusParseCiscoRecordV9 (struct ArgusModelerStruct *, void *); #endif -#endif diff --git a/argus/ArgusOutput.c b/argus/ArgusOutput.c index f4ac41b..53a8a8b 100644 --- a/argus/ArgusOutput.c +++ b/argus/ArgusOutput.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Modeler - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Output processor + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusOutput.c#16 $ + * $DateTime: 2016/10/27 18:40:41 $ + * $Change: 3232 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" @@ -518,7 +523,7 @@ ArgusOutputMarInfTime(struct ArgusOutputStruct *output) } #ifdef ARGUSDEBUG - ArgusDebug (7, "ArgusOutputStatusTime(%p) done", output); + ArgusDebug (7, "ArgusOutputMarInfTime(%p) done", output); #endif return (retn); } diff --git a/argus/ArgusOutput.h b/argus/ArgusOutput.h index 0e58a5b..7181e11 100644 --- a/argus/ArgusOutput.h +++ b/argus/ArgusOutput.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Output include file - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Output include files + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,13 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusOutput.h#7 $ + * $DateTime: 2015/04/21 19:24:29 $ + * $Change: 3018 $ + */ + + #ifndef ArgusOutput_h #define ArgusOutput_h diff --git a/argus/ArgusSflow.c b/argus/ArgusSflow.c index bf8b3f2..6c3ba0b 100644 --- a/argus/ArgusSflow.c +++ b/argus/ArgusSflow.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Fragment processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Sflow record processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusSflow.c#5 $ + * $DateTime: 2016/02/16 17:07:05 $ + * $Change: 3096 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusSflow.h b/argus/ArgusSflow.h index d0c5712..0d07dc9 100644 --- a/argus/ArgusSflow.h +++ b/argus/ArgusSflow.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Modeler - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Sflow processing includes + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusSflow.h#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + #ifndef ArgusSflow_h #define ArgusSflow_h diff --git a/argus/ArgusSource.c b/argus/ArgusSource.c index c542371..12c5b72 100644 --- a/argus/ArgusSource.c +++ b/argus/ArgusSource.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Input processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Input processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusSource.c#24 $ + * $DateTime: 2016/10/10 23:36:26 $ + * $Change: 3221 $ + */ + /* * ArgusSource.c - Argus packet source routines. * @@ -51,8 +57,7 @@ #if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__) || defined(__APPLE__) || defined(__sun__) #define PCAP_DONT_INCLUDE_PCAP_BPF_H -#include -#include +#include #include #else #if !defined(CYGWIN) @@ -76,14 +81,6 @@ #include #include -#include - -#include -#include -#include - -#include /* the L2 protocols */ - #include #include #include @@ -744,8 +741,8 @@ ArgusOpenInterface(struct ArgusSourceStruct *src, struct ArgusDeviceStruct *devi #endif } - if ((type = pcap_datalink(inf->ArgusPd)) > 0) - inf->ArgusCallBack = Arguslookup_pcap_callback(type); + if ((type = pcap_datalink(inf->ArgusPd)) >= 0) + inf->ArgusCallBack = Arguslookup_pcap_callback(type); if (inf->ArgusCallBack == NULL) { if (type > 0) { @@ -1002,7 +999,7 @@ ArgusCloseSource(struct ArgusSourceStruct *stask) int ret = 0; int err; int i; - struct ArgusSourceStruct *src = NULL; + struct ArgusSourceStruct *src; if (stask == NULL) /* nothing to do */ @@ -3310,7 +3307,7 @@ juniper_parse_header (const u_char *p, const struct pcap_pkthdr *h, struct junip l2info->header_len = 0; l2info->cookie_len = 0; l2info->proto = 0; - l2info->pictype = 0; + l2info->length = h->len; l2info->caplen = h->caplen; @@ -3849,80 +3846,6 @@ ArgusIpPacket(u_char *user, const struct pcap_pkthdr *h, const u_char *p) #endif } -#define PFLOG_RULESET_NAME_SIZE 16 - -struct pfloghdr { - u_int8_t length; - sa_family_t af; - u_int8_t action; - u_int8_t reason; - char ifname[IFNAMSIZ]; - char ruleset[PFLOG_RULESET_NAME_SIZE]; - u_int32_t rulenr; - u_int32_t subrulenr; - uid_t uid; - pid_t pid; - uid_t rule_uid; - pid_t rule_pid; - u_int8_t dir; - u_int8_t pad[3]; -}; - -#define PFLOG_HDRLEN sizeof(struct pfloghdr) - -void -ArgusPflogPacket (u_char *user, const struct pcap_pkthdr *h, const u_char *p) -{ - struct pcap_pkthdr hbuf; - u_int hdrlen = 0; - u_int caplen = h->caplen; - const struct pfloghdr *hdr; - uint8_t af; - - /* check length */ - if (caplen >= sizeof(uint8_t)) { -#define MIN_PFLOG_HDRLEN 45 - hdr = (struct pfloghdr *)p; - if (hdr->length >= MIN_PFLOG_HDRLEN) { - hdrlen = BPF_WORDALIGN(hdr->length); - - if (caplen >= hdrlen) { - /* print what we know */ - hdr = (struct pfloghdr *)p; - - /* skip to the real packet */ - af = hdr->af; - - memcpy((char *)&hbuf, (char *)h, sizeof(*h)); - - hbuf.len -= hdrlen; - hbuf.caplen -= hdrlen; - p += hdrlen; - - switch (af) { - case AF_INET: - case AF_INET6: - ArgusIpPacket(user, &hbuf, p); - break; - - default: - /* address family not handled, print raw packet - if (!ndo->ndo_eflag) - pflog_print(ndo, hdr); - if (!ndo->ndo_suppress_default_print) - ND_DEFAULTPRINT(p, caplen); - */ - break; - } - } - } - } - -#ifdef ARGUSDEBUG - ArgusDebug (8, "ArgusPflogPacket (%p, %p, %p) returning\n", user, h, p); -#endif -} - #define ENC_HDRLEN 12 @@ -4618,157 +4541,6 @@ extern char *ArgusPidPath; #define ARGUS_COMPLETE 0x04 -struct argus_addr { - struct argus_addr *next; - struct sockaddr *addr; /* address */ - struct sockaddr *netmask; /* netmask for that address */ - struct sockaddr *broadaddr; /* broadcast address for that address */ - struct sockaddr *dstaddr; /* P2P destination address for that address */ -}; - -typedef struct argus_addr argus_addr_t; - -struct argus_if { - struct argus_if *nxt; /* Next item in list */ - char *name; /* Name of interface */ - char *description; /* description of interface */ - argus_addr_t *addr; - unsigned int flags; /* Flags from SIOCGIFFLAGS */ -}; - -typedef struct argus_if argus_if_t; - -#ifndef SA_LEN -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN -#define SA_LEN(addr) ((addr)->sa_len) -#else /* HAVE_STRUCT_SOCKADDR_SA_LEN */ -#ifdef HAVE_STRUCT_SOCKADDR_STORAGE -static size_t -get_sa_len(struct sockaddr *addr) -{ - switch (addr->sa_family) { -#ifdef AF_INET - case AF_INET: return (sizeof (struct sockaddr_in)); -#endif - -#ifdef AF_INET6 - case AF_INET6: return (sizeof (struct sockaddr_in6)); -#endif - -#if (defined(linux) || defined(__Lynx__)) && defined(AF_PACKET) - case AF_PACKET: return (sizeof (struct sockaddr_ll)); -#endif -#if defined(__APPLE_CC__) || defined(__APPLE__) - case AF_LINK: { return (sizeof (struct sockaddr_dl)); -#endif - default: return (sizeof (struct sockaddr)); - } -} - -#define SA_LEN(addr) (get_sa_len(addr)) -#else /* HAVE_STRUCT_SOCKADDR_STORAGE */ -#define SA_LEN(addr) (sizeof (struct sockaddr)) -#endif /* HAVE_STRUCT_SOCKADDR_STORAGE */ -#endif /* HAVE_STRUCT_SOCKADDR_SA_LEN */ -#endif /* SA_LEN */ - -int -Argus_findall_interfaces(argus_if_t **aif) -{ - argus_if_t *taif, *laif = NULL; - struct ifaddrs *ifa, *ifap; - char *ptr; - int retn = 0; - - if ((retn = getifaddrs(&ifap)) != 0) - return (-1); - - for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { - struct sockaddr *addr, *mask, *broadaddr, *dstaddr; - size_t addr_size, broadaddr_size, dstaddr_size; - - if ((taif = (struct argus_if *) ArgusCalloc(1, sizeof(*taif))) == NULL) - ArgusLog (LOG_ERR, "Argus_findall_interfaces: ArgusCalloc %s\n", strerror(errno)); - - if (ifa->ifa_name != NULL) { - if ((ptr = strchr(ifa->ifa_name, ':')) != NULL) { - *ptr = '\0'; - } - taif->name = strdup(ifa->ifa_name); - } - - taif->description = get_if_description(ifa->ifa_name); - -#ifdef IFF_LOOPBACK - if (ifa->ifa_flags & IFF_LOOPBACK) - taif->flags |= PCAP_IF_LOOPBACK; -#else - /* - * We don't have IFF_LOOPBACK, so look at the device name to - * see if it looks like a loopback device. - */ - if (taif->name[0] == 'l' && taif->name[1] == 'o' && (isdigit((unsigned char)(taif->name[2])) || taif->name[2] == '\0') - taif->flags |= PCAP_IF_LOOPBACK; -#endif -#ifdef IFF_UP - if (ifa->ifa_flags & IFF_UP) - taif->flags |= PCAP_IF_UP; -#endif -#ifdef IFF_RUNNING - if (ifa->ifa_flags & IFF_RUNNING) - taif->flags |= PCAP_IF_RUNNING; -#endif - - if (ifa->ifa_addr != NULL) { - addr = ifa->ifa_addr; - addr_size = SA_LEN(addr); - mask = ifa->ifa_netmask; - } else { - addr = NULL; - addr_size = 0; - mask = NULL; - } - if (ifa->ifa_flags & IFF_BROADCAST && ifa->ifa_broadaddr != NULL) { - broadaddr = ifa->ifa_broadaddr; - broadaddr_size = SA_LEN(broadaddr); - } else { - broadaddr = NULL; - broadaddr_size = 0; - } - if (ifa->ifa_flags & IFF_POINTOPOINT && ifa->ifa_dstaddr != NULL) { - dstaddr = ifa->ifa_dstaddr; - dstaddr_size = SA_LEN(ifa->ifa_dstaddr); - } else { - dstaddr = NULL; - dstaddr_size = 0; - } - - if (laif == NULL) { - *aif = taif; - } else { - laif->nxt = taif; - } - laif = taif; - } - freeifaddrs(ifa); - - return (retn); -} - - -void -Argus_free_interfaces(struct argus_if *aifa) -{ - while (aifa != NULL) { - struct argus_if *nafa = aifa->nxt; - if (aifa->name != NULL) - free (aifa->name); - - ArgusFree(aifa); - aifa = nafa; - } -} - void ArgusSourceProcess (struct ArgusSourceStruct *stask) { @@ -4853,17 +4625,6 @@ ArgusSourceProcess (struct ArgusSourceStruct *stask) if (setgid(new_gid) < 0) ArgusLog (LOG_ERR, "ArgusInitOutput: setgid error %s", strerror(errno)); } - if (new_uid > 0) { - if (setuid(new_uid) < 0) - ArgusLog (LOG_ERR, "ArgusInitOutput: setuid error %s", strerror(errno)); - } - - src->status |= ARGUS_LAUNCHED; - if ((pthread_create(&src->thread, NULL, ArgusGetPackets, (void *) src)) != 0) - ArgusLog (LOG_ERR, "ArgusNewEventProcessor() pthread_create error %s\n", strerror(errno)); - - ArgusThreadCount++; - } if (new_uid > 0) { if (setuid(new_uid) < 0) ArgusLog (LOG_ERR, "ArgusInitOutput: setuid error %s", strerror(errno)); @@ -4949,93 +4710,6 @@ ArgusSourceProcess (struct ArgusSourceStruct *stask) } ArgusPushBackList(src->ArgusDeviceList, (struct ArgusListRecord *) device, ARGUS_NOLOCK); pthread_mutex_unlock(&src->ArgusDeviceList->lock); - } - - if ((dev = (struct ArgusDeviceStruct *) ArgusCalloc(1, sizeof(*dev))) == NULL) - ArgusLog (LOG_ERR, "setArgusDevice ArgusCalloc %s\n", strerror(errno)); - - dev->name = strdup(ifa->name); - dev->status = status; - dev->type = type; - dev->mode = mode; - - if (dlt != NULL) { -#if defined(HAVE_PCAP_DATALINK_NAME_TO_VAL) - dev->dlt = pcap_datalink_name_to_val(dlt); -#endif - dev->dltname = strdup(dlt); - } - - if (dev != NULL) { - struct ArgusSourceStruct *src = NULL; - - if (srcid != NULL) { - int type = ArgusSourceTask->type; - - ArgusParseSourceID (ArgusSourceTask, dev, srcid); - dev->trans = ArgusSourceTask->trans; - dev->idtype = ArgusSourceTask->type; - - ArgusSourceTask->type = type; - - } else { - char inf[5] = {0,}; - dev->trans = ArgusSourceTask->trans; - dev->idtype = ArgusSourceTask->type; - if (dev && (dev->name != NULL)) { - shortname_ethdev_unique(dev->name, inf, - sizeof(inf), - ArgusSourceTask->ArgusDeviceList); - - bcopy(inf, dev->trans.srcid.inf, 4); - dev->trans.hdr.argus_dsrvl8.qual |= ARGUS_TYPE_INTERFACE; - ArgusLog(LOG_INFO, - "mapping interface name %s -> %s\n", - dev->name, inf); - } - } - - src = ArgusCloneSource(stask); - clearArgusDevice(src); - - if (dev->trans.srcid.a_un.value != 0) { - src->trans = dev->trans; - } else { - dev->trans = stask->trans; - dev->idtype = stask->type; - src->trans = stask->trans; - src->type = stask->type; - } - - src->type = dev->type; - - if (ArgusInitSource (src) > 0) { - if (new_gid > 0) { - if (setgid(new_gid) < 0) - ArgusLog (LOG_ERR, "ArgusInitOutput: setgid error %s", strerror(errno)); - } - if (new_uid > 0) { - if (setuid(new_uid) < 0) - ArgusLog (LOG_ERR, "ArgusInitOutput: setuid error %s", strerror(errno)); - } - - src->status |= ARGUS_LAUNCHED; - if ((pthread_create(&src->thread, NULL, ArgusGetPackets, (void *) src)) != 0) - ArgusLog (LOG_ERR, "ArgusNewEventProcessor() pthread_create error %s\n", strerror(errno)); - ArgusThreadCount++; - } - - stask->srcs[ArgusSourceCount++] = src; - ArgusPushBackList(src->ArgusDeviceList, (struct ArgusListRecord *) dev, ARGUS_LOCK); - } -*/ - } - - lookup_interface(interfacetable, (const u_char *)ifa->name); -#ifdef ARGUSDEBUG - ArgusDebug (2, "ArgusSourceProcess: Adding Interface %s\n", ifa->name); -#endif - } else { } } } @@ -5239,7 +4913,6 @@ ArgusSourceProcess (struct ArgusSourceStruct *stask) gettimeofday (&stv, 0L); stv.tv_sec += stask->ArgusInterfaceScanInterval; } - } if ((retn = pthread_mutex_lock(&stask->lock))) { switch (retn) { diff --git a/argus/ArgusSource.h b/argus/ArgusSource.h index fd30edf..3eaf426 100644 --- a/argus/ArgusSource.h +++ b/argus/ArgusSource.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Input includes - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Input processing includes + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,13 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusSource.h#12 $ + * $DateTime: 2016/10/03 10:25:27 $ + * $Change: 3209 $ + */ + +/* ArgusSource.h */ #ifndef ArgusSource_h #define ArgusSource_h @@ -165,7 +172,7 @@ int pcap_offline_read(pcap_t *, int, pcap_handler, u_char *); #define ARGUS_INITED 0x02 #define ARGUS_COMPLETE 0x04 #define ARGUS_NOSOURCES 0x08 -#define ARGUS_DONT_OPEN 0x10 +#define ARGUS_DONT_OPEN 0x10 struct ArgusDeviceStruct { struct ArgusListObjectStruct *nxt; @@ -783,7 +790,6 @@ char *getArgusManInf (struct ArgusSourceStruct *); int ArgusSnoopRead (struct ArgusSourceStruct *); void ArgusIpPacket (u_char *user, const struct pcap_pkthdr *h, const u_char *p); -void ArgusPflogPacket (u_char *user, const struct pcap_pkthdr *h, const u_char *p); void ArgusArcnetPacket (u_char *user, const struct pcap_pkthdr *h, const u_char *p); void ArgusEtherPacket (u_char *user, const struct pcap_pkthdr *h, const u_char *p); void ArgusTokenPacket (u_char *user, const struct pcap_pkthdr *h, const u_char *p); diff --git a/argus/ArgusTcp.c b/argus/ArgusTcp.c index 848a03d..ee898ab 100644 --- a/argus/ArgusTcp.c +++ b/argus/ArgusTcp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - TCP protocol - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - TCP Protocol processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusTcp.c#11 $ + * $DateTime: 2016/09/18 16:32:53 $ + * $Change: 3186 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusTimeDiff.h b/argus/ArgusTimeDiff.h index 6e1e4b1..02aedcf 100644 --- a/argus/ArgusTimeDiff.h +++ b/argus/ArgusTimeDiff.h @@ -27,7 +27,10 @@ #ifndef __ARGUS_TIME_DIFF_H # define __ARGUS_TIME_DIFF_H -#include +# ifdef HAVE_CONFIG_H +# include "argus_config.h" +# endif +# include static inline long long @@ -36,8 +39,13 @@ ArgusTimeDiff(const struct timeval * const start, { long long retn, t1, t2; - stime = (start->tv_sec * 1000000LL) + start->tv_usec; - etime = (stop->tv_sec * 1000000LL) + stop->tv_usec; +#if defined(ARGUS_NANOSECONDS) + t1 = (start->tv_sec * 1000000000LL) + (start->tv_usec * 1LL); + t2 = (stop->tv_sec * 1000000000LL) + ( stop->tv_usec * 1LL); +#else + t1 = (start->tv_sec * 1000000LL) + (start->tv_usec * 1LL); + t2 = (stop->tv_sec * 1000000LL) + ( stop->tv_usec * 1LL); +#endif retn = t2 - t1; return (retn); @@ -57,8 +65,13 @@ ArgusAbsTimeDiff(const struct timeval * const start, t1 = stop; } +#if defined(ARGUS_NANOSECONDS) + retn = ((t2->tv_sec * 1000000000LL) + t2->tv_usec) - + ((t1->tv_sec * 1000000000LL) + t1->tv_usec); +#else retn = ((t2->tv_sec * 1000000LL) + t2->tv_usec) - ((t1->tv_sec * 1000000LL) + t1->tv_usec); +#endif return (retn); } diff --git a/argus/ArgusUdp.c b/argus/ArgusUdp.c index bfc27ea..800454a 100644 --- a/argus/ArgusUdp.c +++ b/argus/ArgusUdp.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - UDP protocol - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - UDP Protocol processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusUdp.c#5 $ + * $DateTime: 2015/06/22 17:59:06 $ + * $Change: 3024 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusUdt.c b/argus/ArgusUdt.c index a232a72..ac95e56 100644 --- a/argus/ArgusUdt.c +++ b/argus/ArgusUdt.c @@ -1,6 +1,6 @@ /* * Argus Software. Argus files - Udt protocol processing - * Copyright (c) 2000-2020 QoSient, LLC + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software; you can redistribute it and/or modify @@ -19,6 +19,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusUdt.c#7 $ + * $DateTime: 2015/09/02 16:24:01 $ + * $Change: 3068 $ + */ + #ifdef HAVE_CONFIG_H #include "argus_config.h" #endif diff --git a/argus/ArgusUtil.c b/argus/ArgusUtil.c index 0c9b865..21ab14f 100644 --- a/argus/ArgusUtil.c +++ b/argus/ArgusUtil.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Utilities - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Utilities + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,13 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/ArgusUtil.c#13 $ + * $DateTime: 2016/06/07 14:21:31 $ + * $Change: 3159 $ + */ + +/* ArgusUtil.c */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/argus/ArgusUtil.h b/argus/ArgusUtil.h index 8b58ae6..3b3c95f 100644 --- a/argus/ArgusUtil.h +++ b/argus/ArgusUtil.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - Utilities include files - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Utilities include files + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/argus/ArgusVxLan.c b/argus/ArgusVxLan.c index 68b649b..353f57a 100644 --- a/argus/ArgusVxLan.c +++ b/argus/ArgusVxLan.c @@ -1,18 +1,33 @@ /* - * -------------------------------------------------------------------------------- - * - * 2019-2021 CounterFlow AI, Inc. - * Proprietary & Confidential. All Rights Reserved. - * - * This software is a proprietary fork of Argus, commercially licensed from - * QoSient, LLC by CounterFlow AI in 2019. - * - * Refactored and enhanced with numerous features and functions. + * Argus-5.0 Software. Argus files - UDP Protocol processing + * Copyright (c) 2000-2024 QoSient, LLC + * All rights reserved. * - * ArgusVxLan support written by - * Carter Bullard + * This program is free software, released under the GNU General + * Public License; you can redistribute it and/or modify it under the terms + * of the GNU General Public License as published by the Free Software + * Foundation; either version 3, or any later version. + * + * Other licenses are available through QoSient, LLC. + * Inquire at info@qosient.com. + * + * This program is distributed WITHOUT ANY WARRANTY; without even the + * implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * Written by Carter Bullard + * QoSient, LLC * - * + */ + +/* + * $Id$ + * $DateTime: 2014/05/14 12:53:31 $ + * $Change: 2827 $ */ #if !defined(ArgusVxLan) @@ -20,46 +35,41 @@ #include -unsigned short ArgusParseVxLan(struct ArgusModelerStruct *, void *); +unsigned short ArgusParseVxLan (struct ArgusModelerStruct *, void *); -struct vxlanhdr -{ +struct vxlanhdr { unsigned char flgs, res[3]; unsigned int vni; }; unsigned short -ArgusParseVxLan(struct ArgusModelerStruct *model, void *ptr) +ArgusParseVxLan (struct ArgusModelerStruct *model, void *ptr) { unsigned short retn = 0; struct vxlanhdr *vxl = ptr; - if (getArgusVxLanParsing(model)) - { - if (STRUCTCAPTURED(model, *vxl)) - { - if (vxl->flgs == 0x08) - { - unsigned int vni = ntohl(vxl->vni) >> 8; - int len = ((unsigned char *)(vxl + 1)) - model->ArgusThisUpHdr; + if (STRUCTCAPTURED(model, *vxl)) { + if (vxl->flgs == 0x08) { + unsigned int vni = ntohl(vxl->vni) >> 8; + int len = ((unsigned char *) (vxl + 1)) - model->ArgusThisUpHdr; - retn = ARGUS_ETHER_HDR; - model->ArgusThisVxLanVni = vni; - model->ArgusThisEncaps |= ARGUS_ENCAPS_VXLAN; - model->ArgusThisUpHdr = (unsigned char *)(vxl + 1); - model->ArgusThisLength -= len; - model->ArgusSnapLength -= len; + retn = ARGUS_ETHER_HDR; + model->ArgusThisVxLanVni = vni; + model->ArgusThisEncaps |= ARGUS_ENCAPS_VXLAN; + model->ArgusThisUpHdr = (unsigned char *)(vxl + 1); + model->ArgusThisLength -= len; + model->ArgusSnapLength -= len; #ifdef ARGUSDEBUG - ArgusDebug(2, "ArgusParseVxLan(%p, %p) vni is %d\n", model, ptr, vni); + ArgusDebug (2, "ArgusParseVxLan(%p, %p) vni is %d\n", model, ptr, vni); #endif - } } } #ifdef ARGUSDEBUG - ArgusDebug(1, "ArgusParseVxLan(%p, %p) returning %d\n", model, ptr, retn); + ArgusDebug (1, "ArgusParseVxLan(%p, %p) returning %d\n", model, ptr, retn); #endif return (retn); } + #endif diff --git a/argus/ArgusVxLan.h b/argus/ArgusVxLan.h index 0a5fa48..475d073 100644 --- a/argus/ArgusVxLan.h +++ b/argus/ArgusVxLan.h @@ -1,19 +1,29 @@ /* - * -------------------------------------------------------------------------------- - * - * 2019-2021 CounterFlow AI, Inc. - * Proprietary & Confidential. All Rights Reserved. - * - * This software is a proprietary fork of Argus, commercially licensed from - * QoSient, LLC by CounterFlow AI in 2019. - * - * Refactored and enhanced with numerous features and functions. + * Argus-5.0 Software. Argus files - UDP Protocol processing + * Copyright (c) 2000-2024 QoSient, LLC + * All rights reserved. * - * ArgusVxLan support written by - * Carter Bullard + * This program is free software, released under the GNU General + * Public License; you can redistribute it and/or modify it under the terms + * of the GNU General Public License as published by the Free Software + * Foundation; either version 3, or any later version. + * + * Other licenses are available through QoSient, LLC. + * Inquire at info@qosient.com. + * + * This program is distributed WITHOUT ANY WARRANTY; without even the + * implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * Written by Carter Bullard + * QoSient, LLC * - * */ + #ifdef HAVE_CONFIG_H #include "argus_config.h" #endif diff --git a/argus/Makefile.in b/argus/Makefile.in index c605363..8d3a155 100755 --- a/argus/Makefile.in +++ b/argus/Makefile.in @@ -1,7 +1,7 @@ # -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC -# All rights reserved. +# Argus-5.0 Software. Argus files - Makefile.in +# Copyright (c) 2000-2024 QoSient, LLC +# All rights reserved. # # This program is free software, released under the GNU General # Public License; you can redistribute it and/or modify it under the terms @@ -49,7 +49,6 @@ COMPATLIB = @COMPATLIB@ @LIB_XDR@ WRAPLIBS = @WRAPLIBS@ SASLLIBS = @LIB_SASL@ -XDRLIBS = @LIB_XDR@ # # You shouldn't need to edit anything below. @@ -86,7 +85,7 @@ YACC = @V_YACC@ SRC = argus.c ArgusModeler.c ArgusSource.c ArgusUtil.c ArgusOutput.c ArgusUdp.c \ ArgusTcp.c ArgusIcmp.c ArgusIgmp.c ArgusEsp.c ArgusArp.c ArgusFrag.c ArgusUdt.c \ ArgusLcp.c ArgusIsis.c ArgusAuth.c Argus802.11.c ArgusApp.c ArgusEvents.c \ - ArgusNetflow.c ArgusSflow.c ArgusVxLan.c + ArgusNetflow.c ArgusSflow.c ArgusVxLan.c ArgusL2TP.c ArgusIfnam.c PROG = @INSTALL_BIN@/argus @@ -95,7 +94,7 @@ PROG = @INSTALL_BIN@/argus OBJ = $(SRC:.c=.o) -LIB = @LIBS@ @V_THREADS@ $(WRAPLIBS) $(SASLLIBS) $(COMPATLIB) ../lib/argus_common.a $(XDRLIBS) +LIB = ../lib/argus_common.a @LIBS@ @V_THREADS@ $(WRAPLIBS) $(SASLLIBS) $(COMPATLIB) HDR = pcap.h pcap-int.h pcap-namedb.h pcap-nit.h pcap-pf.h \ ethertype.h gencode.h gnuc.h diff --git a/argus/argus.c b/argus/argus.c index 72baeee..ef68409 100644 --- a/argus/argus.c +++ b/argus/argus.c @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - main argus processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - Main argus processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,8 +24,14 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/argus.c#18 $ + * $DateTime: 2016/10/27 18:40:41 $ + * $Change: 3232 $ + */ + /* - * argus.c - Audit Record Generation and Utilization System + * argus - Audit Record Generation and Utilization System * * written by Carter Bullard * QoSient LLC @@ -780,7 +786,10 @@ ArgusComplete () #define ARGUSPERFMETRICS 1 #if defined(ARGUSPERFMETRICS) - long long ArgusTotalPkts = 0; +/* + long long ArgusTotalPkts = 0, ArgusTotalIPPkts = 0; + long long ArgusTotalNonIPPkts = 0; +*/ struct timeval timediff; double totaltime; int i, len; @@ -803,6 +812,9 @@ ArgusComplete () if (ArgusSourceTask->ArgusInterface[i].ArgusDevice != NULL) { /* ArgusTotalPkts += ArgusSourceTask->ArgusInterface[i].ArgusTotalPkts; + ArgusTotalIPPkts += ArgusSourceTask->ArgusInterface[i].ArgusTotalIPPkts; + ArgusTotalNonIPPkts += ArgusSourceTask->ArgusInterface[i].ArgusTotalNonIPPkts; +*/ } } if (ArgusSourceTask->ArgusEndTime.tv_sec == 0) @@ -811,6 +823,8 @@ ArgusComplete () if (ArgusSourceTask->ArgusStartTime.tv_sec == 0) ArgusSourceTask->ArgusStartTime = ArgusSourceTask->ArgusEndTime; + bzero(buf, sizeof(buf)); + timediff.tv_sec = ArgusSourceTask->ArgusEndTime.tv_sec - ArgusSourceTask->ArgusStartTime.tv_sec; timediff.tv_usec = ArgusSourceTask->ArgusEndTime.tv_usec - ArgusSourceTask->ArgusStartTime.tv_usec; @@ -829,8 +843,6 @@ ArgusComplete () totaltime = (double) timediff.tv_sec + (((double) timediff.tv_usec)/1000000.0); #endif - sprintf (buf, "%s\n Total Pkts %8lld Rate %f\n", "Total", ArgusTotalPkts, ArgusTotalPkts/totaltime); - for (i = 0; i < ARGUS_MAXINTERFACE; i++) { char sbuf[MAXSTRLEN]; if (ArgusSourceTask->ArgusInterface[i].ArgusDevice != NULL) { @@ -909,16 +921,14 @@ int ArgusShutDownSig = 0; void ArgusBacktrace (void) { -#if defined(HAVE_BACKTRACE) - void* callstack[128]; - int i, frames = backtrace(callstack, 128); - char** strs = backtrace_symbols(callstack, frames); + void* callstack[128]; + int i, frames = backtrace(callstack, 128); + char** strs = backtrace_symbols(callstack, frames); - for (i = 0; i < frames; ++i) { - ArgusLog(LOG_WARNING, "%s", strs[i]); - } - free(strs); -#endif + for (i = 0; i < frames; ++i) { + ArgusLog(LOG_WARNING, "%s", strs[i]); + } + free(strs); } #endif @@ -928,10 +938,12 @@ ArgusScheduleShutDown (int sig) ArgusSourceTask->status |= ARGUS_SHUTDOWN; #ifdef ARGUSDEBUG +#if defined(HAVE_BACKTRACE) if (Argusdflag > 1) { ArgusLog(LOG_WARNING, "ArgusScheduleShutDown(%d)", sig); ArgusBacktrace(); } +#endif ArgusShutDownSig = sig; ArgusShutDownFlag++; @@ -943,11 +955,13 @@ static void ArgusShutDown (void) { #if defined(ARGUSDEBUG) +#if defined(HAVE_BACKTRACE) if (Argusdflag > 1) { ArgusLog(LOG_WARNING, "ArgusShutDown(%d)", ArgusShutDownSig); ArgusBacktrace(); } #endif +#endif #ifdef ARGUSDEBUG @@ -1042,66 +1056,68 @@ getArguspidflag () #define ARGUS_RCITEMS 62 -#define ARGUS_DAEMON 0 -#define ARGUS_MONITOR_ID 1 -#define ARGUS_ACCESS_PORT 2 -#define ARGUS_INTERFACE 3 -#define ARGUS_OUTPUT_FILE 4 -#define ARGUS_SET_PID 5 -#define ARGUS_PID_PATH 6 -#define ARGUS_GO_PROMISCUOUS 7 -#define ARGUS_FLOW_STATUS_INTERVAL 8 -#define ARGUS_MAR_STATUS_INTERVAL 9 -#define ARGUS_CAPTURE_DATA_LEN 10 -#define ARGUS_GENERATE_START_RECORDS 11 -#define ARGUS_GENERATE_RESPONSE_TIME_DATA 12 -#define ARGUS_GENERATE_JITTER_DATA 13 -#define ARGUS_GENERATE_MAC_DATA 14 -#define ARGUS_DEBUG_LEVEL 15 -#define ARGUS_FILTER_OPTIMIZER 16 -#define ARGUS_FILTER 17 -#define ARGUS_PACKET_CAPTURE_FILE 18 -#define ARGUS_PACKET_CAPTURE_ON_ERROR 19 -#define ARGUS_BIND_IP 20 -#define ARGUS_MIN_SSF 21 -#define ARGUS_MAX_SSF 22 -#define ARGUS_COLLECTOR 23 -#define ARGUS_FLOW_TYPE 24 -#define ARGUS_FLOW_KEY 25 -#define ARGUS_GENERATE_APPBYTE_METRIC 26 -#define ARGUS_CHROOT_DIR 27 -#define ARGUS_SETUSER_ID 28 -#define ARGUS_SETGROUP_ID 29 -#define ARGUS_GENERATE_TCP_PERF_METRIC 30 -#define ARGUS_GENERATE_BIDIRECTIONAL_TIMESTAMPS 31 -#define ARGUS_GENERATE_PACKET_SIZE 32 -#define ARGUS_ENV 33 -#define ARGUS_CAPTURE_FULL_CONTROL_DATA 34 -#define ARGUS_SELF_SYNCHRONIZE 35 -#define ARGUS_EVENT_DATA 36 -#define ARGUS_JITTER_HISTOGRAM 37 -#define ARGUS_OUTPUT_STREAM 38 -#define ARGUS_KEYSTROKE 39 -#define ARGUS_KEYSTROKE_CONF 40 -#define ARGUS_TUNNEL_DISCOVERY 41 -#define ARGUS_IP_TIMEOUT 42 -#define ARGUS_TCP_TIMEOUT 43 -#define ARGUS_ICMP_TIMEOUT 44 -#define ARGUS_IGMP_TIMEOUT 45 -#define ARGUS_FRAG_TIMEOUT 46 -#define ARGUS_ARP_TIMEOUT 47 -#define ARGUS_OTHER_TIMEOUT 48 -#define ARGUS_TRACK_DUPLICATES 49 -#define ARGUS_PCAP_BUF_SIZE 50 -#define ARGUS_GRE_PARSING 51 -#define ARGUS_VXLAN_PARSING 52 -#define ARGUS_GENERATE_FLOWID 53 -#define ARGUS_GENERATE_HASH_METRICS 54 -#define ARGUS_MONITOR_ID_INCLUDE_INF 55 -#define ARGUS_REPORT_STATUS 56 -#define ARGUS_DEDUP 57 -#define ARGUS_DEDUP_TIME 58 - +#define ARGUS_MONITOR_ID 0 +#define ARGUS_MONITOR_ID_INCLUDE_INF 1 +#define ARGUS_DAEMON 2 +#define ARGUS_ACCESS_PORT 3 +#define ARGUS_INTERFACE 4 +#define ARGUS_OUTPUT_FILE 5 +#define ARGUS_SET_PID 6 +#define ARGUS_PID_PATH 7 +#define ARGUS_GO_PROMISCUOUS 8 +#define ARGUS_FLOW_STATUS_INTERVAL 9 +#define ARGUS_MAR_STATUS_INTERVAL 10 +#define ARGUS_CAPTURE_DATA_LEN 11 +#define ARGUS_GENERATE_START_RECORDS 12 +#define ARGUS_GENERATE_RESPONSE_TIME_DATA 13 +#define ARGUS_GENERATE_JITTER_DATA 14 +#define ARGUS_GENERATE_MAC_DATA 15 +#define ARGUS_DEBUG_LEVEL 16 +#define ARGUS_FILTER_OPTIMIZER 17 +#define ARGUS_FILTER 18 +#define ARGUS_PACKET_CAPTURE_FILE 19 +#define ARGUS_PACKET_CAPTURE_ON_ERROR 20 +#define ARGUS_BIND_IP 21 +#define ARGUS_MIN_SSF 22 +#define ARGUS_MAX_SSF 23 +#define ARGUS_COLLECTOR 24 +#define ARGUS_FLOW_TYPE 25 +#define ARGUS_FLOW_KEY 26 +#define ARGUS_GENERATE_APPBYTE_METRIC 27 +#define ARGUS_CHROOT_DIR 28 +#define ARGUS_SETUSER_ID 29 +#define ARGUS_SETGROUP_ID 30 +#define ARGUS_GENERATE_TCP_PERF_METRIC 31 +#define ARGUS_GENERATE_BIDIRECTIONAL_TIMESTAMPS 32 +#define ARGUS_GENERATE_PACKET_SIZE 33 +#define ARGUS_ENV 34 +#define ARGUS_CAPTURE_FULL_CONTROL_DATA 35 +#define ARGUS_SELF_SYNCHRONIZE 36 +#define ARGUS_EVENT_DATA 37 +#define ARGUS_JITTER_HISTOGRAM 38 +#define ARGUS_OUTPUT_STREAM 39 +#define ARGUS_KEYSTROKE 40 +#define ARGUS_KEYSTROKE_CONF 41 +#define ARGUS_TUNNEL_DISCOVERY 42 +#define ARGUS_IP_TIMEOUT 43 +#define ARGUS_TCP_TIMEOUT 44 +#define ARGUS_ICMP_TIMEOUT 45 +#define ARGUS_IGMP_TIMEOUT 46 +#define ARGUS_FRAG_TIMEOUT 47 +#define ARGUS_ARP_TIMEOUT 48 +#define ARGUS_OTHER_TIMEOUT 49 +#define ARGUS_TRACK_DUPLICATES 50 +#define ARGUS_PCAP_BUF_SIZE 51 +#define ARGUS_OS_FINGERPRINTING 52 +#define ARGUS_CONTROLPLANE_PROTO 53 +#define ARGUS_PCAP_DISPATCH_NUM 54 +#define ARGUS_HASHTABLE_SIZE 55 +#define ARGUS_GENERATE_HASH_METRICS 56 +#define ARGUS_INTERFACE_SCAN_INTERVAL 57 +#define ARGUS_LOG_DISPLAY_PRIORITY 58 +#define ARGUS_MAR_INTERFACE_INTERVAL 59 +#define ARGUS_TIMESTAMP_TYPE 60 +#define ARGUS_DEDUP 61 char *ArgusResourceFileStr [ARGUS_RCITEMS] = { @@ -1157,14 +1173,16 @@ char *ArgusResourceFileStr [ARGUS_RCITEMS] = { "ARGUS_OTHER_TIMEOUT=", "ARGUS_TRACK_DUPLICATES=", "ARGUS_PCAP_BUF_SIZE=", - "ARGUS_GRE_PARSING=", - "ARGUS_VXLAN_PARSING=", - "ARGUS_GENERATE_FLOWID=", + "ARGUS_OS_FINGERPRINTING=", + "ARGUS_CONTROLPLANE_PROTO=", + "ARGUS_PCAP_DISPATCH_NUM=", + "ARGUS_HASHTABLE_SIZE=", "ARGUS_GENERATE_HASH_METRICS=", - "ARGUS_MONITOR_ID_INCLUDE_INF=", - "ARGUS_REPORT_STATUS=", - "ARGUS_DEDUP=", - "ARGUS_DEDUP_TIME=", + "ARGUS_INTERFACE_SCAN_INTERVAL=", + "ARGUS_LOG_DISPLAY_PRIORITY=", + "ARGUS_MAR_INTERFACE_INTERVAL=", + "ARGUS_TIMESTAMP_TYPE=", + "ARGUS_DEDUDEDUP=", }; @@ -1801,23 +1819,6 @@ ArgusParseResourceFile (struct ArgusModelerStruct *model, char *file, setArgusTunnelDiscovery(model, 0); break; } - - case ARGUS_GRE_PARSING: { - if (!(strncasecmp(optarg, "yes", 3))) - setArgusGreParsing(model, 1); - else - setArgusGreParsing(model, 0); - break; - } - - case ARGUS_VXLAN_PARSING: { - if (!(strncasecmp(optarg, "yes", 3))) - setArgusVxLanParsing(model, 1); - else - setArgusVxLanParsing(model, 0); - break; - } - case ARGUS_TRACK_DUPLICATES: { if (!(strncasecmp(optarg, "yes", 3))) setArgusTrackDuplicates(model, 1); @@ -2180,7 +2181,6 @@ setArgusEventDataRecord (char *ptr) event->status |= ARGUS_ZLIB_COMPRESS; if (!(strncmp(pp, "compress2", 9))) event->status |= ARGUS_ZLIB_COMPRESS2; - free (pp); } ArgusPushFrontList(ArgusEventsTask->ArgusEventsList, (struct ArgusListRecord *) event, ARGUS_LOCK); diff --git a/argus/argus.h b/argus/argus.h index 61e4121..8188b29 100644 --- a/argus/argus.h +++ b/argus/argus.h @@ -1,6 +1,6 @@ /* - * Argus Software. Argus files - main argus includes - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Argus files - main argus includes + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,13 @@ * */ +/* + * $Id: //depot/gargoyle/argus/argus/argus.h#7 $ + * $DateTime: 2016/10/04 10:36:36 $ + * $Change: 3213 $ + */ + + /* argus.h */ #include @@ -111,10 +118,9 @@ int ArgusMaxSsf = 0; int ArgusMinSsf = 0; #endif -void ArgusBacktrace (void); - char *ArgusProgramName = NULL; void ArgusLoop (void); +void ArgusBacktrace (void); void ArgusScheduleShutDown (int); void usage(void); @@ -168,8 +174,6 @@ extern int ArgusMaxSsf; extern int ArgusMinSsf; #endif -extern void ArgusBacktrace (void); - extern void usage(void); extern void ArgusLog (int, char *, ...); extern void ArgusComplete (void); diff --git a/bin/argusbug b/bin/argusbug index 0841c29..0f7cd07 100755 --- a/bin/argusbug +++ b/bin/argusbug @@ -1,7 +1,4 @@ #!/bin/sh -# Argus Software. Bug Report -# Copyright (c) 2000-2020 QoSient, LLC -# All rights reserved. # # Argus-5.0 Software. Bug Report # Copyright (c) 2000-2024 QoSient, LLC diff --git a/common/Makefile.in b/common/Makefile.in index 675ce8f..db5c9bb 100755 --- a/common/Makefile.in +++ b/common/Makefile.in @@ -1,6 +1,6 @@ -# -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# +# Argus-5.0 Software. Common files - Makefile.in +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General @@ -45,7 +45,9 @@ VPATH = @srcdir@ CC = @CC@ CCOPT = @V_CCOPT@ -INCLS = -I$(srcdir) @V_INCLS@ -I$(srcdir)/../include -I$(srcdir)/../argus @XDR_INCLS@ +ARCH = @V_ARCH@ +INCLS = -I$(srcdir) @V_INCLS@ @XDR_INCLS@ -I$(srcdir)/../include -I$(srcdir)/../argus + DEFS = @DEFS@ # Standard CFLAGS diff --git a/common/argus_auth.c b/common/argus_auth.c index 966e184..e5b72f2 100644 --- a/common/argus_auth.c +++ b/common/argus_auth.c @@ -1,6 +1,6 @@ /* - * Argus Software. Common library routines - Authentication - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common library routines - Authentication + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/common/argus_code.c b/common/argus_code.c index 42b798f..05108ef 100644 --- a/common/argus_code.c +++ b/common/argus_code.c @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common library routines - Filter code + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -45,6 +45,11 @@ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. */ +/* + * $Id: //depot/gargoyle/argus/common/argus_code.c#7 $ + * $DateTime: 2015/06/22 18:22:35 $ + * $Change: 3025 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/common/argus_filter.c b/common/argus_filter.c index df73115..d264a39 100644 --- a/common/argus_filter.c +++ b/common/argus_filter.c @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common library routines - Filter processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -65,6 +65,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/common/argus_filter.c#6 $ + * $DateTime: 2016/09/18 16:32:53 $ + * $Change: 3186 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" diff --git a/common/argus_util.c b/common/argus_util.c index 84b6df1..81bd61a 100644 --- a/common/argus_util.c +++ b/common/argus_util.c @@ -1,6 +1,6 @@ /* - * Argus Software. Common library routines - Utilities - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common library routines - Utilities + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/common/argus_util.c#13 $ + * $DateTime: 2016/10/27 18:40:41 $ + * $Change: 3232 $ + */ #ifdef HAVE_CONFIG_H #include "argus_config.h" @@ -2589,9 +2594,7 @@ RaParseCIDRAddr (struct ArgusParserStruct *parser, char *addr) case AF_INET6: { unsigned short *val = (unsigned short *)&retn->addr; - int asize = sizeof(retn->addr); - int ssize = sizeof(unsigned short); - int ind = 0, len = asize/ssize; + int ind = 0, len = sizeof(retn->addr)/(sizeof(unsigned short)); int fsecnum = 8, lsecnum = 0, rsecnum = 0, i, masklen; char *sstr = NULL, *ipv4addr = NULL; diff --git a/common/grammar.y b/common/grammar.y index 8f2f7a9..1918bad 100755 --- a/common/grammar.y +++ b/common/grammar.y @@ -1,6 +1,6 @@ %{ -/* Argus Software - * Copyright (c) 2000-2020 QoSient, LLC +/* Argus-5.0 Software. Common library routines - Grammar files + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -8,6 +8,23 @@ * of the GNU General Public License as published by the Free Software * Foundation; either version 3, or any later version. * + * Other licenses are available through QoSient, LLC. + * Inquire at info@qosient.com. + * + * This program is distributed WITHOUT ANY WARRANTY; without even the + * implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + * See the * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * + * Written by Carter Bullard + * QoSient, LLC + * + * $Id: //depot/gargoyle/argus/common/grammar.y#6 $ + * $DateTime: 2015/06/22 17:59:06 $ + * $Change: 3024 $ */ /* * Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994 diff --git a/common/scanner.l b/common/scanner.l index 0e08f1d..f2376b9 100755 --- a/common/scanner.l +++ b/common/scanner.l @@ -1,6 +1,6 @@ %{ -/* Argus Software - * Copyright (c) 2000-2020 QoSient, LLC +/* Argus-5.0 Software + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software; you can redistribute it and/or modify @@ -17,6 +17,9 @@ * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. * + * $Id: //depot/gargoyle/argus/common/scanner.l#5 $ + * $DateTime: 2015/06/22 18:22:35 $ + * $Change: 3025 $ */ /* diff --git a/configure b/configure index d7985d0..6ef8fe2 100755 --- a/configure +++ b/configure @@ -607,7 +607,7 @@ PACKAGE_TARNAME='argus' PACKAGE_VERSION='5.0.0' PACKAGE_STRING='Argus-5.0 Server Programs 5.0.0' PACKAGE_BUGREPORT='bug-report@qosient.com' -PACKAGE_URL='http://openargus.org' +PACKAGE_URL='http://qosient.com/argus' ac_unique_file="argus/argus.c" ac_default_prefix=/usr/local @@ -648,8 +648,8 @@ enable_year2038=no ac_subst_vars='LTLIBOBJS INSTALL_BIN INSTALL_LIB -LIB_XDR XDR_INCLS +LIB_XDR COMPATLIB WRAPLIBS V_THREADS @@ -1434,7 +1434,7 @@ Use these variables to override the choices made by 'configure' or to help it to find libraries and programs with nonstandard names/locations. Report bugs to . -Argus Server Programs home page: . +Argus-5.0 Server Programs home page: . _ACEOF ac_status=$? fi @@ -1738,237 +1738,6 @@ fi } # ac_fn_c_try_cpp -# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists, giving a warning if it cannot be compiled using -# the include files in INCLUDES and setting the cache variable VAR -# accordingly. -ac_fn_c_check_header_mongrel () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if eval \${$3+:} false; then : - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -else - # Is the header compilable? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 -$as_echo_n "checking $2 usability... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - ac_header_compiler=yes -else - ac_header_compiler=no -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 -$as_echo "$ac_header_compiler" >&6; } - -# Is the header present? -{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 -$as_echo_n "checking $2 presence... " >&6; } -cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -#include <$2> -_ACEOF -if ac_fn_c_try_cpp "$LINENO"; then : - ac_header_preproc=yes -else - ac_header_preproc=no -fi -rm -f conftest.err conftest.i conftest.$ac_ext -{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 -$as_echo "$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( - yes:no: ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 -$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} - ;; - no:yes:* ) - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 -$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 -$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 -$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 -$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} - { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 -$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} -( $as_echo "## ------------------------------------- ## -## Report this to bug-report@qosient.com ## -## ------------------------------------- ##" - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - eval "$3=\$ac_header_compiler" -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } -fi - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_mongrel - -# ac_fn_c_try_run LINENO -# ---------------------- -# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes -# that executables *can* be run. -ac_fn_c_try_run () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - if { { ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' - { { case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" -$as_echo "$ac_try_echo"; } >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; }; then : - ac_retval=0 -else - $as_echo "$as_me: program exited with status $ac_status" >&5 - $as_echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_retval=$ac_status -fi - rm -rf conftest.dSYM conftest_ipa8_conftest.oo - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - as_fn_set_status $ac_retval - -} # ac_fn_c_try_run - -# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES -# ------------------------------------------------------- -# Tests whether HEADER exists and can be compiled using the include files in -# INCLUDES, setting the cache variable VAR accordingly. -ac_fn_c_check_header_compile () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -$4 -#include <$2> -_ACEOF -if ac_fn_c_try_compile "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_header_compile - -# ac_fn_c_check_func LINENO FUNC VAR -# ---------------------------------- -# Tests whether FUNC exists, setting the cache variable VAR accordingly -ac_fn_c_check_func () -{ - as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack - { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 -$as_echo_n "checking for $2... " >&6; } -if eval \${$3+:} false; then : - $as_echo_n "(cached) " >&6 -else - cat confdefs.h - <<_ACEOF >conftest.$ac_ext -/* end confdefs.h. */ -/* Define $2 to an innocuous variant, in case declares $2. - For example, HP-UX 11i declares gettimeofday. */ -#define $2 innocuous_$2 - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $2 (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $2 - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $2 (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$2 || defined __stub___$2 -choke me -#endif - -int -main () -{ -return $2 (); - ; - return 0; -} -_ACEOF -if ac_fn_c_try_link "$LINENO"; then : - eval "$3=yes" -else - eval "$3=no" -fi -rm -f core conftest.err conftest.$ac_objext \ - conftest$ac_exeext conftest.$ac_ext -fi -eval ac_res=\$$3 - { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 -$as_echo "$ac_res" >&6; } - eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno - -} # ac_fn_c_check_func - # ac_fn_c_find_intX_t LINENO BITS VAR # ----------------------------------- # Finds a signed integer type with width BITS, setting cache variable VAR @@ -4445,13 +4214,14 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu V_CCOPT="-O3" else ac_cv_lbl_gcc_vers=0 - { $as_echo "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5 -$as_echo_n "checking gcc version... " >&6; } - if ${ac_cv_lbl_gcc_vers+:} false; then : - $as_echo_n "(cached) " >&6 -else - ac_cv_lbl_gcc_vers=`$CC --version 2>&1 | \ - sed -e '/^ version /!d' \ + { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking gcc version" >&5 +printf %s "checking gcc version... " >&6; } + if test ${ac_cv_lbl_gcc_vers+y} +then : + printf %s "(cached) " >&6 +else case e in #( + e) ac_cv_lbl_gcc_vers=`$CC -v 2>&1 | \ + sed -e '/^gcc version /!d' \ -e 's/^gcc version //' \ -e 's/ .*//' -e 's/^[^0-9]*//' \ -e 's/\..*//'` ;; @@ -7875,10 +7645,8 @@ else case e in #( # include # include # include -# include -# include unsigned char a[5] = { 1, 2, 3, 4, 5 }; - int main() { + main() { unsigned int i; pid_t pid; int status; @@ -7956,17 +7724,6 @@ rm -f os-proto.h ;; esac fi - for ac_func in backtrace -do : - ac_fn_c_check_func "$LINENO" "backtrace" "ac_cv_func_backtrace" -if test "x$ac_cv_func_backtrace" = xyes; then : - cat >>confdefs.h <<_ACEOF -#define HAVE_BACKTRACE 1 -_ACEOF - -fi -done - fi if test -f .debug ; then @@ -9596,14 +9353,18 @@ fi fi -for ac_func in openlog syslog -do : - as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` -ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" -if eval test \"x\$"$as_ac_var"\" = x"yes"; then : - cat >>confdefs.h <<_ACEOF -#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF + +ac_fn_c_check_func "$LINENO" "backtrace" "ac_cv_func_backtrace" +if test "x$ac_cv_func_backtrace" = xyes +then : + printf "%s\n" "#define HAVE_BACKTRACE 1" >>confdefs.h + +fi + +ac_fn_c_check_func "$LINENO" "openlog" "ac_cv_func_openlog" +if test "x$ac_cv_func_openlog" = xyes +then : + printf "%s\n" "#define HAVE_OPENLOG 1" >>confdefs.h fi ac_fn_c_check_func "$LINENO" "syslog" "ac_cv_func_syslog" @@ -10649,7 +10410,9 @@ INSTALL_BIN="../bin" -ac_config_files="$ac_config_files Makefile ./common/Makefile ./argus/Makefile ./events/Makefile" + + +ac_config_files="$ac_config_files Makefile ./common/Makefile ./argus/Makefile ./events/Makefile ./lib/argus.spec" cat >confcache <<\_ACEOF @@ -11217,7 +10980,7 @@ Configuration headers: $config_headers Report bugs to . -Argus Server Programs home page: ." +Argus-5.0 Server Programs home page: ." _ACEOF ac_cs_config=`printf "%s\n" "$ac_configure_args" | sed "$ac_safe_unquote"` diff --git a/configure.ac b/configure.ac index e84f4c4..d2597b6 100644 --- a/configure.ac +++ b/configure.ac @@ -1,6 +1,6 @@ # -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# Argus-5.0 Software. Tools to read, analyze and manage Argus data. +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General @@ -21,8 +21,11 @@ # # Process this file with autoconf to produce a configure script. -AC_PREREQ(2.61) -AC_INIT([Argus Server Programs], [3.0.8], [bug-report@qosient.com], [argus], [http://openargus.org]) +AC_PREREQ([2.69]) +AC_INIT([Argus-5.0 Server Programs],[5.0.0],[bug-report@qosient.com],[argus],[http://qosient.com/argus]) +PACKAGE_RELEASE='3.8' +ARGUSPRO_VERSION='1.0' +AC_DEFINE([ARGUSPRO_VERSION_STRING], ["1.0"], [Product version number string]) AC_CONFIG_SRCDIR([argus/argus.c]) AC_CONFIG_AUX_DIR([config]) AC_CONFIG_HEADERS([include/argus_config.h]) @@ -138,6 +141,8 @@ AC_FUNC_STAT AC_FUNC_STRFTIME AC_FUNC_STRTOD + +AC_CHECK_FUNCS(backtrace) AC_CHECK_FUNCS(openlog syslog) AC_CHECK_FUNCS(vfprintf strlcpy) AC_CHECK_FUNCS(strftime) @@ -455,8 +460,6 @@ AC_SUBST(V_PERL) AC_SUBST(V_THREADS) AC_SUBST(WRAPLIBS) AC_SUBST(COMPATLIB) -AC_SUBST(XDR_INCLS) -AC_SUBST(LIB_XDR) AC_SUBST(LIB_SASL) AC_SUBST(LIB_XDR) AC_SUBST(XDR_INCLS) diff --git a/debian/copyright b/debian/copyright index 7c961be..aef83b3 100644 --- a/debian/copyright +++ b/debian/copyright @@ -3,7 +3,7 @@ Upstream-Name: argus Source: http://qosient.com/argus Files: * -Copyright: 2000-2020 QoSient, LLC Carter Bullard +Copyright: 2000-2014 Carter Bullard License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -23,7 +23,7 @@ License: GPL-2+ # If you want to use GPL v2 or later for the /debian/* files use # the following clauses, or change it to suit. Delete these two lines Files: debian/* -Copyright: 2020 QoSient, LLC Carter Bullard +Copyright: 2014 Carter Bullard License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by diff --git a/doc/README b/doc/README index 8ae83e9..c411a0e 100644 --- a/doc/README +++ b/doc/README @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. namedb + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,8 +24,8 @@ * */ -All documenation for argus-3.0 can be found on the argus home website: - http://openargus.org/ +All documenation for argus-5.0 can be found on the argus home website: + http://qosient.com/argus/ If you find that any documentation is either not current, or incorrect, please don't hesitate to send email to the argus developers mailing list, diff --git a/events/Makefile.in b/events/Makefile.in index 2a1783c..cc1e8a6 100755 --- a/events/Makefile.in +++ b/events/Makefile.in @@ -1,6 +1,6 @@ -# -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# +# Argus-5.0 Software. Argus Event files - Makefile.in +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General diff --git a/events/README b/events/README index ae97515..afe8d1f 100644 --- a/events/README +++ b/events/README @@ -1,12 +1,11 @@ -/* - * Argus Software - README - * Copyright (c) 2000-2020 QoSient, LLC - * All rights reserved. - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2, or (at your option) - * any later version. +# +# Argus-5.0 Software. Argus event files - README +# Copyright (c) 2000-2024 QoSient, LLC +# All rights reserved. +# +# Written by Carter Bullard +# QoSient, LLC +# Argus-5.0 Event Examples QoSient, LLC diff --git a/events/argus-extip.pl b/events/argus-extip.pl index fc800f8..c744d9c 100755 --- a/events/argus-extip.pl +++ b/events/argus-extip.pl @@ -1,7 +1,7 @@ #!@PERLBIN@ # -# Argus Software -# Copyright (c) 2006-2020 QoSient, LLC +# Argus-5.0 Software. Argus Event scripts - argus-extip +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General diff --git a/events/argus-lsof.pl b/events/argus-lsof.pl index feb7483..1370d79 100755 --- a/events/argus-lsof.pl +++ b/events/argus-lsof.pl @@ -1,7 +1,7 @@ #!@PERLBIN@ # -# Argus Software -# Copyright (c) 2006-2020 QoSient, LLC +# Argus-5.0 Software. Argus Event scripts - argus-lsof +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General diff --git a/events/argus-snmp.sh b/events/argus-snmp.sh index ae0be8e..ef88cce 100755 --- a/events/argus-snmp.sh +++ b/events/argus-snmp.sh @@ -1,7 +1,7 @@ #!/bin/sh # -# Argus Software -# Copyright (c) 2006-2020 QoSient, LLC +# Argus-5.0 Software. Argus Event scripts - snmp +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General @@ -28,8 +28,10 @@ # so, be sure and change the community string for snmp agent access # and pick the interfaces of interest. # -# Carter Bullard -# QoSient, LLC +# +# $Id: //depot/gargoyle/argus/events/argus-snmp.sh#5 $ +# $DateTime: 2015/04/13 00:39:28 $ +# $Change: 2980 $ # prog="/usr/bin/snmpwalk -Os -c qosient -v 2c 10.0.1.1" diff --git a/events/argus-vmstat.sh b/events/argus-vmstat.sh index 3295152..f58f0ba 100755 --- a/events/argus-vmstat.sh +++ b/events/argus-vmstat.sh @@ -1,7 +1,7 @@ #!/bin/bash # -# Argus Software -# Copyright (c) 2006-2020 QoSient, LLC +# Argus-5.0 Software. Argus Event scripts - vmstat +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General @@ -27,8 +27,10 @@ # This example is provided to show how you can format most programs # to get to the XML oriented output used by the argus events system. # -# Carter Bullard -# QoSient, LLC +# +# $Id: //depot/gargoyle/argus/events/argus-vmstat.sh#5 $ +# $DateTime: 2015/04/13 00:39:28 $ +# $Change: 2980 $ # output=`vm_stat | sed -e 's/"//g' -e 's/\.//' -e 's/: */:/' | \ diff --git a/include/argus-namedb.h b/include/argus-namedb.h index 6f0441d..6400e29 100644 --- a/include/argus-namedb.h +++ b/include/argus-namedb.h @@ -1,6 +1,6 @@ /* - * Argus Software. Common include files. namedb - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. namedb + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus/CflowdFlowPdu.h b/include/argus/CflowdFlowPdu.h index da6820e..4e1f410 100644 --- a/include/argus/CflowdFlowPdu.h +++ b/include/argus/CflowdFlowPdu.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. namedb + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus/cons_def.h b/include/argus/cons_def.h index 3d43b88..024f911 100644 --- a/include/argus/cons_def.h +++ b/include/argus/cons_def.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. cons_def + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -46,6 +46,14 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/argus/cons_def.h#5 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + + + /* 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 diff --git a/include/argus/cons_out.h b/include/argus/cons_out.h index bd97dde..36c650c 100644 --- a/include/argus/cons_out.h +++ b/include/argus/cons_out.h @@ -1,6 +1,6 @@ /* - * Argus Software. Common include files. cons_out.h - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. cons_out.h + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/argus/cons_out.h#5 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + #if !defined(cons_out_h) #define cons_out_h diff --git a/include/argus/extract.h b/include/argus/extract.h index b17294f..9950b5c 100644 --- a/include/argus/extract.h +++ b/include/argus/extract.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Extract macros + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -46,6 +46,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/argus/extract.h#5 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + #ifdef TCPDUMP_ALIGN #if BYTEORDER == LITTLE_ENDIAN #define EXTRACT_SHORT(p)\ diff --git a/include/argus/fddi.h b/include/argus/fddi.h index 00c59e0..1bde331 100644 --- a/include/argus/fddi.h +++ b/include/argus/fddi.h @@ -1,6 +1,6 @@ /* - * Argus Software. Common include files. fddi.h - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. fddi.h + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -24,6 +24,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/argus/fddi.h#5 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + /* * Copyright (c) 1992, 1993, 1994 * The Regents of the University of California. All rights reserved. diff --git a/include/argus/gencode.h b/include/argus/gencode.h index bf943ed..6e0cc54 100644 --- a/include/argus/gencode.h +++ b/include/argus/gencode.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. gencode.h + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -46,6 +46,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/argus/gencode.h#5 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + /* * filter.h must be included before this file. */ diff --git a/include/argus/ieee802_11.h b/include/argus/ieee802_11.h index 5d11837..24a7d35 100644 --- a/include/argus/ieee802_11.h +++ b/include/argus/ieee802_11.h @@ -405,8 +405,10 @@ struct ieee80211_radiotap_header { * Additional extensions are made * by setting bit 31. */ +//} __attribute__((__packed__, __aligned__(2))); }; + struct ieee80211_xchannel { u_int32_t bitmap; u_int16_t mhz; diff --git a/include/argus_client.h b/include/argus_client.h index 0641e22..96db5c7 100644 --- a/include/argus_client.h +++ b/include/argus_client.h @@ -1,7 +1,7 @@ /* - * Argus Software. Common include files. Client - * Copyright (C) 2000-2020 QoSient, LLC. - * All Rights Reserved + * Argus-5.0 Software. Common include files. Client + * Copyright (c) 2000-2024 QoSient, LLC + * All rights reserved. * * This program is free software, released under the GNU General * Public License; you can redistribute it and/or modify it under the terms diff --git a/include/argus_compat.h b/include/argus_compat.h index 8819d02..3707abb 100644 --- a/include/argus_compat.h +++ b/include/argus_compat.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Compatibility + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_dag.h b/include/argus_dag.h index 5510433..f24e4e4 100644 --- a/include/argus_dag.h +++ b/include/argus_dag.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Endace Dag support + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_debug.h b/include/argus_debug.h index b3aed45..425939a 100644 --- a/include/argus_debug.h +++ b/include/argus_debug.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Debug support + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_def.h b/include/argus_def.h index 56b26d3..6833307 100644 --- a/include/argus_def.h +++ b/include/argus_def.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Defines + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -1694,14 +1694,7 @@ extern "C" { #define ARGUS_SRC_VLAN 0x01 #define ARGUS_DST_VLAN 0x02 -/* VxLan Transport DSR Type */ -#define ARGUS_VXLAN_DSR 0x43 -#define ARGUS_VXLAN_INDEX 22 -#define ARGUS_SRC_VXLAN 0x01 -#define ARGUS_DST_VXLAN 0x02 - - /* Mpls Transport DSR Type */ #define ARGUS_MPLS_DSR 0x44 #define ARGUS_MPLS_INDEX 7 @@ -1736,7 +1729,7 @@ extern "C" { /* Argus Histogram DSR Type */ #define ARGUS_HISTO_DSR 0x47 -#define ARGUS_HISTO_INDEX 21 +#define ARGUS_HISTO_INDEX 18 /* Argus Histogram DSR Subtype */ #define ARGUS_HISTO_EXP 0x01 diff --git a/include/argus_dscodepoints.h b/include/argus_dscodepoints.h index 354d14c..a797ad7 100644 --- a/include/argus_dscodepoints.h +++ b/include/argus_dscodepoints.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. dscodepoints + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_encapsulations.h b/include/argus_encapsulations.h index 58a09e5..3fe2337 100644 --- a/include/argus_encapsulations.h +++ b/include/argus_encapsulations.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. L2 encapsulations + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -73,11 +73,8 @@ struct ArgusEncapsulationStruct { #define ARGUS_ENCAPS_UDT 0x800000 #define ARGUS_ENCAPS_SPI 0x1000000 #define ARGUS_ENCAPS_JUNIPER 0x2000000 -#define ARGUS_ENCAPS_ERSPAN_II 0x4000000 - -#define ARGUS_ENCAPS_AVSP 0x8000000 -#define ARGUS_ENCAPS_VXLAN 0x10000000 - +#define ARGUS_ENCAPS_VXLAN 0x4000000 +#define ARGUS_ENCAPS_L2TP 0x8000000 #if defined(ArgusUtil) struct ArgusEncapsulationStruct argus_encapsulations [] = { @@ -106,9 +103,8 @@ struct ArgusEncapsulationStruct argus_encapsulations [] = { { ARGUS_ENCAPS_TEREDO,"teredo", "Teredo IPV6 Tunneling"}, { ARGUS_ENCAPS_SPI, "enc", "IPsec Tunnel"}, { ARGUS_ENCAPS_JUNIPER, "juniper", "Juniper Ethernet"}, - { ARGUS_ENCAPS_ERSPAN_II, "erspan_ii", "Cisco ERSPAN II"}, - {ARGUS_ENCAPS_AVSP, "avsp", "Arista Vendor Specific Protocol"}, - {ARGUS_ENCAPS_VXLAN, "vxlan", "VxLan Encapsulation"}, + { ARGUS_ENCAPS_VXLAN, "vxlan", "VxLan Encapsulation"}, + { ARGUS_ENCAPS_L2TP, "l2tp", "L2TP Encapsulation"}, { 0, (char *) NULL, (char *) NULL }, }; diff --git a/include/argus_ethernames.h b/include/argus_ethernames.h index b353094..4aa582c 100644 --- a/include/argus_ethernames.h +++ b/include/argus_ethernames.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. ethernames + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_filter.h b/include/argus_filter.h index 8d05d21..f310e7d 100644 --- a/include/argus_filter.h +++ b/include/argus_filter.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Filter + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_gre.h b/include/argus_gre.h index 42c979b..8eefb7c 100644 --- a/include/argus_gre.h +++ b/include/argus_gre.h @@ -1,7 +1,7 @@ /* - * Argus Software. Common include files - output structures - * Copyright (C) 2000-2020 QoSient, LLC. - * All Rights Reserved + * Argus-5.0 Software. Common include files. Gre support + * Copyright (c) 2000-2024 QoSient, LLC + * All rights reserved. * * This program is free software, released under the GNU General * Public License; you can redistribute it and/or modify it under the terms diff --git a/include/argus_int.h b/include/argus_int.h index 1e7a122..43546c3 100644 --- a/include/argus_int.h +++ b/include/argus_int.h @@ -1,7 +1,7 @@ /* - * Argus Software. Common include files - interface - * Copyright (C) 2000-2020 QoSient, LLC. - * All Rights Reserved + * Argus-5.0 Software. Common include files. interface specs + * Copyright (c) 2000-2024 QoSient, LLC + * All rights reserved. * * This program is free software, released under the GNU General * Public License; you can redistribute it and/or modify it under the terms diff --git a/include/argus_isis.h b/include/argus_isis.h index 5e8a3ef..41ac23b 100644 --- a/include/argus_isis.h +++ b/include/argus_isis.h @@ -1,6 +1,6 @@ /* - * Argus Software Common include files - output structures - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. ISIS support + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_namedb.h b/include/argus_namedb.h index 1ac7abd..633de51 100644 --- a/include/argus_namedb.h +++ b/include/argus_namedb.h @@ -1,6 +1,6 @@ /* - * Argus Software Common include files - name database - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files - name database + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_os.h b/include/argus_os.h index f31ebaf..d57e8c8 100644 --- a/include/argus_os.h +++ b/include/argus_os.h @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. OS Specific defines + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_out.h b/include/argus_out.h index 9e3e2ce..20fee3d 100644 --- a/include/argus_out.h +++ b/include/argus_out.h @@ -1,6 +1,6 @@ /* - * Argus Software Common include files - output structures - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Output structures + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General @@ -678,12 +678,6 @@ struct ArgusVlanStruct { struct ArgusDSRHeader hdr; unsigned short sid, did; }; - -struct ArgusVxLanStruct { - struct ArgusDSRHeader hdr; - unsigned int svnid, dvnid; - struct ArgusFlow tflow; -}; struct ArgusMplsStruct { struct ArgusDSRHeader hdr; @@ -907,7 +901,6 @@ struct ArgusMarInfStruct { unsigned int status; struct ArgusAddrStruct srcid; struct ArgusTime startime, now; - struct ArgusMarInterfaceStruct *inf; }; @@ -996,7 +989,6 @@ struct ArgusCanonRecord { struct ArgusVxLanStruct vxlan; struct ArgusMacStruct mac; struct ArgusVlanStruct vlan; - struct ArgusVxLanStruct vxlan; struct ArgusMplsStruct mpls; struct ArgusIcmpStruct icmp; struct ArgusAgrStruct agr; diff --git a/include/argus_parse.h b/include/argus_parse.h index 26117a6..1bdad4f 100644 --- a/include/argus_parse.h +++ b/include/argus_parse.h @@ -1,6 +1,6 @@ /* - * Argus Software Common include files - parsing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Parsing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_parser.h b/include/argus_parser.h index ab62925..bfb7c2f 100644 --- a/include/argus_parser.h +++ b/include/argus_parser.h @@ -1,6 +1,6 @@ /* - * Argus Software Common include files - Parser - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Parser structs + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_udt.h b/include/argus_udt.h index b815e39..f489448 100644 --- a/include/argus_udt.h +++ b/include/argus_udt.h @@ -1,6 +1,6 @@ /* - * Argus Software. Common include files - UDT processing - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. UDT processing + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_util.h b/include/argus_util.h index 6a552d5..2c4e229 100644 --- a/include/argus_util.h +++ b/include/argus_util.h @@ -1,6 +1,6 @@ /* - * Argus Software. Common include files - Utilities - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Utilities + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/argus_v3_def.h b/include/argus_v3_def.h index 11aa807..46e7170 100644 --- a/include/argus_v3_def.h +++ b/include/argus_v3_def.h @@ -1,6 +1,6 @@ /* - * Argus Software. Common include files - Version 3 definitions - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. Version 3 definitions + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/include/net/etherdefs.h b/include/net/etherdefs.h index 5750f52..f25b05b 100644 --- a/include/net/etherdefs.h +++ b/include/net/etherdefs.h @@ -1,6 +1,6 @@ /* * Argus Software. Argus files - main argus processing - * Copyright (c) 2000-2020 QoSient, LLC + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software; you can redistribute it and/or modify @@ -19,6 +19,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/net/etherdefs.h#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ #ifndef _NET_ETHERNET_H_ #define _NET_ETHERNET_H_ diff --git a/include/net/slip.h b/include/net/slip.h index 2089ddc..9e80877 100644 --- a/include/net/slip.h +++ b/include/net/slip.h @@ -1,6 +1,6 @@ /* * Argus Software. Argus files - main argus processing - * Copyright (c) 2000-2020 QoSient, LLC + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software; you can redistribute it and/or modify @@ -19,6 +19,11 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/net/slip.h#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ /* linux does not give us the link level header */ #define SLIP_HDRLEN 16 diff --git a/include/netinet/rtp.h b/include/netinet/rtp.h index 0706dd5..1bc0c39 100644 --- a/include/netinet/rtp.h +++ b/include/netinet/rtp.h @@ -1,6 +1,6 @@ /* * Argus Software. Argus files - main argus processing - * Copyright (c) 2000-2020 QoSient, LLC + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software; you can redistribute it and/or modify @@ -19,6 +19,12 @@ * */ +/* + * $Id: //depot/gargoyle/argus/include/netinet/rtp.h#4 $ + * $DateTime: 2015/04/13 00:39:28 $ + * $Change: 2980 $ + */ + #ifndef _netinet_rtp_h #define _netinet_rtp_h diff --git a/lib/argus.spec.in b/lib/argus.spec.in index 6252063..5df29a1 100644 --- a/lib/argus.spec.in +++ b/lib/argus.spec.in @@ -8,7 +8,7 @@ Summary: Argus-5.0 Software Name: argus Version: %ver -Release: %{rel}%{dist} +Release: %rel%{dist} License: see COPYING file Group: Applications/Internet Source: %{name}-%{version}.%{rel}.tar%{srcext} @@ -27,7 +27,7 @@ Argus-5.0 is the latest release of Argus (Audit Record Generation And Utilizatio which is a data network transaction auditing tool. The data generated by argus can be used for a wide range of tasks such as network operations, security and performance management. -Copyright: (c) 2000-2020 QoSient, LLC +Copyright: (c) 2000-2024 QoSient, LLC %define argusdir /usr %define argusman /usr/share/man @@ -74,6 +74,7 @@ rm -rf $RPM_BUILD_ROOT %files %defattr(-,root,root) %{argussbin}/argus +%{argusbin}/argus-airport %{argusbin}/argus-extip %{argusbin}/argus-lsof %{argusbin}/argus-netstat diff --git a/man/man5/argus.conf.5 b/man/man5/argus.conf.5 index 48d028b..1f851a6 100755 --- a/man/man5/argus.conf.5 +++ b/man/man5/argus.conf.5 @@ -1,6 +1,6 @@ .\" -.\" Argus Software -.\" Copyright (c) 2000-2020 QoSient, LLC +.\" Gargoyle Software +.\" Copyright (c) 2000-2024 QoSient, LLC .\" All rights reserved. .\" .\" @@ -10,7 +10,7 @@ .SH SYNOPSIS .B argus.conf .SH COPYRIGHT -Copyright (c) 2000-2020 QoSient, LLC All rights reserved. +Copyright (c) 2000-2024 QoSient, LLC All rights reserved. .SH DESCRIPTION This is the canonical argus configuration file. All options that @@ -698,30 +698,9 @@ this on by default may generate false tunnel matching. The default is to not turn this feature on. -.nf -\fBARGUS_TUNNEL_DISCOVERY=\fPno -.fi - - -.SH ARGUS_GRE_PARSING - -Argus can be configured to parse through GRE tunnels, -and report on flows in the tunnel. -The default is to turn this feature off. .nf -\fBARGUS_GRE_PARSING=\fPno -.fi - - -.SH ARGUS_VXLAN_PARSING - -Argus can be configured to parse through VXLan tunnels, -which uses UDP to encapsulate ethernet frames. -The default is to turn this feature off. - -.nf -\fBARGUS_VXLAN_PARSING=\fPno +\fBARGUS_TUNNEL_DISCOVERY=\fPno .fi diff --git a/man/man8/argus.8 b/man/man8/argus.8 index d6b34f8..61ef065 100755 --- a/man/man8/argus.8 +++ b/man/man8/argus.8 @@ -1,6 +1,6 @@ .\" -.\" Argus Software -.\" Copyright (c) 2000-2020 QoSient, LLC +.\" Gargoyle Software +.\" Copyright (c) 2000-2024 QoSient, LLC .\" All rights reserved. .\" .TH ARGUS 8 "17 October 2016" "argus 5.0.3.0" @@ -14,7 +14,7 @@ argus \- audit record generation and utilization system .B filter expression ] .SH COPYRIGHT -Copyright (c) 2000-2020 QoSient, LLC All rights reserved. +Copyright (c) 2000-2024 QoSient, LLC All rights reserved. .SH DESCRIPTION .IX "argus command" "" "\fLargus\fP \(em Internet audit facility" .IX servers argus "" "\fLargus\fP \(em Internet audit facility" diff --git a/pkg/README b/pkg/README index 95b18df..3657ef7 100644 --- a/pkg/README +++ b/pkg/README @@ -6,7 +6,7 @@ /* * Argus Software. Tools to read, analyze and manage Argus data. - * Copyright (c) 2000-2020 QoSient, LLC + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software; you can redistribute it and/or modify diff --git a/pkg/argus.conf b/pkg/argus.conf index 34494ac..8da186e 100644 --- a/pkg/argus.conf +++ b/pkg/argus.conf @@ -1,6 +1,6 @@ # -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# Argus-5.0 Software +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # Example argus.conf diff --git a/pkg/init.d/argus b/pkg/init.d/argus index 6a161fd..af60991 100755 --- a/pkg/init.d/argus +++ b/pkg/init.d/argus @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright (c) 2000-2020 QoSient, LLC +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # Permission to use, copy, modify, and distribute this software and diff --git a/support/Archive/argusarchive b/support/Archive/argusarchive index f0a48bd..624c039 100755 --- a/support/Archive/argusarchive +++ b/support/Archive/argusarchive @@ -1,6 +1,7 @@ #!/bin/sh -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# +# Argus-5.0 Software. Argus Archive Script +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General diff --git a/support/Config/argus.conf b/support/Config/argus.conf index 5016a0c..82a12e4 100755 --- a/support/Config/argus.conf +++ b/support/Config/argus.conf @@ -1,6 +1,6 @@ # -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# Argus-5.0 Software +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # Example argus.conf @@ -457,25 +457,13 @@ ARGUS_FLOW_STATUS_INTERVAL=5 ARGUS_MAR_STATUS_INTERVAL=5 -# Argus has a number of flow cache timers that specify how long argus -# will 'remember' the cache of idle flows. When a flow cache is generated, -# it exists in the active flow status queue. When the status interval is -# 'done', the flow is reported, and the flow cache is placed on a protocol -# specific timeout queue. If new packets come in that match the flow cache, -# the cache is removed from the timeout queue, and placed back on the active -# status queue. Flows can go through this cycle indefinately. -# -# If the flow cache remains idle for the protocol specific timeout period, -# Argus will delete the flow, and 'forget' any information that it may have -# observed for the flow. +# Argus has a number of flow state timers that specify how long argus +# will 'remember' the caches of specific flows after they have gone +# idle. # -# The default values for specific protocols have been chosen to aggresively -# timeout flow caches for traditionally short lived flows to conserve memory -# utilization, and to provide retention of long lived flows, based on the -# average length of their idle period. -# -# Increasing timeout values will have an impact on argus memory use, so -# take care when modifying values. +# The default values have been chosen to aggresively timeout flow +# caches to conserve memory utilization. Increasing values can have +# an impact on argus memory use, so take care when modifying values. # # The maxium value for any timeout is 65534 seconds. # @@ -695,18 +683,6 @@ ARGUS_CAPTURE_DATA_LEN=32 #ARGUS_TUNNEL_DISCOVERY="no" -# Argus can be configured to parse through GRE tunnels, -# and report on flows in the tunnel. -# The default is to turn this feature off. - -#ARGUS_GRE_PARSING="yes" - -# Argus can be configured to parse through VXLan tunnels, -# which uses UDP to encapsulate ethernet frames. -# The default is to turn this feature off. - -#ARGUS_VXLAN_PARSING="yes" - # Argus can be configured to identify and track duplicate # packets as a separate metric. While the algorithms are diff --git a/support/Deployment/sample b/support/Deployment/sample index abde7e7..e9a8bb8 100755 --- a/support/Deployment/sample +++ b/support/Deployment/sample @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Common include files. namedb + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/support/README b/support/README index b808310..f119856 100644 --- a/support/README +++ b/support/README @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Support Readme + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/support/Startup/README b/support/Startup/README index c7f1bbc..2194890 100644 --- a/support/Startup/README +++ b/support/Startup/README @@ -1,6 +1,6 @@ /* - * Argus Software - * Copyright (c) 2000-2020 QoSient, LLC + * Argus-5.0 Software. Startup Readme + * Copyright (c) 2000-2024 QoSient, LLC * All rights reserved. * * This program is free software, released under the GNU General diff --git a/support/Startup/argus b/support/Startup/argus index cffbc87..0f44d2c 100644 --- a/support/Startup/argus +++ b/support/Startup/argus @@ -1,6 +1,7 @@ #!/bin/sh # -# Copyright (c) 2000-2020 QoSient, LLC +# Argus-5.0 Software. Argus Startup Script +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General diff --git a/support/System/crontab b/support/System/crontab index 7a94610..6e809c6 100755 --- a/support/System/crontab +++ b/support/System/crontab @@ -1,6 +1,6 @@ # -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# Argus-5.0 Software. Argus Archive Crontab entry +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # This program is free software, released under the GNU General diff --git a/support/System/magic b/support/System/magic index 9fca08e..81f9126 100755 --- a/support/System/magic +++ b/support/System/magic @@ -1,6 +1,6 @@ # -# Argus Software -# Copyright (c) 2000-2020 QoSient, LLC +# Argus-5.0 Software. Common include files. namedb +# Copyright (c) 2000-2024 QoSient, LLC # All rights reserved. # # Written by Carter Bullard