
/*
 * Copyright (c) 1993, 1994, 1995 Carnegie Mellon University.
 * All rights reserved.
 *
 * Permission to use, copy, modify, and distribute this software and
 * its documentation for any purpose and without fee is hereby granted, 
 * provided that the above copyright notice appear in all copies and
 * that both that copyright notice and this permission notice appear
 * in supporting documentation, and that the name of CMU not be
 * used in advertising or publicity pertaining to distribution of the
 * software without specific, written prior permission.  
 * 
 * CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
 * ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
 * CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
 * ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
 * WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
 * ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
 * SOFTWARE.
 *
 */

Argus clients directory.

Manifest:
-r--r--r--  1 argus    software     3955 Apr 20 17:19 Makefile.in
-rw-rw-r--  1 argus    software     1744 Apr 19 15:41 policy.conf
-rw-rw-r--  1 argus    software      255 Dec 14 15:37 policy.test
-r--r--r--  1 argus    software    22331 Apr 11 14:05 ra.c
-rw-r--r--  1 argus    software    20220 Apr 20 17:38 services.c
-r--r--r--  1 argus    software     3047 Feb  8 16:02 template.c

This directory contains example programs that read Argus data, either
from stdin, Argus data files or directly from a remote Argus server. 
For a complete description of these routines, refer to their man pages.

This is just a sample of the clients that we use at the Software
Engineering Institute.  We encourage you to write your own.


ra.c
   read_argus - This routine is a generic linear search database
   routine for reading Argus data from either logs or from a remote
   active Argus server.  Ra uses tcpdump expressions to specify its
   selection criteria.  We use this routine a lot.

services.c
   print services - This routine prints out the destination port numbers
   used in the transactions seen in an Argus data stream.  This is very
   useful for generating reports on how hosts are being used.

template.c 
   Template.c is a template for building Argus clients, using the
   utilities in this directory and those in ../common. Both ra.c and
   services.c used template.c as a beginning.  There is a Makefile
   entry for template.  If you use template.c as a basis for your own
   clients, try our Makefile strategy, which makes linking the 
   appropriate routines out of ../common easier.
   

policy.conf
policy.test
   These are data examples of a feature of Argus clients, where
   you can use Cisco access control lists to define your
   selection criteria.  Argus data entries that violate the
   access control list will be selected.  This feature can be used
   to validate network access control policies.
   
