From BONIN.N at mipih.fr Thu Aug 13 03:25:30 2009 From: BONIN.N at mipih.fr (=?iso-8859-1?Q?BONIN_Nathana=EBl?=) Date: Thu Aug 13 03:25:38 2009 Subject: [Flow-tools] Bad Timestamp with flow-print Message-ID: <7D90CDE85843914CB4DA65D3A421E64904B45859@vmail.mipih.net> Hello everyone, I am a new flow-tools French user and I have a problem with flow-print. I explain my architecture : I have my firewall on OpenBSD (packet filter) and flow-tools is installed on a Debian. I am using pflow interface on OpenBSD to send netflow data and the version used is 5. All of my files are created, but the timestamp is weird. Flow capture command is : -w /data/flows/Router -n 287 -N -1 0/10.31.34.10/2058 -z0 -V5 -S5 I installed the last version of flow-tools (0.68) but I have a weird timestamp : 0816.02:38:24.871 0816.02:39:31.871 0 10.31.0.246 138 0 10.31.255.255 138 17 0 1 245 0816.02:38:26.871 0816.02:39:31.871 0 10.31.0.74 138 0 10.31.255.255 138 17 0 1 264 0816.02:38:27.871 0816.02:39:32.871 0 10.31.30.87 138 0 10.31.255.255 138 17 0 1 251 0816.02:38:27.871 0816.02:39:32.871 0 10.31.0.138 138 0 10.31.255.255 138 17 0 1 238 0816.02:38:28.871 0816.02:39:32.871 0 10.31.0.44 138 0 10.31.255.255 138 17 0 1 262 0816.02:38:29.871 0816.02:39:32.871 0 10.31.1.64 137 0 10.31.255.255 137 17 0 1 78 0816.02:38:54.871 0816.02:39:34.871 0 10.31.30.113 137 0 10.31.255.255 137 17 0 17 1326 0816.02:38:55.871 0816.02:39:34.871 0 10.31.0.175 137 0 10.31.255.255 137 17 0 3 234 This is a capture from today (08/13/2009) but the timestamp is for the 08/16/2009 and the time is bad too because when I write, it's 09:15... I have tried on a 32-bits and on a 64-bits but it's the same problem. On 64-bits I tried with the patch, but this has not changed. I have synchronized with NTP the time and the date of my OpenBSD and my Debian, it's the same, and it's the good date and time. I don't really know what is the problem. Could you help me please ? Thanks! --------------------------- Nathana?l BONIN CSIM - Bureau 011 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20090813/4c351337/attachment.htm From giraldo.alonso at cigb.edu.cu Fri Aug 21 13:32:24 2009 From: giraldo.alonso at cigb.edu.cu (=?iso-8859-1?Q?Giraldo_Alonso_Su=E1rez?=) Date: Fri Aug 21 13:31:33 2009 Subject: [Flow-tools] make error in flow-tools install Message-ID: Hi list: I am new with flow-tools. When I do make to install flow-tools-0.68 , take this error Making all in lib gmake[1]: Entering directory `/home/flowscan/flow-tools-0.68/lib' gmake all-am gmake[2]: Entering directory `/home/flowscan/flow-tools-0.68/lib' source='ftio.c' object='ftio.o' libtool=no \ depfile='.deps/ftio.Po' tmpdepfile='.deps/ftio.TPo' \ depmode=gcc3 /bin/sh ../depcomp \ gcc -I. -I./lib -I. -I. -I. -g -Wall -g -Wall -c `test -f 'ftio.c' || echo './'`ftio.c ftio.c: In function ?readn?: ftio.c:2270: error: lvalue required as left operand of assignment ftio.c: In function ?writen?: ftio.c:2295: error: lvalue required as left operand of assignment gmake[2]: *** [ftio.o] Error 1 gmake[2]: Leaving directory `/home/flowscan/flow-tools-0.68/lib' gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory `/home/flowscan/flow-tools-0.68/lib' gmake: *** [all-recursive] Error 1 I was installed zlib, tcp-wrappers and gnu-make Any bady can help please. Thanks in advanced Giraldo -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20090821/19901002/attachment.htm From giraldo.alonso at cigb.edu.cu Fri Aug 21 14:40:03 2009 From: giraldo.alonso at cigb.edu.cu (=?iso-8859-1?Q?Giraldo_Alonso_Su=E1rez?=) Date: Fri Aug 21 14:43:40 2009 Subject: [Flow-tools] RE: make error in flow-tools install In-Reply-To: References: Message-ID: Sorry.. I use SUSE version 11.1 Thanks a lot From: flow-tools-bounces@list.splintered.net [mailto:flow-tools-bounces@list.splintered.net] On Behalf Of Giraldo Alonso Su?rez Sent: Friday, August 21, 2009 1:32 PM To: flow-tools@list.splintered.net Subject: [Flow-tools] make error in flow-tools install Hi list: I am new with flow-tools. When I do make to install flow-tools-0.68 , take this error Making all in lib gmake[1]: Entering directory `/home/flowscan/flow-tools-0.68/lib' gmake all-am gmake[2]: Entering directory `/home/flowscan/flow-tools-0.68/lib' source='ftio.c' object='ftio.o' libtool=no \ depfile='.deps/ftio.Po' tmpdepfile='.deps/ftio.TPo' \ depmode=gcc3 /bin/sh ../depcomp \ gcc -I. -I./lib -I. -I. -I. -g -Wall -g -Wall -c `test -f 'ftio.c' || echo './'`ftio.c ftio.c: In function ?readn?: ftio.c:2270: error: lvalue required as left operand of assignment ftio.c: In function ?writen?: ftio.c:2295: error: lvalue required as left operand of assignment gmake[2]: *** [ftio.o] Error 1 gmake[2]: Leaving directory `/home/flowscan/flow-tools-0.68/lib' gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory `/home/flowscan/flow-tools-0.68/lib' gmake: *** [all-recursive] Error 1 I was installed zlib, tcp-wrappers and gnu-make Any bady can help please. Thanks in advanced Giraldo -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20090821/9d45a11a/attachment.htm From giraldo.alonso at cigb.edu.cu Mon Aug 24 08:54:36 2009 From: giraldo.alonso at cigb.edu.cu (=?iso-8859-1?Q?Giraldo_Alonso_Su=E1rez?=) Date: Mon Aug 24 08:55:20 2009 Subject: [Flow-tools] RE: make error in flow-tools install In-Reply-To: References: Message-ID: More details... When I run ./configure show this: Myhorname/flow-tools_dir#./configure checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for gawk... gawk checking whether make sets $(MAKE)... yes checking for gcc... gcc checking for C compiler default output... a.out checking whether the C compiler works... yes checking whether we are cross compiling... no checking for suffix of executables... checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ANSI C... none needed checking for style of include used by make... GNU checking dependency style of gcc... gcc3 checking for a BSD-compatible install... /usr/bin/install -c checking whether make sets $(MAKE)... (cached) yes checking for bison... bison -y checking for ranlib... ranlib checking for flex... flex checking for yywrap in -lfl... yes checking lex output file root... lex.yy checking whether yytext is a pointer... yes checking for main in -ly... yes checking for zlibVersion in -lz... yes checking for allow_severity in -lwrap... yes checking for dirent.h that defines DIR... yes checking for library containing opendir... none required checking how to run the C preprocessor... gcc -E checking for egrep... grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking fcntl.h usability... yes checking fcntl.h presence... yes checking for fcntl.h... yes checking features.h usability... yes checking features.h presence... yes checking for features.h... yes checking limits.h usability... yes checking limits.h presence... yes checking for limits.h... yes checking malloc.h usability... yes checking malloc.h presence... yes checking for malloc.h... yes checking for string.h... (cached) yes checking for strings.h... (cached) yes checking sys/time.h usability... yes checking sys/time.h presence... yes checking for sys/time.h... yes checking syslog.h usability... yes checking syslog.h presence... yes checking for syslog.h... yes checking for unistd.h... (cached) yes checking for sin_len in sockaddr_in ... no checking for an ANSI C-conforming const... yes checking for off_t... yes checking for pid_t... yes checking for size_t... yes checking for struct stat.st_rdev... yes checking whether time.h and sys/time.h may both be included... yes checking whether struct tm is in sys/time.h or time.h... time.h checking for stdlib.h... (cached) yes checking for unistd.h... (cached) yes checking for getpagesize... yes checking for working mmap... yes checking for working alloca.h... yes checking for alloca... yes checking return type of signal handlers... void checking for gethostbyname in -lnsl... yes checking for socket in -lsocket... no checking for gethostname... yes checking for gettimeofday... yes checking for select... yes checking for socket... yes checking for strdup... yes checking for strtoul... yes checking for timelocal... yes checking for sigaction... yes checking for strsep... yes checking for strerror... yes checking for strtoull... yes checking strtoul returns 64 bits... no configure: creating ./config.status config.status: creating lib/Makefile config.status: creating src/Makefile config.status: creating bin/Makefile config.status: creating Makefile config.status: creating docs/Makefile config.status: creating lib/ftpaths.h config.status: creating configs/Makefile config.status: creating docs/flow-capture.1 config.status: creating docs/flow-capture.html config.status: creating docs/flow-nfilter.1 config.status: creating docs/flow-nfilter.html config.status: creating docs/flow-print.1 config.status: creating docs/flow-print.html config.status: creating docs/flow-report.1 config.status: creating docs/flow-report.html config.status: creating docs/flow-receive.1 config.status: creating docs/flow-receive.html config.status: creating docs/flow-tag.1 config.status: creating docs/flow-tag.html config.status: creating docs/flow-mask.1 config.status: creating docs/flow-mask.html config.status: creating docs/flow-fanout.1 config.status: creating docs/flow-fanout.html config.status: creating docs/flow-xlate.1 config.status: creating docs/flow-xlate.html config.status: creating docs/flow-rpt2rrd.1 config.status: creating docs/flow-rpt2rrd.html config.status: creating docs/flow-rptfmt.1 config.status: creating docs/flow-rptfmt.html config.status: creating docs/flow-log2rrd.1 config.status: creating docs/flow-log2rrd.html config.status: creating lib/ftconfig.h config.status: lib/ftconfig.h is unchanged config.status: executing depfiles commands Please subscribe to the flow-tools mailing list by sending a message to flow-tools-request@splintered.net Any help please?? Thanks in advanced From: flow-tools-bounces@list.splintered.net [mailto:flow-tools-bounces@list.splintered.net] On Behalf Of Giraldo Alonso Su?rez Sent: Friday, August 21, 2009 2:40 PM To: flow-tools@list.splintered.net Subject: [Flow-tools] RE: make error in flow-tools install Sorry.. I use SUSE version 11.1 Thanks a lot From: flow-tools-bounces@list.splintered.net [mailto:flow-tools-bounces@list.splintered.net] On Behalf Of Giraldo Alonso Su?rez Sent: Friday, August 21, 2009 1:32 PM To: flow-tools@list.splintered.net Subject: [Flow-tools] make error in flow-tools install Hi list: I am new with flow-tools. When I do make to install flow-tools-0.68 , take this error Making all in lib gmake[1]: Entering directory `/home/flowscan/flow-tools-0.68/lib' gmake all-am gmake[2]: Entering directory `/home/flowscan/flow-tools-0.68/lib' source='ftio.c' object='ftio.o' libtool=no \ depfile='.deps/ftio.Po' tmpdepfile='.deps/ftio.TPo' \ depmode=gcc3 /bin/sh ../depcomp \ gcc -I. -I./lib -I. -I. -I. -g -Wall -g -Wall -c `test -f 'ftio.c' || echo './'`ftio.c ftio.c: In function ?readn?: ftio.c:2270: error: lvalue required as left operand of assignment ftio.c: In function ?writen?: ftio.c:2295: error: lvalue required as left operand of assignment gmake[2]: *** [ftio.o] Error 1 gmake[2]: Leaving directory `/home/flowscan/flow-tools-0.68/lib' gmake[1]: *** [all] Error 2 gmake[1]: Leaving directory `/home/flowscan/flow-tools-0.68/lib' gmake: *** [all-recursive] Error 1 I was installed zlib, tcp-wrappers and gnu-make Any bady can help please. Thanks in advanced Giraldo -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20090824/be212e8f/attachment-0001.htm From gianrico at gianrico.com Sun Aug 30 06:20:10 2009 From: gianrico at gianrico.com (gianrico) Date: Sun Aug 30 06:20:17 2009 Subject: [Flow-tools] "lvalue required as left operand of assignment" error Message-ID: <3533DED7954341308D0D41005BE7CED1@gianrico2> Hi, I'm using gcc 4.4.0 in Fedora 11 and have the same error. I have this error in many places. The error is in C code like this: func . (void *buf. { . (char *)buf +=2; next line of code here; . } The question is that I think this should not be standard C code because the cast conversion is temporary. It could happen that in the "next line of code" buf is unchanged! I resolved this issue change the type of 'buf' to 'char *' instead of 'void *'. But I'M NOT SURE THAT THE CODE IT WILL BE STABLE. It should be tested. Bye Gianrico -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20090830/dbeb5bbc/attachment.htm From steve at unixwiz.net Sun Aug 30 12:36:24 2009 From: steve at unixwiz.net (Steve Friedl) Date: Sun Aug 30 12:36:27 2009 Subject: [Flow-tools] "lvalue required as left operand of assignment" error In-Reply-To: <3533DED7954341308D0D41005BE7CED1@gianrico2> References: <3533DED7954341308D0D41005BE7CED1@gianrico2> Message-ID: <20090830163624.GA12775@dcent.unixwiz.lan> On Sun, Aug 30, 2009 at 12:20:10PM +0200, gianrico wrote: > I'm using gcc 4.4.0 in Fedora 11 and have the same error. > I have this error in many places. > The error is in C code like this: > > (char *)buf +=2; > > The question is that I think this should not be standard C code because the > cast conversion is temporary. > > It could happen that in the "next line of code" buf is unchanged! > > I resolved this issue change the type of 'buf' to 'char *' instead of 'void *'. > > But I'M NOT SURE THAT THE CODE IT WILL BE STABLE. It should be tested. The result of a cast is not an lvalue, so it should be done as: buf = (void *) ( 2 + (char*)buf ); Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | 714 694-0494 steve@unixwiz.net | Orange County, CA | Microsoft MVP | unixwiz.net