-b Dump the compiled packet-matching code to stdout and stop. This is used to debug filter
Run argus as a daemon, writing all its transaction status reports to output-file. This is the typical
If ICMP traffic is not of interest to you, you can filter out ICMP packets on input.
Argus supports both input filtering and output filtering, and argus supports multiple output streams,
each with their own independant filters.
If you are interested in tracking IP traffic only (input filter) and want to report ICMP traffic in one
output file, and all other IP traffic in another file.
Audit the network activity that is flowing between the two gateway routers, whose ethernet addresses are
00:08:03:2D:42:01 and 00:00:0C:18:29:F1. Without specifying an output-file, it is assumed that the
transaction status reports will be written to a remote client. In this case we have changed the port
that the remote client will use to port 430/tcp.
Audit each individual ICMP ECHO transaction. You would do this gather Round Trip Time data within your
network. Write the output to output-file.
Audit all NFS transactions involving the server fileserver and increase the reporting interval to 3600
seconds (to provide high data reduction). Write the output to output-file.