Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- execve("/usr/local/bin/ra", ["ra", "-r", "/usr/local/argus/argfifo", "-m", "none", "-s", "stime", "dur", "flgs", "proto", "saddr", "sport", "dir", "daddr", "dport", "spkts", ...], [/* 22 vars */]) = 0
- brk(0) = 0x931d000
- access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
- open("/etc/ld.so.cache", O_RDONLY) = 3
- fstat64(3, {st_mode=S_IFREG|0644, st_size=52325, ...}) = 0
- mmap2(NULL, 52325, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7fa6000
- close(3) = 0
- open("/lib/libm.so.6", O_RDONLY) = 3
- read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20D\20\0004\0\0\0"..., 512) = 512
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fa5000
- fstat64(3, {st_mode=S_IFREG|0755, st_size=216544, ...}) = 0
- mmap2(0x101000, 163952, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x101000
- mmap2(0x128000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26) = 0x128000
- close(3) = 0
- open("/lib/libpthread.so.0", O_RDONLY) = 3
- read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\10\23\0004\0\0\0"..., 512) = 512
- fstat64(3, {st_mode=S_IFREG|0755, st_size=137944, ...}) = 0
- mmap2(0x12c000, 102884, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x12c000
- mprotect(0x141000, 4096, PROT_NONE) = 0
- mmap2(0x142000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x15) = 0x142000
- mmap2(0x144000, 4580, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x144000
- close(3) = 0
- open("/usr/lib/libGeoIP.so.1", O_RDONLY) = 3
- read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\2207,\0004\0\0\0"..., 512) = 512
- fstat64(3, {st_mode=S_IFREG|0755, st_size=200988, ...}) = 0
- mmap2(0x2c1000, 198288, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x2c1000
- mmap2(0x2f1000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x30) = 0x2f1000
- close(3) = 0
- open("/usr/lib/libz.so.1", O_RDONLY) = 3
- read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\225\24\0004\0\0\0"..., 512) = 512
- fstat64(3, {st_mode=S_IFREG|0755, st_size=75028, ...}) = 0
- mmap2(0x148000, 76400, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x148000
- mmap2(0x15a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11) = 0x15a000
- close(3) = 0
- open("/lib/libc.so.6", O_RDONLY) = 3
- read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\177\312\0004\0\0\0"..., 512) = 512
- fstat64(3, {st_mode=S_IFREG|0755, st_size=1689728, ...}) = 0
- mmap2(0xc92000, 1410500, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xc92000
- mprotect(0xde4000, 4096, PROT_NONE) = 0
- mmap2(0xde5000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x152) = 0xde5000
- mmap2(0xde8000, 9668, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xde8000
- close(3) = 0
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fa4000
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fa3000
- set_thread_area({entry_number:-1 -> 6, base_addr:0xb7fa36c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
- mprotect(0xde5000, 8192, PROT_READ) = 0
- mprotect(0x142000, 4096, PROT_READ) = 0
- mprotect(0x128000, 4096, PROT_READ) = 0
- mprotect(0xc8e000, 4096, PROT_READ) = 0
- munmap(0xb7fa6000, 52325) = 0
- set_tid_address(0xb7fa3708) = 31414
- set_robust_list(0xb7fa3710, 0xc) = 0
- futex(0xbf8f9294, FUTEX_WAKE_PRIVATE, 1) = 0
- rt_sigaction(SIGRTMIN, {0x130400, [], SA_SIGINFO}, NULL, 8) = 0
- rt_sigaction(SIGRT_1, {0x130300, [], SA_RESTART|SA_SIGINFO}, NULL, 8) = 0
- rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
- getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0
- uname({sys="Linux", node="host.local", ...}) = 0
- mmap2(NULL, 798720, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ee0000
- brk(0) = 0x931d000
- brk(0x933e000) = 0x933e000
- gettimeofday({1342108438, 564615}, NULL) = 0
- gettimeofday({1342108438, 564668}, NULL) = 0
- sched_get_priority_min(SCHED_RR) = 1
- sched_get_priority_max(SCHED_RR) = 99
- rt_sigaction(SIGHUP, {0x804b210, [HUP], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- rt_sigaction(SIGTERM, {0x804b210, [TERM], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- rt_sigaction(SIGQUIT, {0x804b210, [QUIT], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- rt_sigaction(SIGINT, {0x804b210, [INT], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- rt_sigaction(SIGPIPE, {0x1, [PIPE], SA_RESTART}, {SIG_DFL, [], 0}, 8) = 0
- gettimeofday({1342108438, 565277}, {240, 0}) = 0
- open("/etc/localtime", O_RDONLY) = 3
- fstat64(3, {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
- fstat64(3, {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fb2000
- read(3, "TZif2\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0\0\0\0"..., 4096) = 3519
- close(3) = 0
- munmap(0xb7fb2000, 4096) = 0
- stat64("/etc/ra.conf", 0xbf8f91b0) = -1 ENOENT (No such file or directory)
- stat64("/root/.rarc", {st_mode=S_IFREG|0644, st_size=81, ...}) = 0
- open("/root/.rarc", O_RDONLY|O_LARGEFILE) = 3
- fstat64(3, {st_mode=S_IFREG|0644, st_size=81, ...}) = 0
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fb2000
- read(3, "RA_DB_USER=\"dbuser\"\nRA_DB_PASS=\"dbpass"..., 4096) = 81
- read(3, "", 4096) = 0
- close(3) = 0
- munmap(0xb7fb2000, 4096) = 0
- mmap2(NULL, 401408, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e7e000
- rt_sigaction(SIGPIPE, {0x804b210, [PIPE], SA_RESTART}, {0x1, [PIPE], SA_RESTART}, 8) = 0
- rt_sigaction(SIGHUP, {0x804b210, [HUP], SA_RESTART}, {0x804b210, [HUP], SA_RESTART}, 8) = 0
- rt_sigaction(SIGTERM, {0x804b210, [TERM], SA_RESTART}, {0x804b210, [TERM], SA_RESTART}, 8) = 0
- rt_sigaction(SIGQUIT, {0x804b210, [QUIT], SA_RESTART}, {0x804b210, [QUIT], SA_RESTART}, 8) = 0
- rt_sigaction(SIGINT, {0x804b210, [INT], SA_RESTART}, {0x804b210, [INT], SA_RESTART}, 8) = 0
- stat64("/var/run/ra.pid", 0xbf8f91bc) = -1 ENOENT (No such file or directory)
- open("/var/run/ra.pid", O_RDWR|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 3
- fstat64(3, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e7d000
- write(3, "31414\n", 6) = 6
- close(3) = 0
- munmap(0xb7e7d000, 4096) = 0
- open("/usr/local/argus/argfifo", O_RDONLY|O_LARGEFILE) = 3
- fstat64(3, {st_mode=S_IFIFO|0644, st_size=0, ...}) = 0
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e7d000
- read(3, "\0\f\373\247\0\0\3\0000,M\2270,M\227\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\1"..., 4096) = 4096
- close(3) = 0
- munmap(0xb7e7d000, 4096) = 0
- stat64("/var/run/ra.pid", {st_mode=S_IFREG|0644, st_size=6, ...}) = 0
- open("/var/run/ra.pid", O_RDONLY|O_LARGEFILE) = 3
- fstat64(3, {st_mode=S_IFREG|0644, st_size=6, ...}) = 0
- mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7e7d000
- read(3, "31414\n", 4096) = 6
- unlink("/var/run/ra.pid") = 0
- close(3) = 0
- munmap(0xb7e7d000, 4096) = 0
- munmap(0xb7e7e000, 401408) = 0
- munmap(0xb7ee0000, 798720) = 0
- exit_group(1) = ?
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement