At this point I have a working flow-capture that gets it's data from a router in port 2055 and everything is working fine. The problem is that I need to filter the data and send it to two different folders with diferent filters, AFAIK there is no direct way to do this with flow-capture, correct me if I'm wrong. So I'm using an application called "samplicator", wich gets datagrams from one port and can resend them to any number of ip/ports (I also tried flow-fanout but with the same results). I'm using it to send them to the same machine in two ports, so now I have: Flows arrive to localhost:2055 and are sent to localhost:2056 and localhost:2057 The problem is that if now I start flow-capture to get the flows from port 2056 it doesn�t get any data. the flowcapture line is: "flow-capture -f/location/to/filter.acl -FILTER -V5 -N0 -n287 -w /location/to/fows 0/0/2056"
The only things that changes is the port, from 2055 to 2056, the filter used and the destination dir. Using "tcpdump -i lo|grep 2056" I can see that the flows are being received in that port. and using netstat I can see that flow-capture is listening in port 2056. But the files are not being filled. The strange thing is that I have the same configuration running in another server and everything is working fine. Any ideas?, thank you. Francisco _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
