|
Hello, I’m actually using flow-tools to generate reports in
order to create a list of the most frequent used ip
addresses and destination ports for udp and tcp protocols. My problem is that I obtain strange values for the
first-flow and last-flow key words. For example : # first-flow : 4294967295 Wed Dec
31 # last-flow : 0 Wed Dec 31 As you can see packets are captured before epoch !!!! When I use flow-print the obtained values seem to be correct: With the –f 1 option, for example I have
: 0001a 129.15.118.219 0000 129.15.119.255 11 277 277
1 145 0511.13:14:29.000 0511.13:14:29.000 0.000 145 00 00 With the header : Sif SrcIPaddress Dif DstIPaddress Pr ScrcP DstP Pkts
Octects StartTime EndTime Active B/Pk Ts Fl The name of my ft file is :
ft-v05.2005-05-11.13.1000-0500 Do you know why I have these strange values? Thanks for your help. Sylvain VIAL. |
_______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
