[netflow-tools] flowd-reader export
Murray Shields
murray.shields at netoptions.com.au
Fri Mar 24 13:47:23 EST 2006
Is there any documentation on the export as generated by flowd-reader?
For example, what are the possible values and meanings for proto (I know
6 is TCP)? What is the most accurate way of matching bi-directional
packets (is it simply a specific port number range)?
Can I simply assume that the LOWER port number is the port, and the
higher is for matching?
I have tried all of the README files, installed documentation and
Googled, but can find nothing on this. I have also grepped a downloaded
copy of the mailing list archive.
Can anyone help?
Thanks.
Murray.
More information about the netflow-tools
mailing list