[netflow-tools] ipv6 filtering - unwanted addresses showing up - SOLVED
Otto
mworld at twbc.net
Thu Jan 12 20:20:41 EST 2012
I figured this filtering system out. I think the docs need better examples.
If I want all destination addresses to match a local subnet or 2 from
2012-01-12 18:00:00 to 2012-01-12 19:00:00 is :
discard quick before date 20120112180000
discard quick after date 20120112190000
accept quick dst 2001:xxxx:xxxx:xxxx::/56
accept quick dst 192.168.0.0/19
discard all
Regards,
Otto.
On 4/01/2012 2:00 PM, Otto wrote:
> Hi. I've been setting up some IPv6 filters with some unwanted results.
> I get link local and multicast addresses showing up.
>
> e.g. (real ips removed)
>
> discard src 2001:xxxx:xxxx:xxxx::/56
> accept dst 2001:xxxx:xxxx:xxxx::/56
> discard before date 20120101000000
> discard after date 20120101235959
> discard inet
>
> Output:
>
> 1325347355,0,2157541701,127.0.0.1,2,146,2157232389,2157232289,0,0,fe80::456f:397d:4c49:b9f3,ff02::1:3,(null),0,0,64852,5355,17,0,0,0,0,0,0
>
> 1325347355,0,2157541701,127.0.0.1,2,146,2157234962,2157234862,0,0,fe80::456f:397d:4c49:b9f3,ff02::1:3,(null),0,0,62415,5355,17,0,0,0,0,0,0
>
> 1325347373,0,2157558941,127.0.0.1,22,1584,2157547205,2157252221,0,0,fe80::456f:397d:4c49:b9f3,ff02::1:ff54:e8c8,(null),0,0,0,0,58,0,0,0,0,0,0
>
>
>
> Regards,
> Otto.
More information about the netflow-tools
mailing list