Michel Gigot wrote: >Many thanks for this great tool. >I did not manage to get it decoding Cisco netflow ? I tried version 1, 5 and >7 without any result. The UDP info is displayed as simple DATA without any >decoding. >Also, do I need to configure somewhere the UDP port number used for the >export ? >You will find here attached examples of version 1 and 5. > > <<ether_cflow>>
Ethereal dissects packets to or from UDP port 2055 as NetFlow. If you mark one of the packets in your capture and use the Tools/Decode As... menu item and then select CFLOW as protocol you will get the packets decoded as NetFlow. Regards, Martin
