Hello list, I have a problem using flow-nfilter
--- begin filter1 --- filter-primitive flow-treshold type counter permit gt 10000 default deny filter-primitive my-network type ip-address-mask permit 62.212.64.0 255.255.224.0 permit 82.192.64.0 255.255.224.0 permit 83.149.64.0 255.255.192.0 default deny filter-definition list-of-hosts-under-attack match flows flow-treshold #match octets flow-treshold match dst-ip-addr my-network --- end filter1 --- This is the commandline: flow-cat /[SNIP]/ft-v05.2004-09-13.220000+0200 | flow-nfilter -f./filter1 -Flist-of-hosts-under-attack But I get the error "flow-nfilter: Filter references a field not in flow." when I match the counter to octets in flow-threshold I see all flows that match the rules in filter1. Am I overlooking anything? Thanks in advance, Bastiaan _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
