On Tue, 14 Sep 2004, Bastiaan Spandaw wrote: | filter-definition list-of-hosts-under-attack | match flows flow-treshold | #match octets flow-treshold | match dst-ip-addr my-network
The line you've commented out is significant. It makes sense to select "flows with > 10000 octets". But I don't see how we can select "flows with > 10000 flows". ( sorry if I'm missing somthing ) Can you describe what info you're actually trying to obtain ? _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
