Hi, everybody
I want to acount a group of ip addresses.So I use flow-tag. When I do this, I
can't get what I want.
I do as follows:
tag.cfg:
tag-action TEST_DST
type dst-prefix
# CNIC
match 159.226/16 set-dst 0x010001
tag-action TEST_SRC
type src-prefix
# CNIC
match 159.226/16 set-src 0x010001
tag-action OTHER_DST
type dst-prefix
match 0/0 set-dst 0x0
tag-action OTHER_SRC
type src-prefix
match 0/0 set-src 0x0
tag-definition TEST
term
action OTHER_DST
action TEST_DST
term
action OTHER_SRC
action TEST_SRC
tag.sym
0x0001 CNIC
I run the command like this :
flow-cat ft/ft-v05.2005-07-20.151000+0800 | flow-tag -t tag.cfg -TTEST |
flow-stat -n -f31 -S2
I Got this result:
# --- ---- ---- Report Information --- --- ---
#
# Fields: Total
# Symbols: Enabled
# Sorting: Descending Field 2
# Name: Destination Tag
#
# Args: flow-stat -n -f31 -S2
#
#
# Dst Tag flows octets packets
#
0 577483 2353711397 3387470
65537 184547 605768859 1118906
My question: Why is the Dst Tag field not CNIC, the tag I defined in the
tag.sym?
Thanks for your help.
Hui Li
_______________________________________________
Flow-tools mailing list
[EMAIL PROTECTED]
http://mailman.splintered.net/mailman/listinfo/flow-tools
