Hello,
I would like to filter specific port all ( IN & Out) traffic. I am trying to
Variable binding for specifying dynamic ( at run time) port.
but it's not working. My file structure and commands are as follows.
File: test_filter.cfg
---------------------------------------------------
filter-primitive VAR_PORT
type ip-port
permit @CPRT
default deny
filter-definition custom_port
match ip-source-port VAR_PORT
or
match ip-destination-port VAR_PORT
File: test_report.cfg
------------------------------------------------------------
include-filter /home/esdsnet/flow_script/test_filter.cfg
stat-report t10
type ip-address
filter custom_port
output
sort +octets
records 30
fields -flows,-packets,-duration
path /home/esdsnet/flow_script/filter_data/@CPRT
stat-definition t10
report t10
Command:
-----------------------------------------------------------
/usr/bin/flow-cat -p
/home/esdsnet/flow_data/lan_flow_data/2009/2009-09/2009-09-12 | flow-report -s
test_report.cfg -S t10 -v CPRT=21
----------------------------------------------------------------------------------------------------------------------
Is there anything weong with my command for filters...
Regards,
Narendra
_______________________________________________
Flow-tools mailing list
[email protected]
http://mailman.splintered.net/mailman/listinfo/flow-tools
