Hello, [Excuse the new member and if this has already been covered.]
I can't find any support for NetFlow v9 fields related to NAT - namely: 40001 XLATE_SRC_ADDR_IPV4 40002 XLATE_DST_ADDR_IPV4 40003 XLATE_SRC_PORT 40004 XLATE_DST_PORT 40005 FW_EVENT (created/deleted/denied) We have a Cisco ASA5580 running software version 8.2 which is capable of logging these (I believe - Wireshark seems to not have any truck with analysing the packets, so I'm having difficulty confirming the data is in there; nfdump is certainly capturing and logging everything except these extra fields). Can I confirm there is no support for this and, if not, are there any plans to do so? I'm happy trying to do so and submitting diffs, but I haven't investigated the source code closely for nfcapd, nfdump, etc. although I can see that the majority of fields use low ID numbers and these are much higher (and there's an array to handle parsing the fields); is adding support likely to be difficult? Thanks for any help in advance, - Bob -- Bob Franklin <[email protected]> +44 1223 748479 Network Division, University of Cambridge Computing Service ------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com _______________________________________________ Nfdump-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
