[Nfdump-discuss] nfdump AS filter

Mon, 09 Dec 2013 04:21:57 -0800

Hi guys,

there is some dependency(like whois or something similar) for AS number filter to works?

As in this example, i used ip filter and then as filter based on an facebook ip:
[root@bns ~]# nfdump -M /data/nfsen/profiles-data/live/7206vxr  -T  -R 2013/12/09/nfcapd.201312090930:2013/12/09/nfcapd.201312091155 -c 20  "dst ip 69.171.242.27"
Date first seen          Duration Proto      Src IP Addr:Port          Dst IP Addr:Port   Packets    Bytes Flows
2013-12-09 09:29:50.709     0.000 TCP     192.168.105.70:45611 ->    69.171.242.27:80           1       41     1
2013-12-09 09:29:50.753     0.000 TCP     192.168.105.70:45613 ->    69.171.242.27:80           1       41     1
2013-12-09 09:29:50.761     0.000 TCP     192.168.105.70:45612 ->    69.171.242.27:80           1       41     1

[root@bns ~]# nfdump -M /data/nfsen/profiles-data/live/7206vxr  -T  -R 2013/12/09/nfcapd.201312090930:2013/12/09/nfcapd.201312091155 -c 20  "dst as 32934"
Date first seen          Duration Proto      Src IP Addr:Port          Dst IP Addr:Port   Packets    Bytes Flows
Summary: total flows: 0, total bytes: 0, total packets: 0, avg bps: 0, avg pps: 0, avg bpp: 0
Time window: 2013-12-09 09:24:59 - 2013-12-09 11:59:57
Total flows processed: 687120, Blocks skipped: 0, Bytes read: 35734128
Sys: 0.207s flows/second: 3303985.7  Wall: 0.205s flows/second: 3343893.7


Regards

--
Riccardo Cupardo

W +39 02 84278805 
S riccardo.cupardo


via Breda 176, 2nd Floor, Milan, 20126 Italy
picture the possibilities | piksel.com


This message is private and confidential. If you have received this message in error, please notify the sender or serviced...@piksel.com and remove it from your system.

Piksel Inc is a company registered in the United States New York City, 1250 Broadway, Suite 1902, New York, NY 10001. F No. = 2931986

------------------------------------------------------------------------------
Sponsored by Intel(R) XDK 
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss

Reply via email to