Thanks a bunch. I am now getting records filled in with src and dst IP addresses... even though there are many records with both fields empty. I will go through CONFIG_KEYS and play with options.
I also want to get rid of mac_src and mac_dst fields in the table and want to add as_src and as_dst fields. just creatign a table deleting some fields is not working.
Thanks, Prakash. On Thu, 23 Feb 2006, Paolo Lucente wrote:
Hello Prakash, i should have been able to figure out what happens. At first, i've missed that your 'aggregate' directive was including both src_host/dst_host and src_as/dst_as . This is not supported as both HOST and AS primitives are "multiplexed" in the same field. You can still fire two more plugins and keep AS and HOST stats segregated each other. The zeroes are a consequence: AS numbers win over hosts but networks map expects to find IP addresses out there. Thus, AS numbers are handled as IP addresses and are found outside each of the defined networks. This makes them to be rewritten as zeroes. CONFIG-KEYS explains the way networks_map works. Using hosts and AS numbers separatedly, i'm able to get same results by nfacctd as those returned by flow-print (-f 3 / -f 4). Cheers, Paolo
-- Prakash Rudraraju Systems Programmer 520 626-1225 (W) CCIT - NTS 520 307-0949 (C) University of Arizona T h i s t a g l i n e h a s b e e n u n z i p p e d . ------------------------------------- Printed using 100% recycled electrons
