Hi all on this list.
I am try to install pmacct + protocol classification feature and want to ask
some question about it.
pmacct + pmacct_v5 base + set of .pat files from l7filter site. See results:
successfully detect ftp,nntp,subversion,jabber,ssh,dns,pop3,smtp
detect connection to
Hi Mike,
I see all of those signatures actually working by picking some sites
randomly with wget. This is with 0.12.0rc3 but honestly speaking there
has not been any major work related to the classification part for the
past 3-4 years.
I would suggest a couple of checks:
* see if HTTP traffic is
I still see all flow records having the same number 4294967295 in my mysql
table, and debug does not seem to tell me why this happens.
And I have another question about the sql_history, what exactly is this? I
have read the configuration keys several time but I am still not sure. If
I set it to
Hi,
On Mon, Nov 16, 2009 at 11:58:14AM -0600, fedora fedora wrote:
I still see all flow records having the same number 4294967295 in my mysql
table, and debug does not seem to tell me why this happens.
How do you mean? You see that number appearing in the debug? As writing
to the database is
Thanks a ton for the reply!
FYI, here is the debug output,
DEBUG ( default/mysql ): INSERT INTO `test_1` (stamp_updated,
stamp_inserted, ip_src, ip_dst, as_src, as_dst, src_port, dst_port,
tcp_flags, ip_proto, packets, bytes, flows) VALUES
(FROM_UNIXTIME(1258410661), FROM_UNIXTIME(1258410600),
