[flow-tools] some bugs in flow-tools-0.58
Mark Fullmer
maf@eng.oar.net
Fri, 14 Jun 2002 11:20:04 -0400
Thanks for the testing efforts. I'll get you a patch later today.
mark
On Fri, Jun 14, 2002 at 02:20:33PM +0800, Horatio B. Bogbindero wrote:
>
>
> i did some tests on flow-tools-0.58. basically, what i did was compare
> the results of the regular flow-filter, flow-cidr (Inter.netPH) with flow-nfilter.
>
> -flow-tags documentation says tag symbols are in /var/ft/sym/tags (0.57
> location) but the file is now /var/ft/sym/tag (0.58 location)
> -using the filter-primitive ip-address causes flow-nfilter to core dump
> -"match dst-ip-addr" yields the same results as "match src-ip-addr". i
> did a quick check on the lib/ftfil.c source but have not traced the problem
> yet.
> -the time field using:
>
> filter-primitive shift
> type time
> permit gt 1:00
> permit lt 2:00
>
> yields the same result as:
>
> filter-primitive shift
> type time
> permit gt 1:00
> permit lt 23:00
>
> based on my data this should not be the case. the result is the same as if
> there was no time filter at all. i used flow-stat to compare the byte counts.
>
> fyi.
>
>
> -------------------------------------------
> William Emmanuel S. Yu
> Ateneo Campus Network Group (AteneoCNG)
> email : wyu at ateneo dot edu
> web : http://CNG.ateneo.net/wyu/
> phone : +63(2)4266001-4186
> GPG : http://CNG.ateneo.net/wyu/wyy.pgp
>
>
> _______________________________________________
> flow-tools@splintered.net
> http://www.splintered.net/sw/flow-tools