[flow-tools] TCP flags in flow-print format 5
Dale Clapperton (lists)
lists@blackbird.net.au
Fri, 10 May 2002 22:39:33 +1000
Hi
A brief question.. When using flow-print -f5, how does the value for
"(u_int)*cur.tcp_flags & 0x7" in the code translate into the actual flags on
each packet? I'm attempting to hack together a custom format for flow-print
which will output in the DSHIELD format
(http://www.dshield.org/specs.html#dshield_format), which requires the flags to
be represented using charecters or text, not numerically.
Thanks
Dale