Giter Club home page Giter Club logo

Comments (5)

phaag avatar phaag commented on May 25, 2024

nfdump handles 8bytes (64bit) counters already for years. INternally nfdump uses only 64bit counters.
If the counters are wrong, this mus be something different. Please send me a pcap captured at the collector side to check.

from nfdump.

cosidius avatar cosidius commented on May 25, 2024

Hi,

Here you have a pcap file and the debug output from my perl script parsing the same pcap file.

If you want to make it easy for you to see the difference when 64 bit fields for IN_Bytes and OUT_bytes is used use "dst host 130.240.19.2" and if source starts with 130.240.x.x then it is processed by Fortigate. Else it processed by Cisco with normal 32bit counters.

130.240.19.2 is one of our DNS servers

Från: Peter Haag [email protected]
Skickat: den 6 maj 2016 14:18
Till: phaag/nfdump
Kopia: Thomas Nilsson; Author
Ämne: {Disarmed} Re: [phaag/nfdump] 64 bit counters for IN_BYTES and OUT_BYTES (#22)

nfdump handles 8bytes (64bit) counters already for years. INternally nfdump uses only 64bit counters.
If the counters are wrong, this mus be something different. Please send me a pcap captured at the collector side to check.

You are receiving this because you authored the thread.
Reply to this email directly or view it on GitHubhttps://github.com//issues/22#issuecomment-217425141

from nfdump.

cosidius avatar cosidius commented on May 25, 2024

PecapAndDebug.zip

from nfdump.

cosidius avatar cosidius commented on May 25, 2024

Hi,

Are you looking into this issue even when you closed it before I had the time to reply, or do I need to open a new ticket?

from nfdump.

cosidius avatar cosidius commented on May 25, 2024

Could be that Fortigate don’t send TCP flags in their export. If this field is missing how do your code cope with it?

from nfdump.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.