[Flow-tools] getting fprobe and flowtools working together
Joe Loiacono
jloiacon at csc.com
Wed Feb 27 15:03:14 EST 2008
You'll probably have fprobe send to 127.0.0.1 port nnn.
Then start flow-capture (
http://www.splintered.net/sw/flow-tools/docs/flow-capture.html ) probably
something like:
flow-capture -p /flows/pids/flowtool.pid -w /flows/router_1 -E2000M -S5
0/0/nnn
E2000 would limit space used up to 2 Gbytes, -S5 will keep stats every 5
minutes. Data will be kept in /flows/router_1. 0/0/nnn will receive on any
IP address, from any IP address, on port nnn
It's almost as simple as that ...
Joe
flow-tools-bounces at list.splintered.net wrote on 02/27/2008 01:38:29 PM:
> Hi,
> I am new to both fprobe and flowtools. I want to use fprobe to
> capture traffic
> using our dag card, and then use flowtools to collect and store to disk.
If
> anyone has worked with this pair in this way, I'd appreciate any advice
on
> making this work. Both software are installed on the same machine.
Thanks,
> --Jay.
> _______________________________________________
> Flow-tools mailing list
> flow-tools at splintered.net
> http://mailman.splintered.net/mailman/listinfo/flow-tools
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.splintered.net/pipermail/flow-tools/attachments/20080227/50ccd495/attachment.htm
More information about the Flow-tools
mailing list