> My issue is that I configured my Cisco router to match TCP sequence number,
> Acknowledge number, Window TCP and so on but I didn't find a way to read
> this information with Nfdump.
> Is there a way to parse this information ? When I run Wireshark I see the
> information in the pcap files.

Pcap is *not* the same as netflow! Pcap potentially has a complete
copy of the packet, netflow only has parts of the header information.
This typically includes TCP flags (SYN, ACK etc) but doesn't include
TCP sequence number, acknowledgment number and TCP window.

So - the information you're looking for isn't there.

Steinar Haug, AS2116



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss

Reply via email to