> My issue is that I configured my Cisco router to match TCP sequence number, > Acknowledge number, Window TCP and so on but I didn't find a way to read > this information with Nfdump. > Is there a way to parse this information ? When I run Wireshark I see the > information in the pcap files.
Pcap is *not* the same as netflow! Pcap potentially has a complete copy of the packet, netflow only has parts of the header information. This typically includes TCP flags (SYN, ACK etc) but doesn't include TCP sequence number, acknowledgment number and TCP window. So - the information you're looking for isn't there. Steinar Haug, AS2116 ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Nfdump-discuss mailing list Nfdump-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfdump-discuss