Hello Prakash, i should have been able to figure out what happens. At first, i've missed that your 'aggregate' directive was including both src_host/dst_host and src_as/dst_as . This is not supported as both HOST and AS primitives are "multiplexed" in the same field. You can still fire two more plugins and keep AS and HOST stats segregated each other.
The zeroes are a consequence: AS numbers win over hosts but networks map expects to find IP addresses out there. Thus, AS numbers are handled as IP addresses and are found outside each of the defined networks. This makes them to be rewritten as zeroes. CONFIG-KEYS explains the way networks_map works. Using hosts and AS numbers separatedly, i'm able to get same results by nfacctd as those returned by flow-print (-f 3 / -f 4). Cheers, Paolo
