IP only filter?
Russell Fulton
r.fulton at auckland.ac.nz
Mon Nov 13 16:58:07 EST 2000
HI Carter,
Does 'ip' filter out non IP traffic in the client filters? I
am only interested in IP traffic since nothing else will ever leave or
enter our network. It seems to 'do the right thing' but I thought I
would just check.
I think I have reported this one before and it got 'fixed' but has now
reverted ('u' dist): -n and 'delimited fields' prints the protocol as
numbers instead of words (tcp, icmp, udp...). This is at variance with
the normal output where the protocol us unaffected by -n. I don't mind
much which way we do it so long as it does not keep changing ;-)
There is some logic to having it this way since one could assume that
'delimited field' output will be going to a program and comparison/
sorting of numbers is cheaper than strings and we can always convert
them back for output if needed.
Russell.
More information about the argus
mailing list