where's proto?
Peter Van Epp
vanepp at sfu.ca
Fri Jun 1 18:55:49 EDT 2001
I'm poking at 2.01 output and perl but the proto field seems to be
mia. From 1.8.1 output:
Tue 05/29 00:01:28 d tcp 207.34.179.108.4922 -> 142.58.120.21.25 10 17 2169 605 FIN
apparantly the same transaction from 2.0.1, but note the lack of "d"
retrans flag, and in fact the field doesn't appear to be present in
a delimited output ra run:
29 May 01 00:07:40 tcp 207.34.179.108.4922 -> 142.58.120.21.25 10 14 2837 1399 FIN
29 May 01 00:08:02 tcp 207.34.179.108.4922 -> 142.58.120.21.25 0 2 0 224 FIN
29 May 01 00:08:55 tcp 207.34.179.108.4922 -> 142.58.120.21.25 0 1 0 112 FIN
2001-05-29-14:39:59;udp;64.124.83.65;17978;<->;142.58.164.27;6976;ACC
^
I'd expect the proto field to appear here!
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the argus
mailing list