INT vs REQ
elof2 at sentor.se
elof2 at sentor.se
Tue Oct 22 09:15:39 EDT 2013
Hi Carter!
I just noticed this:
My udp flows, when using ra -Zb, are usually CON, then there are lots of
REQ and lastly there are some INT.
The ra manual says:
REQ|INT (requested|initial)
This indicates that this is the initial state report for a transac-
tion and is seen only when the argus-server is in DETAIL mode. For
TCP connections this is REQ, indicating that a connection is being
requested. For the connectionless protocols, such as UDP, this is
INT.
Why are some udp packets REQ while others are INT?
Shouldn't all unconnected UDP packets be INT?
(note, an old version of ra was used here: 3.0.6.2)
/Elof
More information about the argus
mailing list