From netramet-owner  Sat Sep 22 02:15:56 2001
Received: (from majordom@localhost)
       by mailhost.auckland.ac.nz (8.9.2/8.9.2/8.9.2-ua) id CAA02224
       for netramet-outgoing; Sat, 22 Sep 2001 02:10:37 +1200 (NZST)
Received: from spog.gaertner.de (IDENT:[email protected] [194.45.135.2])
       by mailhost.auckland.ac.nz (8.9.2/8.9.2/8.9.2-ua) with ESMTP id CAA02217
       for <[email protected]>; Sat, 22 Sep 2001 02:10:35 +1200 (NZST)
Received: from aunt.gaertner.de ([email protected] [217.13.66.102])
       by spog.gaertner.de (8.8.8/8.8.8/Nase) with ESMTP id QAA10498
       for <[email protected]>; Fri, 21 Sep 2001 16:10:33 +0200
Received: (from schuma@localhost)
       by aunt.gaertner.de (8.8.8/8.8.8) id QAA07459
       for [email protected]; Fri, 21 Sep 2001 16:10:32 +0200 (MET DST)
From: Joerg Schumacher <[email protected]>
Message-Id: <[email protected]>
Subject: NeTraMet status?
To: [email protected]
Date: Fri, 21 Sep 2001 16:10:32 +0200 (MET DST)
X-NCC-RegID: de.gaertner
X-Mailer: ELM [version 2.4ME+ PL66 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: [email protected]
Precedence: bulk

Hi!

I'm looking for an ip accounting system.  RTFM/NeTraMet looks promising.
Some questions :

       - is NeTraMet still under active development?
       - is there an anonymous CVS server for retrieving the latest
         and greatest version?
       - newest file in mailing list archive is netramet.0009, a
         silent year?
       - are there any known problems with v4.4b10?  (meter will run
         on linux 2.2.19)

Regards,
Joerg

--
Gaertner Datensysteme                         38114 Braunschweig
Joerg Schumacher                              Hamburger Str. 273a
Tel: 0531-2335555                             Fax: 0531-2335556

From netramet-owner  Sat Sep 22 04:46:55 2001
Received: (from majordom@localhost)
       by mailhost.auckland.ac.nz (8.9.2/8.9.2/8.9.2-ua) id EAA12641
       for netramet-outgoing; Sat, 22 Sep 2001 04:45:49 +1200 (NZST)
Received: from fdpnmailgw2.dpn.deere.com (fdpnmailgw2.dpn.deere.com [192.43.65.86])
       by mailhost.auckland.ac.nz (8.9.2/8.9.2/8.9.2-ua) with SMTP id EAA12630
       for <[email protected]>; Sat, 22 Sep 2001 04:45:47 +1200 (NZST)
Received: from 164.121.15.19 by fdpnmailgw2.dpn.deere.com with ESMTP (
Tumbleweed MMS SMTP Relay (MMS v4.7)); Fri, 21 Sep 2001 11:45:15 -0500
X-Server-Uuid: 2d3b7162-db1d-11d3-b8ee-0008c7dfb6f1
Received: by edxgw1.dx.deere.com with Internet Mail Service (5.5.2653.19
) id <TF0L1V3J>; Fri, 21 Sep 2001 11:45:14 -0500
Message-ID: <[email protected]>
From: "Riaz Nadeem" <[email protected]>
To: [email protected]
Subject: FW: NeTraMet status?
Date: Fri, 21 Sep 2001 11:45:09 -0500
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
X-WSS-ID: 17B5B111899915-01-01
Content-Type: text/plain;
charset=iso-8859-1
Content-Transfer-Encoding: 7bit
Sender: [email protected]
Precedence: bulk

why improve the best...

it already works on linux...

see www.ipmeter.com a NetraMet based accounting system..

Thank you
Nadeem Riaz


-----Original Message-----
From: Joerg Schumacher [mailto:[email protected]]
Sent: Friday, September 21, 2001 9:11 AM
To: [email protected]
Subject: NeTraMet status?


Hi!

I'm looking for an ip accounting system.  RTFM/NeTraMet looks promising.
Some questions :

       - is NeTraMet still under active development?
       - is there an anonymous CVS server for retrieving the latest
         and greatest version?
       - newest file in mailing list archive is netramet.0009, a
         silent year?
       - are there any known problems with v4.4b10?  (meter will run
         on linux 2.2.19)

Regards,
Joerg

--
Gaertner Datensysteme                         38114 Braunschweig
Joerg Schumacher                              Hamburger Str. 273a
Tel: 0531-2335555                             Fax: 0531-2335556


From netramet-owner  Sat Sep 22 06:32:45 2001
Received: (from majordom@localhost)
       by mailhost.auckland.ac.nz (8.9.2/8.9.2/8.9.2-ua) id GAA19420
       for netramet-outgoing; Sat, 22 Sep 2001 06:32:01 +1200 (NZST)
Received: from correo2 ([157.238.87.78])
       by mailhost.auckland.ac.nz (8.9.2/8.9.2/8.9.2-ua) with ESMTP id GAA19403
       for <[email protected]>; Sat, 22 Sep 2001 06:32:00 +1200 (NZST)
From: [email protected]
Received: from qoslabs.com (localhost [127.0.0.1])
by correo2.qoslabs.com (iPlanet Messaging Server 5.0 Patch 2 (built Dec 14
2000)) with ESMTP id <[email protected]> for
[email protected]; Fri, 21 Sep 2001 14:31:24 -0400 (EDT)
Received: from [200.64.169.178] by correo2.qoslabs.com (mshttpd); Fri,
21 Sep 2001 13:31:24 -0500
Date: Fri, 21 Sep 2001 13:31:24 -0500
Subject: netflowmet vs netflowcollector
To: [email protected]
Message-id: <[email protected]>
MIME-version: 1.0
X-Mailer: iPlanet Webmail
Content-type: text/plain; charset=us-ascii
Content-language: en
Content-transfer-encoding: 7BIT
Content-disposition: inline
X-Accept-Language: en
Sender: [email protected]
Precedence: bulk


Hi,

I'm working with netflow collector from Cisco and NetflowMet to test the
differences between them.
My scenario is very simple:
two routers back to back and two server (A and B), each server connect
it to the fastethernet of the routers.
There are two more servers in the router 1 LAN:
1.-  running NetflowMet, at the end of the email is the rule that I'm
using.
2.- running netflow collector from cisco.

I did a FTP From Server A to server B = 1 MB of data.
the server with flow collector report  1.1 MB data transfer from A to B
The server with NetflowMet report  2.2 MB data transfer from A to B

I did several test with different size of files and always NetflowMet
report me the double of flow collector.

What am I doing wrong? Am I missing something?

thanks in advance for your help.



********************* Rule File *********************************
#Source file: tmpreaderone.srl
#Compiled by: SRL compiler, version 4.3
#Time:        23:35:35 Thu 20 Sep 2001
 sourcepeertype & 255.0 = 0.0: ignore, 0;
 sourcepeertype & 255.0 = 1.0: pushto, g1;
 null & 0 = 0: gotoact, n2;
n2:
 null & 0 = 0: ignore, 0;
g1:
 destpeeraddress & 255.255.255 = 192.183.99: pushto, s2;
 null & 0 = 0: goto, n3;
s2:
 desttranstype & 255.0 = 6.0: pushto, s1;
 null & 0 = 0: popto, next;
 null & 0 = 0: goto, n3;
s1:
 desttransaddress & 0.0 = 0.0: pushtoact, a1;
 null & 0 = 0: popto, next;
 null & 0 = 0: popto, next;
n3:
g2:
 sourcepeeraddress & 255.255.255 = 192.183.99: goto, s4;
 null & 0 = 0: goto, n4;
s4:
 desttranstype & 255.0 = 6.0: goto, s3;
 null & 0 = 0: goto, n4;
s3:
 sourcetransaddress & 0.0 = 0.0: nomatch, 0;
n4:
 destpeeraddress & 0.0 = 0.0: pushto, s6;
 null & 0 = 0: goto, n5;
s6:
 desttranstype & 255.0 = 6.0: pushto, s5;
 null & 0 = 0: popto, next;
 null & 0 = 0: goto, n5;
s5:
 desttransaddress & 0.0 = 0.0: pushtoact, a2;
 null & 0 = 0: popto, next;
 null & 0 = 0: popto, next;
n5:
g4:
 sourcepeeraddress & 0.0 = 0.0: goto, s8;
 null & 0 = 0: goto, n6;
s8:
 desttranstype & 255.0 = 6.0: goto, s7;
 null & 0 = 0: goto, n6;
g4:
 sourcepeeraddress & 0.0 = 0.0: goto, s8;
 null & 0 = 0: goto, n6;
s8:
 desttranstype & 255.0 = 6.0: goto, s7;
 null & 0 = 0: goto, n6;
s7:
 sourcetransaddress & 0.0 = 0.0: nomatch, 0;
 null & 0 = 0: gotoact, n6;
n6:
 null & 0 = 0: ignore, 0;
a1:
 null & 0 = 0: count, 0;
a2:
 null & 0 = 0: count, 0;
set 4;
format
 flowruleset flowindex firsttime lasttime " " sourcekind destkind
flowkind
 "  " sourcepeertype sourcepeeraddress sourcepeermask destpeeraddress
 destpeermask "  " sourcetranstype desttranstype " " sourcetransaddress
 sourcetransmask desttransaddress desttransmask " " topdus frompdus " "
 tooctets fromoctets;
statistics;

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.