Created
June 23, 2015 07:47
-
-
Save asachs/bfbfebdb39b33a5ded61 to your computer and use it in GitHub Desktop.
Eugene
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@estest /opt/nfdump/asa]# nfdump -R nfcapd.201506230459:nfcapd.201506230634 -a 'src or dst net 49.213.52.133/32' | |
| Date first seen Event XEvent Proto Src IP Addr:Port Dst IP Addr:Port X-Src IP Addr:Port X-Dst IP Addr:Port In Byte Out Byte | |
| 2015-06-23 05:12:56.792 DELETE 2028 TCP 49.213.52.133:49975 -> 41.79.77.120:1048 49.213.52.133:49975 -> 10.0.34.50:1048 4347 0 | |
| 2015-06-23 05:11:08.152 CREATE Ignore TCP 49.213.52.133:49926 -> 41.79.77.120:80 49.213.52.133:49926 -> 10.0.34.50:80 821307 0 | |
| 2015-06-23 05:11:55.972 DELETE 2028 TCP 49.213.52.133:49930 -> 41.79.77.120:80 49.213.52.133:49930 -> 10.0.34.50:80 310384 0 | |
| 2015-06-23 06:04:27.174 DELETE 2017 ICMP 49.213.52.133:0 -> 41.79.77.134:8.0 49.213.52.133:1 -> 10.0.34.33:0 64 0 | |
| 2015-06-23 06:04:25.174 DELETE 2017 ICMP 49.213.52.133:0 -> 41.79.77.134:8.0 49.213.52.133:1 -> 10.0.34.33:0 64 0 | |
| 2015-06-23 05:11:08.152 CREATE Ignore TCP 49.213.52.133:49928 -> 41.79.77.120:80 49.213.52.133:49928 -> 10.0.34.50:80 445964 0 | |
| 2015-06-23 06:14:27.906 DELETE 2028 TCP 49.213.52.133:51974 -> 41.79.77.134:21 49.213.52.133:51974 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 05:11:56.932 DELETE 2028 TCP 49.213.52.133:49928 -> 41.79.77.120:80 49.213.52.133:49928 -> 10.0.34.50:80 502224 0 | |
| 2015-06-23 05:11:07.242 CREATE Ignore TCP 49.213.52.133:49925 -> 41.79.77.120:80 49.213.52.133:49925 -> 10.0.34.50:80 970197 0 | |
| 2015-06-23 05:12:51.882 CREATE Ignore TCP 49.213.52.133:49974 -> 41.79.77.120:21 49.213.52.133:49974 -> 10.0.34.50:21 1146 0 | |
| 2015-06-23 05:26:42.355 DELETE 2028 TCP 49.213.52.133:50844 -> 41.79.77.134:21 49.213.52.133:50844 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 05:27:10.095 DELETE 2028 TCP 49.213.52.133:50847 -> 41.79.77.134:21 49.213.52.133:50847 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:14:58.996 DELETE 2028 TCP 49.213.52.133:51975 -> 41.79.77.134:21 49.213.52.133:51975 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:04:28.174 DELETE 2017 ICMP 49.213.52.133:0 -> 41.79.77.134:8.0 49.213.52.133:1 -> 10.0.34.33:0 64 0 | |
| 2015-06-23 05:28:09.896 DELETE 2028 TCP 49.213.52.133:50851 -> 41.79.77.134:21 49.213.52.133:50851 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 05:26:34.855 DELETE 2028 TCP 49.213.52.133:50842 -> 41.79.77.134:21 49.213.52.133:50842 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:04:57.484 DELETE 2028 TCP 49.213.52.133:51835 -> 41.79.77.134:21 49.213.52.133:51835 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:01:17.413 DELETE 2028 TCP 49.213.52.133:51812 -> 41.79.77.134:21 49.213.52.133:51812 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 05:11:08.152 CREATE Ignore TCP 49.213.52.133:49927 -> 41.79.77.120:80 49.213.52.133:49927 -> 10.0.34.50:80 903153 0 | |
| 2015-06-23 06:00:33.293 DELETE 2028 TCP 49.213.52.133:51804 -> 41.79.77.134:21 49.213.52.133:51804 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:05:05.624 DELETE 2028 TCP 49.213.52.133:51836 -> 41.79.77.134:21 49.213.52.133:51836 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:04:26.174 DELETE 2017 ICMP 49.213.52.133:0 -> 41.79.77.134:8.0 49.213.52.133:1 -> 10.0.34.33:0 64 0 | |
| 2015-06-23 05:11:08.162 CREATE Ignore TCP 49.213.52.133:49930 -> 41.79.77.120:80 49.213.52.133:49930 -> 10.0.34.50:80 276630 0 | |
| 2015-06-23 05:11:08.152 CREATE Ignore TCP 49.213.52.133:49929 -> 41.79.77.120:80 49.213.52.133:49929 -> 10.0.34.50:80 1.0 M 0 | |
| 2015-06-23 06:15:07.156 DELETE 2028 TCP 49.213.52.133:51976 -> 41.79.77.134:21 49.213.52.133:51976 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 05:27:17.605 DELETE 2028 TCP 49.213.52.133:50848 -> 41.79.77.134:21 49.213.52.133:50848 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:14:19.576 DELETE 2028 TCP 49.213.52.133:51970 -> 41.79.77.134:21 49.213.52.133:51970 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:15:17.626 DELETE 2028 TCP 49.213.52.133:51978 -> 41.79.77.134:21 49.213.52.133:51978 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:00:41.203 DELETE 2028 TCP 49.213.52.133:51805 -> 41.79.77.134:21 49.213.52.133:51805 -> 10.0.34.33:21 34 0 | |
| 2015-06-23 06:15:10.096 DELETE 2028 TCP 49.213.52.133:51977 -> 41.79.77.134:21 49.213.52.133:51977 -> 10.0.34.33:21 34 0 | |
| Summary: total flows: 35, total bytes: 5260162, total packets: 0, avg bps: 10929, avg pps: 0, avg bpp: 0 | |
| Time window: 2015-06-23 04:59:06 - 2015-06-23 06:39:36 | |
| Total flows processed: 2181900, Blocks skipped: 0, Bytes read: 284403392 | |
| Sys: 4.406s flows/second: 495111.3 Wall: 0.311s flows/second: 6995085.3 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment