Thanks to both Motonori and Harris.
I changed the udp ports to 2055, and now its working fine.
Thanks again guys for your prompt response.
Nadeem
-----Original Message-----
From: Motonori Shindo [mailto:mshindo@xxxxxxxxxxx]
Sent: Monday, January 26, 2004 8:05 PM
To: Nadeem Lughmani
Cc: ethereal-users@xxxxxxxxxxxx
Subject: Re: [Ethereal-users] sinffing NetFlow Packets
Nadeem,
From: "Nadeem Lughmani" <nlughman@xxxxxxxxxxxxxxxxxxx>
Subject: [Ethereal-users] sinffing NetFlow Packets
Date: Mon, 26 Jan 2004 19:48:02 -0800
> I am using ethereal version 0.9.16. When I capture NetFlow packets , they are not decoded , they
> are simply shown as udp packets. I have read that ethereal supports NetFlow packets.
> Any idea what is going on here..?
Cisco's NetFlow doesn't have a standard port number. Instead, it is
usually configured on both probe device (i.e. routers, switches, etc.)
and the collector explicitly.
To have Ethereal to dissect the packet as NetFlow, you have to
instruct Ethereal which port number is being used as NetFlow. You can
do this by selecting CFLOW from protocols listed in 'Analyze' ->
'Decode As' (this menu item may not exist in the location as described
in Ethereal you're using, but you can easily find the it at somewhere
else in the menu).
Regards,