Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
NAME
       ehnt -- Extreme Happy Netflow Tool. Client part

SYNOPSIS
       ehnt  [-0 ASN] [-a ASN] [-b] [-c	count] [-i mins] [-m mode] [-n intidx]
	    [-p	port] [-P proto] [-r addr] [-s server:port] [-x	prefix]

DESCRIPTION
       The ehnt	command	starts ehnt(1) client which  connects  to  ehntserv(8)
       server  and  converts raw flow of NetFlow version 5 packets into	human-
       readable	(or machine-readable) form.

       Ehnt currently has two basic modes of operation,	 dump  and  top.   The
       dump modes are used to output details about individual flows.  Top mode
       is  used	 to  generate  reports which display averages over time	for AS
       numbers,	IP protocols and TCP/UDP ports.

       The options are as follows:

       -0 ASN	   Replace AS number 0 occurences with this AS number

       -a ASN	   Only	display	flows to/from this AS number

       -b	   Display big flows (only shows flows with the	most bytes  or
		   packets received so far)

       -c count	   Exit	after <count> flows are	received

       -h	   Display command-line	help

       -i mins	   How long to wait between report generations (in minutes)

       -m mode	   The	name  of  the  mode of operation to use: dump displays
		   flow	detail;	shortdump shows	flow details in	a more compact
		   fashion; colondump shows flow details in a machine-readable
		   format; top generates reports of top	average	utilization

       -n intidx   Specify the interface by SNMP ifIndex number

       -p port	   Only	display	flows to/from this tcp or udp port number

       -P proto	   Only	display	flows using this IP protocol number

       -r addr	   Only	display	flows reported by this router IP address

       -s server:port
		   The	hostname  or  IP  address  and	port  number  of   the
		   ehntserv(8)

       -t topmode  The	type of	report to generate when	in top mode.  (The re-
		   port	type can also be changed interactively while the  pro-
		   gram	is running.)  as; Display the AS report	proto; Display
		   the IP protocol report tcpport; Display the TCP port	report
		   udpport; Display the	UDP port report

       -v	   Display the ehnt version number.

       -x prefix   Only	 display  flows	to/from	this IP	prefix.	The format for
		   <prefix> is 'address/length',  for  example	1.2.3.4/30  or
		   127.0.0.0/8.

FILES
       /usr/local/etc/asnc.txt
			Autonomous Systems Number-to-Name Convertion config

SEE ALSO
       ehntserv(8)

AUTHORS
       Nik Weidenbacher	<nikw@martnet.com>
       Dmitry Morozovsky <marck@rinet.ru>

			      September	04, 2001		       EHNT(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ehnt&sektion=1&manpath=FreeBSD+Ports+15.0>

home | help