Date: Sat, 10 Aug 2013 13:51:28 -0000 From: Fbsd8 <fbsd8@a1poweruser.com> To: Volodymyr Kostyrko <c.kworr@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: if_bridge and ng_netflow Message-ID: <522F23D5.60909@a1poweruser.com> In-Reply-To: <5204B0A9.8020508@gmail.com> References: <5204B0A9.8020508@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Volodymyr Kostyrko wrote: > Hi all. > > I have one machine with bridge configured. Recently I thinked about > capturing all traffic on the bridge with ng_netflow. > > 1. ng_ether doesn't attach to bridge0 interface: > > # ngctl list | grep ether > Name: rl0 Type: ether ID: 00000034 Num hooks: 2 > Name: ste0 Type: ether ID: 00000035 Num hooks: 2 > Name: wlan0 Type: ether ID: 00000036 Num hooks: 2 > > 2. If I attach all physical interfaces to netflow I get no statistics > for data originating from server. I.e. I see all inbound traffic but I > see no outbound traffic. > > Maybe I'm just doing everything wrong? I'm adding interfaces to netflow > this way: > > connect wlan0: netflow0: upper iface2 > connect wlan0: netflow0: lower iface3 > connect netflow0: netflow0: out2 out3 > > 3. Ok, I can do this other way (sorry, I'm bad at netflow scripting): > > mkpeer eiface ether ether > rmhook ngeth0: ether > > ifconfig ngeth0 up > ifconfig bridge0 span ngeth0 > > And again I see only inbound packets. I see no packets coming from me. > > Is there any other working way to get stats from bridge interface? > if_bridge is relatively new in FreeBSD. Netgraph precedes if_bridge and is un-aware of if_bridge. Change your if_bridge definition to a ng bridge definition and everything your trying to do should fall into place.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?522F23D5.60909>