Date: Thu, 8 Jan 2015 20:46:23 -0500 From: "O'Connor, Daniel" <Daniel.O'Connor@emc.com> To: Patrick Lamaiziere <patfbsd@davenulle.org> Cc: "O'Connor, Daniel" <Daniel.O'Connor@emc.com>, FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: if_pflow from OpenBSD Message-ID: <9085F2E7-5429-4C16-86DB-7C3F04C993DC@emc.com> In-Reply-To: <20150108101744.2c2a9eae@mr185083> References: <45056363-1E83-4318-B870-7F673993166B@emc.com> <20150108101744.2c2a9eae@mr185083>
next in thread | previous in thread | raw e-mail | index | archive | help
On 8 Jan 2015, at 19:47, Patrick Lamaiziere <patfbsd@davenulle.org> wrote: > Le Wed, 7 Jan 2015 07:26:42 -0500, > "O'Connor, Daniel" <Daniel.O'Connor@emc.com> a =E9crit : >=20 >> Has anyone attempted a port of this? >> (http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys/net/if_pflow.c) >>=20 >> I used to use pfflowd but it broke due to pf changes and looks dead >> upstream - if_pflow(4) seems like the canonical pf way now. >=20 > May be you can try ng_netflow(4)? Funny you should mention that :) I am using mpd for PPPoE which uses netgraph and so enabled that (although = had to fix a bug when you have netflow and IPv6) - however I am using pf fo= r my firewall and NAT and I'd rather not change. That means that mp (and he= nce ng_netflow) don't see un-NAT'd addresses which makes the flow tracking = not particularly useful. I could run softflowd but that doesn't see traffic generated by the router = itself (of which there is quite a bit) so that's out too.. I had a look at if_pflow and it does appear to handle NAT properly and so s= hould do what I want.. > (I have to migrate an OpenBSD firewall to FreeBSD and any > input on ng_netflow will be welcome.) I think if you used netgraph for NAT then it would work but I'm reluctant t= o migrate my setting (just yet anyway..) Regards, Daniel O=92Connor Senior Software Engineer Isilon Platforms Team
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9085F2E7-5429-4C16-86DB-7C3F04C993DC>