Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 09 Aug 2013 12:04:41 +0300
From:      Volodymyr Kostyrko <c.kworr@gmail.com>
To:        freebsd-questions@freebsd.org
Subject:   if_bridge and ng_netflow
Message-ID:  <5204B0A9.8020508@gmail.com>

Next in thread | Raw E-Mail | Index | Archive | Help
Hi all.

I have one machine with bridge configured. Recently I thinked about 
capturing all traffic on the bridge with ng_netflow.

1. ng_ether doesn't attach to bridge0 interface:

# ngctl list | grep ether
   Name: rl0             Type: ether           ID: 00000034   Num hooks: 2
   Name: ste0            Type: ether           ID: 00000035   Num hooks: 2
   Name: wlan0           Type: ether           ID: 00000036   Num hooks: 2

2. If I attach all physical interfaces to netflow I get no statistics 
for data originating from server. I.e. I see all inbound traffic but I 
see no outbound traffic.

Maybe I'm just doing everything wrong? I'm adding interfaces to netflow 
this way:

     connect wlan0: netflow0: upper iface2
     connect wlan0: netflow0: lower iface3
     connect netflow0: netflow0: out2 out3

3. Ok, I can do this other way (sorry, I'm bad at netflow scripting):

mkpeer eiface ether ether
rmhook ngeth0: ether

ifconfig ngeth0 up
ifconfig bridge0 span ngeth0

And again I see only inbound packets. I see no packets coming from me.

Is there any other working way to get stats from bridge interface?

-- 
Sphinx of black quartz, judge my vow.



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?5204B0A9.8020508>