Date: Mon, 20 Sep 2010 11:13:23 +0400 From: Eugene Mitrofanov <eugene@imedia.ru> To: freebsd-stable@freebsd.org, freebsd-questions@freebsd.org Subject: vlan + ng_ipfw + ng_netflow == no success Message-ID: <201009201113.24220.eugene@imedia.ru>
next in thread | raw e-mail | index | archive | help
Hello
I need the advise. Does anybody got the Subj working?
I have FreeBSD 7.3-p2, Generic kernel. I try to set up the netflow traffic
accounting using ng_ipfw from vlan interface. I created vlan interface, ipfw
rule, set up ng hooks but the netflow export is not working. tcpdump does
not catch any packets to the collector. Any suggestion? Should I create the
bug report?
- - - - - - - -
# ifconfig vlan1 create vlan 1 vlandev fxp0 inet 192.168.1.1 netmask
255.255.255.0
# ipfw add 10 ngtee 1 via vlan1
# ngctl -f - <<ENDL
mkpeer ipfw: netflow 1 iface0
name ipfw:1 netflow
msg netflow: setdlt { iface=0 dlt=12 }
msg netflow: setifindex { iface=0 index=7 }
mkpeer netflow: ksocket export inet/dgram/udp
msg netflow:export connect inet/10.167.1.252:2055
name netflow:export export
msg netflow: settimeouts { inactive = 60 active = 60 }
ENDL
# ping -c 5 192.168.1.254
PING 192.168.1.254 (192.168.1.254): 56 data bytes
64 bytes from 192.168.1.254: icmp_seq=0 ttl=255 time=0.672 ms
64 bytes from 192.168.1.254: icmp_seq=1 ttl=255 time=0.617 ms
64 bytes from 192.168.1.254: icmp_seq=2 ttl=255 time=0.658 ms
64 bytes from 192.168.1.254: icmp_seq=3 ttl=255 time=0.663 ms
64 bytes from 192.168.1.254: icmp_seq=4 ttl=255 time=0.681 ms
--- 192.168.1.254 ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.617/0.658/0.681/0.022 ms
# ipfw show
00010 10 840 ngtee 1 ip from any to any via vlan1
# tcpdump -n host 10.167.1.252 and port 2055
<nothing>
- - - - - - -
Good luck
--
EMIT-RIPN, EVM7-RIPE
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201009201113.24220.eugene>