[netflow-tools] Flow direction
Jason Dixon
jason at dixongroup.net
Sun May 22 14:36:41 EST 2005
Still working on the same flowd->db application, looks like I might
have found an interface/direction problem with either pfsync or
pfflowd. I noticed that no matter what type of traffic I push through
my PF firewalls, "inbound" traffic is always identified with the
external interface and "outbound" with the internal. Even when I
attempt outbound connections from internal hosts (or the firewall
itself), outbound traffic is always assigned to the internal interface.
An example flow can be seen in line 1 of the output at
http://www.dixongroup.net/netmon.txt. I have enabled if-bound
state-policy, but this has had no effect. Is this another
pfsync->pfflowd issue?
Thanks,
--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net
More information about the netflow-tools
mailing list