[netflow-tools] softflowd questions
Douglas Choma
doug at nakediron.com
Fri Aug 17 07:36:19 EST 2007
Sorry if this has been answered elsewhere... I didn't find an mailing
list archive.
I'm trying to set up my Linux "router" to monitor Internet bandwidth
usage (using Netflow). But I'm a little confused on a few issues:
1) Do I only need to monitor the external interface? Will that give
me data about the source IP from internal requests? Or will the
NAT'd packet contain the firewall's address as the source?
2) With the external interface in promiscuous mode, won't that open
up the firewall to unwanted security risks?
Please forgive my ignorance on this stuff.
More information about the netflow-tools
mailing list