[netflow-tools] Problem with pfflowd on freebsd 6.0
Sebastian Schwerdhoefer
sschwerdhoefer at multamedio.de
Fri Jan 20 23:48:31 EST 2006
Damien Miller schrieb am 2006-01-20 um 13:26 Uhr:
> I have no idea why you aren't seeing PFSYNC_ACT_DEL messages...
>
> Could you have your pfflowd.c to printf() the pf->action value? Maybe
> that will give us a clue.
pfsync works fine, and state deletions are synchronized too, but
pfflowd (with a debug message) just prints out:
...
DEBUG: ph->action: 1
DEBUG: ph->action: 2
...
No PFSYNC_ACT_DEL message arrives, only PFSYNC_ACT_INS and
PFSYNC_ACT_UPD. It seems as pfsync (on FreeBSD 6) uses PFSYNC_ACT_UPD
to notify about state deletions...
Sadly I'm not a programmer, so I couldn't figure out how to detect if
a PFSYNC_ACT_UPD message is a masked delete message.
regards,
Sebastian Schwerdhoefer
More information about the netflow-tools
mailing list