[netflow-tools] freebsd 6.1, pflowd, and virtual IPs
Damien Miller
djm at mindrot.org
Sun Jul 9 19:46:16 EST 2006
Emerald City / Daniel Duerr wrote:
> Hello,
>
> I've successfully deployed pflowd on my freebsd 6.1-STABLE w/PF
> router/firewall and have it feeding its netflows to my collector on
> another machine. This router/firewall does bidirectional 1:1 NAT for a
> bunch of dedicated servers at a colo facility, so its got a bunch of
> virtual IPs assigned to its outside interface in addition to its own IP.
> Everything is working fine between the flow generator & collector,
> except that all the traffic is being reported against the primary IP of
> the router/firewall, not the virtual IPs that the traffic were used on.
> Anyone know of a way to make it behave the way I'd like? I use this
> for traffic accounting purposes so it is critical that I have this level
> of detail...
pfflowd should report whatever is recorded in the pfsync records. Does
a manual tcpdump of the pfsync interface show the correct addresses?
-d
More information about the netflow-tools
mailing list