From maxframes at hotmail.com Tue Sep 3 20:48:06 2013 From: maxframes at hotmail.com (MaxFrames) Date: Tue, 3 Sep 2013 12:48:06 +0200 Subject: [netflow-tools] pfflowd and prtg - problem with timeout Message-ID: Hi, I have a few pfsense machines (old PIV desktop PCs with 512 MB of RAM) acting as firewalls for some branch offices. Since I was already a PRTG user (also running on a similar machine), I thought about installing pfflowd on the pfsense machines to collect and sent NetFlow data to the PRTG collector (situated on a different site than the pfsense machines, over a WAN link) so I can monitor traffic on the branch offices. The first problem I encountered was that pfflowd was sending rogue data, so I had to switch from NetFlow v9 to v5 and the problem was solved. The current issue is that I often get a warning in PRTG about data being discarded because their timestamp is older than the configured timeout value. This in turn generates a ToDo type warning in the PRTG console and an email is sent to me. I want to avoid this. The timeout value must be entered in the PRTG sensor configuration, and should match the value set in the sending device, or at least be greater than that value. But there is no place to set the timeout value in pfflowd. So I tried to increase the value, I went up from 2 minutes to 120 minutes (!!) but I still get these alerts. What is causing this, and is there any way to avoid it? I'd hate having to give up on pfflowd for this. Thanks, best regards -- MaxFrames