rc.d: Add ipfw_netflow
ClosedPublic
Actions

Authored by manu on Jun 28 2017, 8:33 AM.

Details

Reviewers

bapt
olivier

Summary

Add an rc.d script to setup a netflow export via ng_netflow
The default is to export netflow data on localhost on the netflow port.
ngtee is used to have the lowest overhead possible.
The ipfw ng hook is the netflow port (it can only be numeric)
Default is netflow version 5.

Diff Detail

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 10301
Build 10718: arc lint + arc unit

Event Timeline

manu created this revision.Jun 28 2017, 8:33 AM

Herald added a subscriber: imp. · View Herald TranscriptJun 28 2017, 8:33 AM

I like it: It's work :-)
Some potential improvement:

allowing to configure just the rule number (01000) in place of having to declaring the full rule line
Cosmetic: Setting a name to the ksocket, like export-flow or something like that (it just help to describe a little-better the graphiz).

Add checks on hook and rule params.
Rule now is only the rule number, easier to customize existing ipfw setup.
Name the ksocket so graph generated by ngctl dot is prettier.

olivier accepted this revision.Jun 29 2017, 11:30 AM

This revision is now accepted and ready to land.Jun 29 2017, 11:30 AM

bapt accepted this revision.Jun 29 2017, 5:01 PM