Hi Greg,
I also had issues every now and then with softflowd. Furthermore softflowd can
become quite resource intensive on busy
interfaces. In order to overcome these issues, there is nfpcapd. It's still
considered to be experimental but already
included in nfdump-1.6.10. It's basically a melt between softflowd and nfcapd.
It either listens on an interface or
reads from a pcap file and directly creates nfcapd files without any netflow
protocol overhead.
Maybe this does not help you directly with pfsense.
- Peter
On 23/10/13 21:22, greg whynott wrote:
just as an FYI in case someone else is searching the webs for this.
i'm using a current release of pfsense and exporting netflow data via
softflowd v 0.9.8.
we analyse the exports with nfdump and noticed if you are exporting v9 the
time stamps will be very wrong (by weeks/months).using v5 exports
provides correct time stamps.
I'm not sure why pfsense is still using what seems to be a very old version
(0.9.8 vrs 1.6.9) but there it is...
thanks,
greg
--
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register
http://pubads.g.doubleclick.net/gampad/clk?id=60135991iu=/4140/ostg.clktrk
___
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
--
Be nice to your netflow data. Use NfSen and nfdump :)
--
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951iu=/4140/ostg.clktrk
___
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss