jean-yves boisiaud <[email protected]> writes: > I also use nfsen/nfdump as the netflow collector/analyzer. > > pf.conf enables netflow for every pf rule (set state-defaults pflow).
One of the more common mistakes in configs using set state-defaults is to assume that the default will append itself to rules where you add other state options (such as state tracking). If you have rules with specific state options, check that you have the pflow option in there too. It's by no means certain that this is your problem, rather something to check and if needed eliminate. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
