> On 16 May 2023, at 06:46, Matthew Petach <mpet...@netflight.com> wrote:
> [..]
> I admit, I'm perhaps a little behind on the latest netflow whiz-bangs,
> but I've never seen a netflow record type that included HTTP cookies
> or PCAP data before.
Take your pick from the "latest" ~2009 IPFIX Information Elements:
https://www.iana.org/assignments/ipfix/ipfix.xhtml
One can stuff almost anything in there.
Now if one should, and if one is allowed to.....
There is a reason why the marketing companies that control the general Internet
moved the browser to HTTPS and are trying to move to using their VPNs/CDNs:
cannot modify the data to alter or remove the Ad in-flight, and cannot easily
see anymore what people are even contacting: visibility for the ad network and
not the ISP (which is mostly a good thing, but not so much operationally ;) )
Greets,
Jeroen