Re: [Nfsen-discuss] Subject: Re: incorrect timestamps in v0.9.8 with v9 exports

Tue, 29 Oct 2013 07:02:14 -0700 

Hi Zacaron,

This is an issue that has been verified to exist by several folks.  Perhaps
your collector is adding its own time stamp to it rather than honouring the
ones sent in the flow data.   If you simply do a packet capture,  you can
see the time stamps with the proper decoder (try wireshark) sent from the
pfsense box are indeed incorrect while using v9,  switch to v5 and they are
correct.      it isn't a TZ issue for sure.  8)

take care,
greg



On Tue, Oct 29, 2013 at 8:24 AM, Alexandro Marcelo Zacaron <
zaca...@gmail.com> wrote:

> just as an FYI in case someone else is searching the webs for this.
>
> i'm using a current release of pfsense and exporting netflow data via
> softflowd v 0.9.8.
>
> we analyse the exports with nfdump and noticed if you are exporting v9 the
> time stamps will be very wrong (by weeks/months).    using v5 exports
> provides correct time stamps.
>
>
> I'm not sure why pfsense is still using what seems to be a very old version
> (0.9.8 vrs 1.6.9) but there it is...
>
>
> thanks,
> greg
>
> Hi greg,
>
> I'm using same version pfSense and softflowd that you say. But work fine
> in version 5 and 9!
> The commando for example is:
> softflowd -v 9 -i bge0 -n 10.1.1.140:9995 -t maxlife=300
>
> you could check the time(time zone) of pfSense and your collector
>
> Zacaron
>
>
>
> --
> Alexandro Marcelo Zacaron
> +55 45 9942 8561
>
>
> ------------------------------------------------------------------------------
> Android is increasing in popularity, but the open development platform that
> developers love is also attractive to malware creators. Download this white
> paper to learn more about secure code signing practices that can help keep
> Android apps secure.
> http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
> _______________________________________________
> Nfsen-discuss mailing list
> Nfsen-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
>
>

------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss

Reply via email to