[pmacct-discussion] Bug: Print stdout

[Colin Horsington]

Paolo,

There seems to be a bug in 0.9.3... I have two configs and associated  
outputs the 2nd has the issue:

=============================================
sfacctd1.config:
  aggregate:  
src_mac,dst_mac,vlan,src_host,dst_host,src_port,dst_port,tos,proto,flows
  plugins: print
  print_refresh_time: 30
  sfacctd_renormalize: true

[EMAIL PROTECTED]:~/pmacct-0.9.3$ ./sfacctd -f sfacctd1.config
INFO ( default/core ): waiting for data on UDP port '6343'
ID     SRC MAC            DST MAC            VLAN   SRC IP            
DST IP           SRC PORT  DST PORT  PROTOCOL    TOS    PACKETS      
FLOWS       BYTES
0      00:0c:cf:51:f4:19  00:90:1a:41:43:8b  2450   62.107.84.X     
203.129.44.X    6882      4072      tcp         0      2048         
0           2818048
0      00:0c:cf:51:f4:19  00:90:1a:41:43:8b  2450   81.231.64.X      
203.129.54.X    6346      3066      tcp         160    2048         
0           3059712
0      00:0c:cf:51:f4:19  00:90:1a:41:43:8b  2450   69.90.60.X      
203.129.44.X   80        1108      tcp         0      2048         
0           974848
0      00:0c:cf:51:f4:19  00:90:1a:41:43:8b  1102   82.33.86.X       
203.129.41.X    6346      1220      tcp         0      2048         
0           180224
0      00:0c:cf:51:f4:19  00:90:1a:41:43:8b  1102   72.36.151.X     
203.129.43.X   80        1823      tcp         0      2048         
0           3059712

=============================================
sfacctd2.config
  aggregate:  
src_mac,dst_mac,vlan,src_host,dst_host,src_as,dst_as,src_port,dst_port,t 
os,proto,flows
  plugins: print
  print_refresh_time: 30
  sfacctd_renormalize: true

[EMAIL PROTECTED]:~/pmacct-0.9.3$ ./sfacctd -f sfacctd2.config
INFO ( default/core ): waiting for data on UDP port '6343'
ID     SRC MAC            DST MAC            VLAN   SRC IP            
DST IP           SRC PORT  DST PORT  PROTOCOL    TOS    PACKETS      
FLOWS       BYTES
0      00:90:1a:41:43:8b  00:0c:cf:51:f4:19  1102   7718              
22318            17075     9092      tcp         0      2048         
0           122880
0      00:90:1a:41:43:8b  00:0c:cf:51:f4:19  1102   7718              
3320             4143      6881      tcp         0      2048         
0           3018752
0      00:90:1a:41:43:8b  00:0c:cf:51:f4:19  1102   7718              
4804             1952      37248     udp         0      2048         
0           276480
0      00:0c:cf:51:f4:19  00:90:1a:41:43:8b  2450   12076             
0                1863      62681     tcp         0      2048         
0           133120
0      00:0c:cf:51:f4:19  00:90:1a:41:43:8b  2450   18111             
0                80        42591     tcp         0      2048         
0           3100672
0      00:90:1a:41:43:8b  00:0c:cf:51:f4:19  1102   7718              
18111            42605     80        tcp         0      2048         
0           514048
0      00:90:1a:41:43:8b  00:0c:cf:51:f4:19  1102   7718              
7575             2796      80        tcp         0      2048         
0           122880


In the second example the src_ip and dst_ip are actually the AS  
numbers and not the IP addresses.  I would very much like to store  
both AS numbers (src, dst, next) and IP addresses (eventually in  
mysql) as the configuration is specified - I wonder if this bug is  
also applicable for use mysql for storage?

Would it also be possible to store the IP address of the sFlow  
originator and src/dst interfaces?  This might be required where I  
have a large distributed architecture, and too ensure we do not  
double count - I would need to structure the database queries to  
exclude some switches and their interfaces...

Thanks,


Colin