On 2013-05-02, Jan Stary wrote:
> Thanks for the recommendation. I just installed nfdump-1.6.3.1p0
> and noticed that there is no rc.d script - is that expected?
yes, you often want to run multiple nfcapd collectors and rc.d(8),
which is kept simple on purpose, can't handle this type of situation
Jan Stary(h...@stare.cz) on 2013.05.02 16:08:34 +0200:
> Hm, setting the flow sender to 127.0.0.1 solved it
>
> $ cat /etc/hostname.pflow0
> flowsrc 127.0.0.1 flowdst 127.0.0.1:9995 pflowproto 5
>
> That is, nfscapd didn't see any flows if the reports
>
On Thu, May 2, 2013 at 5:55 AM, Jan Stary wrote:
> Also, the -u and -g options of nfcapd do not seem to work:
> while the _nfcapd user and group are created by the package,
> nfcapd simply does not start if I try to use -u or -g.
> (Without it, it runs just fine).
I use the following without inci
On May 02 15:25:34, h...@stare.cz wrote:
> Ok, so my pflow interface is up,:
>
> pflow0: flags=141 mtu 1492
> priority: 0
> pflow: sender: 0.0.0.0 receiver: 127.0.0.1:9995 version: 5
> groups: pflow
>
> The created states are exported:
>
> set state-defaults pflow, no
Ok, so my pflow interface is up,:
pflow0: flags=141 mtu 1492
priority: 0
pflow: sender: 0.0.0.0 receiver: 127.0.0.1:9995 version: 5
groups: pflow
The created states are exported:
set state-defaults pflow, no-sync
(Also pfctl -sr says so)
The nfcapd is listeni
On May 01 11:31:23, deich...@wrench.com wrote:
> I use nfdump for netflow collection and analysis.
On May 01 20:01:27, hrv...@srce.hr wrote:
> If you export v5 flows from openbsd 5.3 go with nfdump/nfsen
On May 01 22:22:50, pe...@bsdly.net wrote:
> My absolute favorite is nfdump feeding nfsen.
T
If you don't have too many flows (seeing as you are using it for the home
network), you could install Splunk* with the "Netflow for Splunk"
application (which uses nfcapd/nfdump) instead of using nfsen. This allows
you to correlate flows with other type of interesting log information as
well as all
Jan Stary writes:
> I just started using plfow(4) on the router/firewall
> of my small home network. What do people recommend for
> collection and analysis tools? So far, I am aware of
> packages for flow-tools, flowd, and softflowd.
My absolute favorite is nfdump feeding nfsen. pkg_add nfsen an
I use nfdump for netflow collection and analysis.
diana
Past hissy-fits are not a predictor of future hissy-fits.
Nick Holland(06 Dec 2005)
On Wed, 1 May 2013, Jan Stary wrote:
I just started using plfow(4) on the router/firewall
of my small home network. What do people recommend for
collecti
On 1.5.2013. 19:11, Jan Stary wrote:
> I just started using plfow(4) on the router/firewall
> of my small home network. What do people recommend for
> collection and analysis tools? So far, I am aware of
> packages for flow-tools, flowd, and softflowd.
>
> Thanks
>
> Jan
>
I
I just started using plfow(4) on the router/firewall
of my small home network. What do people recommend for
collection and analysis tools? So far, I am aware of
packages for flow-tools, flowd, and softflowd.
Thanks
Jan
11 matches
Mail list logo
