Thank you Paolo,
I see I can use aggregation filters also. So I guess will find a way to
implement what is needed without having a convoluted configuration file.
cheers,
Alex
On Thu, Feb 27, 2020 at 12:24 PM Paolo Lucente wrote:
>
> Hi Alex,
>
> Ack. The other way you could "filter" out is
Hi Alex,
Ack. The other way you could "filter" out is with a networks_file: in
there you specify the network(s) you are interested in following the
example here:
https://github.com/pmacct/pmacct/blob/master/examples/networks.lst.example
In the simplest case, you just want to list networks of
Hi Paolo,
On Tue, Feb 25, 2020 at 6:41 PM Paolo Lucente wrote:
>
> Hi Alex,
>
> Thanks for your feedback. I see you did run "tcpdump -n -vv -i nflog:1"
> which is equivalent to run uacctd without any filters; as you may know,
> you can append a BPF-style filter to the tcpdump command-line,
Hi Alex,
Thanks for your feedback. I see you did run "tcpdump -n -vv -i nflog:1"
which is equivalent to run uacctd without any filters; as you may know,
you can append a BPF-style filter to the tcpdump command-line, precisely
as you express it in pre_tag_map. Can you give that a try and see if
Here is the output when running in debug mode:
INFO ( default/core ): Linux NetFilter NFLOG Accounting Daemon, uacctd
(20200222-01)
INFO ( default/core ): '--prefix=/usr' '--enable-mysql' '--enable-nflog'
'--enable-l2' '--enable-traffic-bins' '--enable-bgp-bins'
'--enable-bmp-bins'
Hi Paolo,
On Sat, Feb 22, 2020 at 4:18 PM Paolo Lucente wrote:
>
> Hi Alex,
>
> Is it possible with the new setup - the one where pre_tag_map does not
> match anything - the traffic is VLAN-tagged (or MPLS-labelled)? If so,
> you should adjust filters accordingly and add 'vlan and', ie. "vlan
Hi Alex,
Is it possible with the new setup - the one where pre_tag_map does not
match anything - the traffic is VLAN-tagged (or MPLS-labelled)? If so,
you should adjust filters accordingly and add 'vlan and', ie. "vlan and
src net 192.168.28.0/24 or vlan and src net 192.168.100.0/24".
Paolo
Working further on this, it seems that for pmacct is sufficient to filter
traffic using only the pre_tag_filter, thus no need for the aggregation
filters.
The issue with this setup though is that I loose the information of the
pre_nat source IP address when monitoring at the WAN interfaces. Due to
