Inet-Admins mailing list archive (inet-admins@info.east.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[inet-admins] netflow originator
Hi,
Когда-то интересовались оригинатором netflow - вот наткнулся на
Softflowd is flow-based network traffic analyser capable of Cisco
NetFlow. data export. Softflowd semi-statefully tracks traffic flows
recorded by listening on a network interface or by reading a packet
capture file. These flows may be reported via NetFlow. to a collecting
host or summarised within softflowd itself.
# ./softflowctl -c /var/run/sfd.ctl.fxp1 statistics
softflowd[2938]: Accumulated statistics:
Number of active flows: 8192
Packets processed: 1232538
Ignored packets: 585 (585 non-IP, 0 too short)
Flows expired: 39321 (38634 forced)
Flows exported: 78642 in 14098 packets (0 failures)
Expired flow statistics: minimum average maximum
Flow bytes: 37 11698 13268666
Flow packets: 1 23 15034
Duration: 0.00s 11.12s 1012.43s
Expired flow reasons:
tcp = 0 tcp.rst = 687 tcp.fin = 0
udp = 0 general = 0 maxlife = 0
over 2Gb = 0
maxflows = 38634
flushed = 0
Per-protocol statistics: Octets Packets Avg Life Max Life
tcp (6): 456924006 870801 11.51s 1012.43s
udp (17): 3044974 28253 9.33s 809.10s
коллектор - flow-tools, понабежало
454518 Apr 21 18:10 ft-v01.2003-04-21.180359+0400
786520 Apr 21 18:19 tmp-v01.2003-04-21.181000+0400
Sif SrcIPaddress Dif DstIPaddress Pr SrcP DstP Pkts Octets
0000 195.19.XXX.243 0000 217.174.99.54 06 50 f84 6 7540
0000 217.174.99.54 0000 195.19.XXX.243 06 f84 50 7 524
0000 195.19.XXX.53 0000 217.196.104.172 06 cf9 c38 2 80
Перед добавить #include <machine/limits.h> в convtime.c
uname -a
FreeBSD 4.8-STABLE
--
Dmitriy Yermakov, CCS SUT
dyer@sut.ru
=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@info.east.ru if you want to quit.
Archive is accessible on
|
