[133226] in North American Network Operators' Group
Re: ipfix/netflow/sflow generator for Linux
daemon@ATHENA.MIT.EDU (Eric S. Johnson)
Mon Dec 6 17:34:54 2010
To: "Thomas York" <straterra@fuhell.com>
In-Reply-To: Your message of "Mon, 06 Dec 2010 15:44:57 EST."
<!&!AAAAAAAAAAAYAAAAAAAAAF14xRJYlm1EkOxD1AqQStBCgQAAEAAAADc+h2lyD+pGhAkF+zuwnmYBAAAAAA==@fuhell.com>
Date: Mon, 06 Dec 2010 17:34:47 -0500
From: "Eric S. Johnson" <esj@cs.fiu.edu>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>fprobe doesn't work properly because it has the input and output interface
>IDs as both 0.
fprobe-ulog fixes this. From the http://fprobe.sourceforge.net/ front page:
fprobe-ulog - libipulog-based fork of fprobe. It obtains packets
through linux netfilter code (iptables ULOG target). The main
advantages of this version are native input/output interface
SNMP-index support and significant performance benefit. Of course,
this version work on linux only.
We have used it here for a few years and have been quite happy with it.
E
