Hi Michael, On Tue, Jan 09, 2007 at 01:13:13PM +0100, Muenz, Michael wrote:
> In networks.server are only ip addresses listed (/32), no > networks. My problem is, that my nfacctd writes content from > this probe to DB with port information (I aggregate only host > on probe) and also, it writes the ip addresses from clients > not listed in networks.server in the DB. > My thought was to do all filtering on the probes and leave the > server unconfigured (with filtering). Doesn't the networkds_file > parameter work with nfprobe plugin? Regarding the ports: actually nfprobe plugin creates full-featured NetFlow v5 packets, ignoring the 'aggregate' directive. This might change in the very near future. To workaround this, you can switch to NetFlow v9 - which honours the 'aggregate' content. Regarding the 'networks_file': in both nfprobe and sfprobe it is meant only to bind an AS number to given src and dst IP addresses. Filtering is currently not supported but indeed it's a very good idea. I'm piling this up to my TODO list. Stay tuned. Cheers, Paolo _______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists
