softflowd does not report direction and if_name in v9 which is important metrics

[pwp333]

softflowd does not report direction and if_name in v9 which is important metrics

DIRECTION 61 IF_NAME 82

Could we add these?

[irino]

I added these IEs on the latest commit ead968d2843019dfb9e686f1c114833be761b32c .

[pwp333]

Thanks a lot Hitoshi! We appreciate your help!

[pwp333]

Hi Hitoshi, would it be possible to add these real interface name in netflow9.c? Currently if_name = 'any' if user passes -i any in command line. Can we pass in the real interface name like eth0 / eth1. Or we could use the following values. Thanks a lot.

252:

• :uint32
• :ingressPhysicalInterface

253:

• :uint32
• :egressPhysicalInterface

[irino]

I have no idea to lookup interface name when "any" is specified, because pcap_dispatch function doesn't have interface information. I think it is better to run each softflowd process for each interface.

[pwp333]

Thanks Hitoshi for the info. Does softflowd cache flow in memory? Was worried if multiple softflowd process can take much memory.

[irino]

Yes, cache is on memory. If you worry the amount of memory, I think it is better to use limitation of number of flows by -m option.

[jbhardman]

Probably something I should know how it works, but is there anyway to get this update into the version of softflowd distributed in the pfsense package manager? There is no direction there for IPFIX and I would really like to get that. Thanks! @irino

[jbhardman]

I compiled from current source on FreeBSD and replaced the two binaries on my pfSense host that came with the package manager. This now includes Direction in the template. Thanks.