Syntax error if nfdump equal sign no longer supported - "syntax error at 'port=80'"

[falz]

Fresh install of nfsen-ng with nfdump 1.7.5. syslogs show this, repeating for any ports defined in settings.php. It then doesn't create the rrd files and spits out more errors for that

Exception: NfDump: Error in filter syntax. <br><b>Output:</b> Line 1: syntax error at 'port=80'

Looking into it further, if you issue nfdump command with "port=80" it does indeed fail. "port 80" works.

Fix is in backend/common/Import.php, replacing = with a space:

        //$nfdump->setFilter('dst port=' . $port);
        $nfdump->setFilter('dst port ' . $port);

I can confirm this works with older nfsen verisons as well - tested nfdump syntax on our older server which has 1.6.6.

[falz]

Should also add - i browsed the nfdump release notes at https://github.com/phaag/nfdump/releases and see nothing about this. 1.7.0 sounds like a lot of things were overhauled, so possibly then.

Its possible it's a bug with nfdump, but since space and = both work, may as well adjust nfsen-ng to support the one that always works.

[mbolli]

thanks for the research!