* Michael Gale <michael.g...@pason.com> [2012-07-07 00:26]: > I have read over the docs but it is not clear if I can run a netflow sensor / > emitter per interface? If so then on the netflow server I could query by > sensor. The other thing that came to mind is in the past with a different > vendor I have setup netflow emitters on a per interface(normally one per > gateway device still), now pflow does not seem to support that because it is > determined by pf from my understanding, is that correct?
basically, yes. > So should I only tag (pflow) on rule sets that are on the external interface > and make sure it is on the "in" and "out" rule sets? sounds about right for what you seem to want to achieve. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
