Hello there!
I'm trying to tag my flows per set of hosts (each set is a customer) and
record them into mysql.
So, here is my (testing) pretag.map file :
set_tag=101 ip=185.151.188.33 filter='src host 185.151.188.30'
set_tag=102 ip=185.151.188.34 filter='src host 185.151.188.30'
set_tag=103 ip=0.0.0.0/0 filter='src net 185.151.188.0/22'
set_tag=106 ip=0.0.0.0/0
And the relevant part of my sfacctd.conf file :
! tag filtering
pre_tag_map: /etc/pmacct/pretag.map
pre_tag_filter[if-out]: 101-106
! aggregate definitions
aggregate[if-out]: tag, src_host
With that configuration, flows done by 185.151.188.30 are well recorded
with '185.151.188.30' value in the 'ip_src' mysql field, but they are
never tagged with '101', nor '102', nor even '103' values. They are
tagged with '106' value. Like if the filter never matches.
I have no idea why, could someone help please ? Thanks a lot !
--
*Aurélien* *Kempiak*
*System & Network Engineer*
*Fixe :* 03 59 82 20 05
125 Avenue de la République 59110 La Madeleine
12 rue Marivaux 75002 Paris
<https://twitter.com/OdisoHosting>
<https://www.linkedin.com/company/odiso>
<http://www.viadeo.com/fr/company/odiso>
<https://www.facebook.com/monsiteestlent>
_______________________________________________
pmacct-discussion mailing list
http://www.pmacct.net/#mailinglists