Re: cannot get output from pflow on openbsd v. 5.8 amd64
Hi! On 2015-12-08 10:50, Stuart Henderson wrote: On 2015-12-08, Imre Oolberg wrote: Hi! I have used pflow 5 successfully before but now on OpenBSD v. 5.8 it seems to refuse working. Config looks like this # cat /etc/hostname.pflow0 flowsrc 192.168.10.125 flowdst 192.168.10.250:9784 pflowproto 5 description "pflow" and i start it with (also tried to start manually as man pflow says) # sh /etc/netstart pflow0 As a result new pflow0 interface appears # ifconfig pflow0 pflow0: flags=41 mtu 1492 description: pflow priority: 0 pflow: sender: 192.168.10.125 receiver: 192.168.10.250:9784 version: 5 groups: pflow but there isnt seen any associated traffic with dst port 9784 Do you have any PF rules (or a "set state-defaults" line) with the "pflow" keyword? Yes, i do with set state-defaults pflow and for example one rule is like this # pfctl -sr | egrep xx.35.252.35 | grep 80 pass in quick on seadmed inet proto tcp from any to xx.35.252.35 port = 80 flags S/SA keep state (pflow) tag TO_KOHTVORK rdr-to 192.168.5.8 Otherwise this new firewall is working quite beautifully. Imre
Re: cannot get output from pflow on openbsd v. 5.8 amd64
On 2015-12-08, Imre Oolberg wrote: > Hi! > > I have used pflow 5 successfully before but now on OpenBSD v. 5.8 it > seems to refuse working. Config looks like this > > # cat /etc/hostname.pflow0 > flowsrc 192.168.10.125 flowdst 192.168.10.250:9784 pflowproto 5 > description "pflow" > > and i start it with (also tried to start manually as man pflow says) > > # sh /etc/netstart pflow0 > > As a result new pflow0 interface appears > > # ifconfig pflow0 > pflow0: flags=41 mtu 1492 > description: pflow > priority: 0 > pflow: sender: 192.168.10.125 receiver: 192.168.10.250:9784 > version: 5 > groups: pflow > > but there isnt seen any associated traffic with dst port 9784 Do you have any PF rules (or a "set state-defaults" line) with the "pflow" keyword?
cannot get output from pflow on openbsd v. 5.8 amd64
Hi! I have used pflow 5 successfully before but now on OpenBSD v. 5.8 it seems to refuse working. Config looks like this # cat /etc/hostname.pflow0 flowsrc 192.168.10.125 flowdst 192.168.10.250:9784 pflowproto 5 description "pflow" and i start it with (also tried to start manually as man pflow says) # sh /etc/netstart pflow0 As a result new pflow0 interface appears # ifconfig pflow0 pflow0: flags=41 mtu 1492 description: pflow priority: 0 pflow: sender: 192.168.10.125 receiver: 192.168.10.250:9784 version: 5 groups: pflow but there isnt seen any associated traffic with dst port 9784 and also, tcpdump says # tcpdump -ni pflow0 tcpdump: Failed to open bpf device for pflow0: Device not configured Maybe i miss here something obvious and i would be thankful for directions. This happens on a ordinary 64 bit PC with 'amd64'. Best regards, Imre
