Softflowd does not export MAC addresses
-
NetFlow v9 exports using softflowd do not contain src/dst MAC addresses!
Without MAC addresses flows are useless. -
Abandon softflowd and integrate pmacct, please.
-
MAC addresses are useless in most firewall scenarios (the MACs on WAN will only be the firewall and the gateway, for example).
pmacct does look interesting though. It might make a decent package eventually.
-
MAC addresses are useless in most firewall scenarios
Not if your pfSense acts as LAN router. My pfSense is router for WiFi clients, so MAC addresses in NetFlow exports along with RADIUS authentication info are crucial for me.
-
Sure, but I said "most", not "all".
Can your switches export the Netflow instead?