3. Pfflowd generates somtetimes double records

Pfflowd generates somtetimes double records

  • R

    Hi!

    I use pfSense 1.2.1 with pfflowd package together with nfcapd and nfdump for collecting and viewing the netflow records.

    Sometimes there are double records where there should only be one.

    Here are two examples:

    
2009-01-04 11:00:26.556  5167.000 TCP          10.0.3.34:4147  ->    80.140.195.57:30730     8118    9.4 M     1
2009-01-04 11:00:26.556  5167.000 TCP      80.140.195.57:30730 ->        10.0.3.34:4147      4583   188560     1
2009-01-04 11:00:25.990  5178.000 TCP          10.0.3.34:4147  ->    80.140.195.57:30730     8118    9.4 M     1
2009-01-04 11:00:25.990  5178.000 TCP      80.140.195.57:30730 ->        10.0.3.34:4147      4583   188560     1


    
2009-01-04 14:25:26.720   800.000 TCP          10.0.3.50:1942  ->    87.248.217.89:80       19858   802352     1
2009-01-04 14:25:26.720   800.000 TCP      87.248.217.89:80    ->        10.0.3.50:1942     38147   53.9 M     1
2009-01-04 14:25:25.720   801.000 TCP          10.0.3.50:1942  ->    87.248.217.89:80       19858   802352     1
2009-01-04 14:25:25.720   801.000 TCP      87.248.217.89:80    ->        10.0.3.50:1942     38147   53.9 M     1

    Is it a bug in pfflowd or is there something wrong with my configuration?

    Thanks for your help,
    Franz

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy