Seeking for the flow
-
Hi,
This may not pertain directly to pfSense but indirectly to the pfflowd package so I'll give this one a try here.
I have successfully installed (1) ntop+netflow collector+pfflowd and also (2) pfflowd + net flow analyser from manageengines, and gotten both to work, sort of. There were a few issues during install of (1) that I may comment on in another thread.
Even though I have been able to verify that stats are coming in and that pretty graphs are being drawn in both (1) and (2) I have one question.
Where is the full flow, the full bandwidth? I can download like a GB and the when I look in these pfflowd generated stats they only show a fraction of the data that has been handled by the interfaces. And I thought that the TCP/UDP data should be correctly reported anyway, even if the setup in question cannot correctly identify the exact protocol being used.
I'm open to the fact that I may be missing something here. Can someone explain this pls?
In pfflowd I have correct host set and correct port, obviously. I then have "any" in direction and netflow version set to "5".
TIA,