Netflow / pfflowd / softflowd
-
https://redmine.pfsense.org/issues/4304 …
Is pfflowd deprecated? I am just getting into logging flows and looking to set off on the right foot. I've had some luck with softflowd on 2.2.x but not tried anything on 2.3 yet. Is softflowd the preferred method?
-
pfflowd didn't work on 2.2.x at all, some things changed in the internals of pf and the maintainer of pfflowd (the actual project, not our package) has apparently abandoned it.
softflowd should work, it's what we currently recommend.
-
Perfect, thanks for that
-
Just a side note, this issue might be nice to be aware of:
https://forum.pfsense.org/index.php?topic=68390.msg573257#msg573257
Have fun :P
-
Hmm that is sad indeed. Don't know what the differences in v5 vs v9 are or what if anything is lost by falling back to the older version. What are you guys using for visualizing bandwidth/flows – ntopng? built in RRD? Am I cuckoo for trying to use netflow? I saw this post on pushing data to an ELK server and the results are very impressive. That's basically what I wanted to emulate.
