>To enable NetFlow on a particular interface netflow-in or netflow-out options should be used.
>Note: This configuration is global for the daemon, so it must be done before first bundle get connected.
I have 400 ngXXX interfaces when mpd4 start's.
I want get netflow from all 400 nodes. What I must do?
Just add this lines?
#Netflow options
set netflow export 127.0.0.1 9996
set netflow source 127.0.0.1 9990
#set netflow timeouts inactive active
#set netflow node nodename
Now I have such config:
startup:
set console port 5005
set console ip 127.0.0.1
set console user mpd mpd
set console open
default:
load pptp1
load pptp2
load pptp3
......................
load pptp400
pptp1:
new -i ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new -i ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
................................
pptp_standart:
# set pptp enable always-ack
set pptp disable windowing
#set iface route default
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 10.11.25.1
# set link mtu 1460
# set link mru 1460
set iface enable proxy-arp
# set bundle enable compression
# set bundle yes crypt-reqd
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 radiuspasswd 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
# cat /usr/local/etc/mpd4/mpd.conf|grep -v #
startup:
set iface neflow export 127.0.0.1 1111
set iface neflow sourse 127.0.0.1 2222
default:
load pptp1
load pptp2
load pptp3
pptp1:
new -n -i ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new -n -i ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
pptp3:
new -n -i ng3 pptp3 pptp3
set ipcp ranges 192.168.11.1/32 192.168.11.4/32
load pptp_standart
pptp_standart:
set iface enable netflow-in
set pptp disable windowing
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.128.2
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 passw 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
# ngctl list
There are 21 total nodes:
Name: ngctl1975 Type: socket ID: 0000002d Num hooks: 0
Name: mpd1727-pptp1-mss Type: tcpmss ID: 0000002c Num hooks: 2
Name: mpd1727-nfso Type: ksocket ID: 0000002b Num hooks: 1
Name: mpd1727-nf Type: netflow ID: 0000002a Num hooks: 3
Name: mpd1727-pptp1-vjc Type: vjc ID: 00000029 Num hooks: 4
Name: mpd1727-stats Type: socket ID: 00000028 Num hooks: 0
Name: <unnamed> Type: ksocket ID: 00000027 Num hooks: 1
Name: <unnamed> Type: pptpgre ID: 00000026 Num hooks: 2
Name: mpd1727-pptp3 Type: ppp ID: 00000024 Num hooks: 1
Name: ng3 Type: iface ID: 00000023 Num hooks: 0
Name: mpd1727-pptp3-so Type: socket ID: 00000022 Num hooks: 1
Name: mpd1727-pptp2 Type: ppp ID: 00000021 Num hooks: 1
Name: ng2 Type: iface ID: 00000020 Num hooks: 0
Name: mpd1727-pptp2-so Type: socket ID: 0000001f Num hooks: 1
Name: mpd1727-pptp1 Type: ppp ID: 0000001e Num hooks: 7
Name: ng1 Type: iface ID: 0000001d Num hooks: 1
Name: mpd1727-pptp1-so Type: socket ID: 0000001c Num hooks: 1
Name: ng0 Type: iface ID: 00000005 Num hooks: 0
Name: ipfw Type: ipfw ID: 00000003 Num hooks: 0
Name: rl1 Type: ether ID: 00000002 Num hooks: 0
Name: rl0 Type: ether ID: 00000001 Num hooks: 0
# ps -A|grep flow
1365 ?? Ss 0:00.04 /usr/local/bin/flow-capture -n 287 -w /var/db/flows/ 0.0.0.0/127.0.0.1/1111
# uname -r
6.2-RELEASE-p7
# mpd4 -v
Version 4.3
When I use ng_netflow - I catch netflow, but I need catch it from ng*:
#ngctl -f /ng
#cat /ng
mkpeer rl1: tee lower left
name rl1:lower tee0
connect rl1: rl1:lower upper right
mkpeer tee0: one2many left2right many0
name tee0:left2right one2many0
connect tee0: one2many0: right2left many1
mkpeer one2many0: netflow one iface0
name one2many0:one netflow
mkpeer netflow: ksocket export inet/dgram/udp
msg netflow: setifindex { iface=0 index=2 }
msg netflow:export connect inet/127.0.0.1:2222
Config mostly fine except:
- I would recommend you to remove -n and -i options from new commands, they are deprecated;
- instead 'sourse' you should write 'source';
- it may be complicated to bind two sockets to the same port, check port 1111 and 2222 ports usage;
- your ng_netflow connect method is expensive as you are using ng_tee to duplicate all packets. I would recommend you connect ng_netflow hooks iface0/out0 directly to rl1 ng_ether upper/lower hooks. Something like:
mkpeer rl1: netflow lower iface0
connect rl1: rl1:lower upper out0
name rl1:lower netflow
...
- mpd is able to use pre-created ng_netflow node if netflow node and hook options specified.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I want knew when I use mpd - must I create netflow node or do something like that?
Help me to create ng_netflow node to use it with
I use this mpd-config:
# cat /usr/local/etc/mpd4/mpd.conf|grep -v #
startup:
set iface neflow export 127.0.0.1 9996
set iface neflow source 127.0.0.1 9990
set iface enable netflow-in
default:
load pptp1
load pptp2
load pptp3
pptp1:
new ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
pptp3:
new ng3 pptp3 pptp3
set ipcp ranges 192.168.11.1/32 192.168.11.4/32
load pptp_standart
pptp_standart:
set iface enable netflow-in
set pptp disable windowing
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.128.2
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 passw 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
I start mpd4
#mpd4
Multi-link PPP daemon for FreeBSD
process 2546 started, version 4.3 (root@serverb.skyhome 20:35 24-Oct-2007)
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
phys "pptp1" already exists
[ng1] using interface ng0
PPTP: waiting for connection on 0.0.0.0
phys "pptp2" already exists
[ng2] using interface ng1
PPTP: waiting for connection on 0.0.0.0
phys "pptp3" already exists
[ng3] using interface ng2
PPTP: waiting for connection on 0.0.0.0
# ngctl list
There are 20 total nodes:
Name: ngctl3115 Type: socket ID: 0000006c Num hooks: 0
Name: mpd2911-ng1-mss Type: tcpmss ID: 0000006b Num hooks: 2
Name: mpd2911-nfso Type: ksocket ID: 0000006a Num hooks: 1
Name: mpd2911-nf Type: netflow ID: 00000069 Num hooks: 3
Name: mpd2911-ng1-vjc Type: vjc ID: 00000068 Num hooks: 4
Name: mpd2911-stats Type: socket ID: 00000067 Num hooks: 0
Name: <unnamed> Type: ksocket ID: 00000066 Num hooks: 1
Name: <unnamed> Type: pptpgre ID: 00000065 Num hooks: 2
Name: mpd2911-ng3 Type: ppp ID: 00000063 Num hooks: 1
Name: ng2 Type: iface ID: 00000062 Num hooks: 0
Name: mpd2911-ng3-so Type: socket ID: 00000061 Num hooks: 1
Name: mpd2911-ng2 Type: ppp ID: 00000060 Num hooks: 1
Name: ng1 Type: iface ID: 0000005f Num hooks: 0
Name: mpd2911-ng2-so Type: socket ID: 0000005e Num hooks: 1
Name: mpd2911-ng1 Type: ppp ID: 0000005d Num hooks: 7
Name: ng0 Type: iface ID: 0000005c Num hooks: 1
Name: mpd2911-ng1-so Type: socket ID: 0000005b Num hooks: 1
Name: ipfw Type: ipfw ID: 00000003 Num hooks: 0
Name: rl1 Type: ether ID: 00000002 Num hooks: 0
Name: rl0 Type: ether ID: 00000001 Num hooks: 0
Flow-caprure start
#/usr/local/bin/flow-capture -n 287 -w /var/db/flows/ 0.0.0.0/127.0.0.1/9996
# ipfw show
00100 572 74952 allow ip from any to any via lo0
65535 762374 628408380 allow ip from any to any
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I want knew when I use mpd - must I create netflow node or do something like that?
Help me to create ng_netflow node to use it with mpd - and to be able catch netflow from private subnet to Internet by ng* interfaces...
I use this mpd-config:
# cat /usr/local/etc/mpd4/mpd.conf|grep -v #
startup:
set iface neflow export 127.0.0.1 9996
set iface neflow source 127.0.0.1 9990
set iface enable netflow-in
default:
load pptp1
load pptp2
load pptp3
pptp1:
new ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
pptp3:
new ng3 pptp3 pptp3
set ipcp ranges 192.168.11.1/32 192.168.11.4/32
load pptp_standart
pptp_standart:
set iface enable netflow-in
set pptp disable windowing
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.128.2
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 passw 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
I start mpd4
#mpd4
Multi-link PPP daemon for FreeBSD
process 2546 started, version 4.3 (root@serverb.skyhome 20:35 24-Oct-2007)
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
phys "pptp1" already exists
[ng1] using interface ng0
PPTP: waiting for connection on 0.0.0.0
phys "pptp2" already exists
[ng2] using interface ng1
PPTP: waiting for connection on 0.0.0.0
phys "pptp3" already exists
[ng3] using interface ng2
PPTP: waiting for connection on 0.0.0.0
# ngctl list
There are 20 total nodes:
Name: ngctl3115 Type: socket ID: 0000006c Num hooks: 0
Name: mpd2911-ng1-mss Type: tcpmss ID: 0000006b Num hooks: 2
Name: mpd2911-nfso Type: ksocket ID: 0000006a Num hooks: 1
Name: mpd2911-nf Type: netflow ID: 00000069 Num hooks: 3
Name: mpd2911-ng1-vjc Type: vjc ID: 00000068 Num hooks: 4
Name: mpd2911-stats Type: socket ID: 00000067 Num hooks: 0
Name: <unnamed> Type: ksocket ID: 00000066 Num hooks: 1
Name: <unnamed> Type: pptpgre ID: 00000065 Num hooks: 2
Name: mpd2911-ng3 Type: ppp ID: 00000063 Num hooks: 1
Name: ng2 Type: iface ID: 00000062 Num hooks: 0
Name: mpd2911-ng3-so Type: socket ID: 00000061 Num hooks: 1
Name: mpd2911-ng2 Type: ppp ID: 00000060 Num hooks: 1
Name: ng1 Type: iface ID: 0000005f Num hooks: 0
Name: mpd2911-ng2-so Type: socket ID: 0000005e Num hooks: 1
Name: mpd2911-ng1 Type: ppp ID: 0000005d Num hooks: 7
Name: ng0 Type: iface ID: 0000005c Num hooks: 1
Name: mpd2911-ng1-so Type: socket ID: 0000005b Num hooks: 1
Name: ipfw Type: ipfw ID: 00000003 Num hooks: 0
Name: rl1 Type: ether ID: 00000002 Num hooks: 0
Name: rl0 Type: ether ID: 00000001 Num hooks: 0
Flow-caprure start
#/usr/local/bin/flow-capture -n 287 -w /var/db/flows/ 0.0.0.0/127.0.0.1/9996
# ipfw show
00100 572 74952 allow ip from any to any via lo0
65535 762374 628408380 allow ip from any to any
MayBe this is a problem???
# cat /var/db/ports/mpd4/options
# This file is auto-generated by 'make config'.
# No user-servicable parts inside!
# Options for mpd-4.3
_OPTIONS_READ=mpd-4.3
WITHOUT_NG_CAR=true
WITH_NG_IPACCT=true
I rebuild mpd+ng_ipacct+other ports+kernel
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi All
I read http://mpd.sourceforge.net/doc/mpd34.html#34, but don't understand
>To enable NetFlow on a particular interface netflow-in or netflow-out options should be used.
>Note: This configuration is global for the daemon, so it must be done before first bundle get connected.
I have 400 ngXXX interfaces when mpd4 start's.
I want get netflow from all 400 nodes. What I must do?
Just add this lines?
#Netflow options
set netflow export 127.0.0.1 9996
set netflow source 127.0.0.1 9990
#set netflow timeouts inactive active
#set netflow node nodename
Now I have such config:
startup:
set console port 5005
set console ip 127.0.0.1
set console user mpd mpd
set console open
default:
load pptp1
load pptp2
load pptp3
......................
load pptp400
pptp1:
new -i ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new -i ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
................................
pptp_standart:
# set pptp enable always-ack
set pptp disable windowing
#set iface route default
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 10.11.25.1
# set link mtu 1460
# set link mru 1460
set iface enable proxy-arp
# set bundle enable compression
# set bundle yes crypt-reqd
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 radiuspasswd 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
You should add
set netflow export 127.0.0.1 9996
set netflow source 127.0.0.1 9990
to startup, and
set iface enable netflow-in
to the pptp_standart section.
# cat /usr/local/etc/mpd4/mpd.conf|grep -v #
startup:
set iface neflow export 127.0.0.1 1111
set iface neflow sourse 127.0.0.1 2222
default:
load pptp1
load pptp2
load pptp3
pptp1:
new -n -i ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new -n -i ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
pptp3:
new -n -i ng3 pptp3 pptp3
set ipcp ranges 192.168.11.1/32 192.168.11.4/32
load pptp_standart
pptp_standart:
set iface enable netflow-in
set pptp disable windowing
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.128.2
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 passw 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
# ngctl list
There are 21 total nodes:
Name: ngctl1975 Type: socket ID: 0000002d Num hooks: 0
Name: mpd1727-pptp1-mss Type: tcpmss ID: 0000002c Num hooks: 2
Name: mpd1727-nfso Type: ksocket ID: 0000002b Num hooks: 1
Name: mpd1727-nf Type: netflow ID: 0000002a Num hooks: 3
Name: mpd1727-pptp1-vjc Type: vjc ID: 00000029 Num hooks: 4
Name: mpd1727-stats Type: socket ID: 00000028 Num hooks: 0
Name: <unnamed> Type: ksocket ID: 00000027 Num hooks: 1
Name: <unnamed> Type: pptpgre ID: 00000026 Num hooks: 2
Name: mpd1727-pptp3 Type: ppp ID: 00000024 Num hooks: 1
Name: ng3 Type: iface ID: 00000023 Num hooks: 0
Name: mpd1727-pptp3-so Type: socket ID: 00000022 Num hooks: 1
Name: mpd1727-pptp2 Type: ppp ID: 00000021 Num hooks: 1
Name: ng2 Type: iface ID: 00000020 Num hooks: 0
Name: mpd1727-pptp2-so Type: socket ID: 0000001f Num hooks: 1
Name: mpd1727-pptp1 Type: ppp ID: 0000001e Num hooks: 7
Name: ng1 Type: iface ID: 0000001d Num hooks: 1
Name: mpd1727-pptp1-so Type: socket ID: 0000001c Num hooks: 1
Name: ng0 Type: iface ID: 00000005 Num hooks: 0
Name: ipfw Type: ipfw ID: 00000003 Num hooks: 0
Name: rl1 Type: ether ID: 00000002 Num hooks: 0
Name: rl0 Type: ether ID: 00000001 Num hooks: 0
# ps -A|grep flow
1365 ?? Ss 0:00.04 /usr/local/bin/flow-capture -n 287 -w /var/db/flows/ 0.0.0.0/127.0.0.1/1111
# uname -r
6.2-RELEASE-p7
# mpd4 -v
Version 4.3
When I use ng_netflow - I catch netflow, but I need catch it from ng*:
#ngctl -f /ng
#cat /ng
mkpeer rl1: tee lower left
name rl1:lower tee0
connect rl1: rl1:lower upper right
mkpeer tee0: one2many left2right many0
name tee0:left2right one2many0
connect tee0: one2many0: right2left many1
mkpeer one2many0: netflow one iface0
name one2many0:one netflow
mkpeer netflow: ksocket export inet/dgram/udp
msg netflow: setifindex { iface=0 index=2 }
msg netflow:export connect inet/127.0.0.1:2222
#/usr/local/bin/flow-capture -n 287 -w /var/db/flows/ng_netflow/ 0.0.0.0/127.0.0.1/2222
Config mostly fine except:
- I would recommend you to remove -n and -i options from new commands, they are deprecated;
- instead 'sourse' you should write 'source';
- it may be complicated to bind two sockets to the same port, check port 1111 and 2222 ports usage;
- your ng_netflow connect method is expensive as you are using ng_tee to duplicate all packets. I would recommend you connect ng_netflow hooks iface0/out0 directly to rl1 ng_ether upper/lower hooks. Something like:
mkpeer rl1: netflow lower iface0
connect rl1: rl1:lower upper out0
name rl1:lower netflow
...
- mpd is able to use pre-created ng_netflow node if netflow node and hook options specified.
I use mpd option for netflow because I can't find good examples and good explenation of netgraph.
I will change config and write my results
I want knew when I use mpd - must I create netflow node or do something like that?
Help me to create ng_netflow node to use it with
I use this mpd-config:
# cat /usr/local/etc/mpd4/mpd.conf|grep -v #
startup:
set iface neflow export 127.0.0.1 9996
set iface neflow source 127.0.0.1 9990
set iface enable netflow-in
default:
load pptp1
load pptp2
load pptp3
pptp1:
new ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
pptp3:
new ng3 pptp3 pptp3
set ipcp ranges 192.168.11.1/32 192.168.11.4/32
load pptp_standart
pptp_standart:
set iface enable netflow-in
set pptp disable windowing
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.128.2
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 passw 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
I start mpd4
#mpd4
Multi-link PPP daemon for FreeBSD
process 2546 started, version 4.3 (root@serverb.skyhome 20:35 24-Oct-2007)
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
phys "pptp1" already exists
[ng1] using interface ng0
PPTP: waiting for connection on 0.0.0.0
phys "pptp2" already exists
[ng2] using interface ng1
PPTP: waiting for connection on 0.0.0.0
phys "pptp3" already exists
[ng3] using interface ng2
PPTP: waiting for connection on 0.0.0.0
# ngctl list
There are 20 total nodes:
Name: ngctl3115 Type: socket ID: 0000006c Num hooks: 0
Name: mpd2911-ng1-mss Type: tcpmss ID: 0000006b Num hooks: 2
Name: mpd2911-nfso Type: ksocket ID: 0000006a Num hooks: 1
Name: mpd2911-nf Type: netflow ID: 00000069 Num hooks: 3
Name: mpd2911-ng1-vjc Type: vjc ID: 00000068 Num hooks: 4
Name: mpd2911-stats Type: socket ID: 00000067 Num hooks: 0
Name: <unnamed> Type: ksocket ID: 00000066 Num hooks: 1
Name: <unnamed> Type: pptpgre ID: 00000065 Num hooks: 2
Name: mpd2911-ng3 Type: ppp ID: 00000063 Num hooks: 1
Name: ng2 Type: iface ID: 00000062 Num hooks: 0
Name: mpd2911-ng3-so Type: socket ID: 00000061 Num hooks: 1
Name: mpd2911-ng2 Type: ppp ID: 00000060 Num hooks: 1
Name: ng1 Type: iface ID: 0000005f Num hooks: 0
Name: mpd2911-ng2-so Type: socket ID: 0000005e Num hooks: 1
Name: mpd2911-ng1 Type: ppp ID: 0000005d Num hooks: 7
Name: ng0 Type: iface ID: 0000005c Num hooks: 1
Name: mpd2911-ng1-so Type: socket ID: 0000005b Num hooks: 1
Name: ipfw Type: ipfw ID: 00000003 Num hooks: 0
Name: rl1 Type: ether ID: 00000002 Num hooks: 0
Name: rl0 Type: ether ID: 00000001 Num hooks: 0
Flow-caprure start
#/usr/local/bin/flow-capture -n 287 -w /var/db/flows/ 0.0.0.0/127.0.0.1/9996
# ipfw show
00100 572 74952 allow ip from any to any via lo0
65535 762374 628408380 allow ip from any to any
I want knew when I use mpd - must I create netflow node or do something like that?
Help me to create ng_netflow node to use it with mpd - and to be able catch netflow from private subnet to Internet by ng* interfaces...
I use this mpd-config:
# cat /usr/local/etc/mpd4/mpd.conf|grep -v #
startup:
set iface neflow export 127.0.0.1 9996
set iface neflow source 127.0.0.1 9990
set iface enable netflow-in
default:
load pptp1
load pptp2
load pptp3
pptp1:
new ng1 pptp1 pptp1
set ipcp ranges 192.168.11.1/32 192.168.11.2/32
load pptp_standart
pptp2:
new ng2 pptp2 pptp2
set ipcp ranges 192.168.11.1/32 192.168.11.3/32
load pptp_standart
pptp3:
new ng3 pptp3 pptp3
set ipcp ranges 192.168.11.1/32 192.168.11.4/32
load pptp_standart
pptp_standart:
set iface enable netflow-in
set pptp disable windowing
set iface disable on-demand
set iface enable tcpmssfix
set bundle enable multilink
set link yes acfcomp protocomp
set iface up-script "/usr/local/etc/mpd4/link-up"
set iface down-script "/usr/local/etc/mpd4/link-down"
set link no pap chap
set link enable chap
set link keep-alive 10 60
set ipcp yes vjcomp
set ipcp dns 192.168.128.2
set ccp yes mppc
set ccp yes mpp-e40
set ccp yes mpp-e128
set ccp yes mpp-stateless
set pptp enable incoming
set pptp disable originate
set radius me 127.0.0.1
set radius retries 2
set radius server 127.0.0.1 passw 1812 1813
set radius timeout 10
set auth acct-update 10
set auth enable radius-auth
set auth enable radius-acct
I start mpd4
#mpd4
Multi-link PPP daemon for FreeBSD
process 2546 started, version 4.3 (root@serverb.skyhome 20:35 24-Oct-2007)
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
No bundle selected for 'iface ...' command
phys "pptp1" already exists
[ng1] using interface ng0
PPTP: waiting for connection on 0.0.0.0
phys "pptp2" already exists
[ng2] using interface ng1
PPTP: waiting for connection on 0.0.0.0
phys "pptp3" already exists
[ng3] using interface ng2
PPTP: waiting for connection on 0.0.0.0
# ngctl list
There are 20 total nodes:
Name: ngctl3115 Type: socket ID: 0000006c Num hooks: 0
Name: mpd2911-ng1-mss Type: tcpmss ID: 0000006b Num hooks: 2
Name: mpd2911-nfso Type: ksocket ID: 0000006a Num hooks: 1
Name: mpd2911-nf Type: netflow ID: 00000069 Num hooks: 3
Name: mpd2911-ng1-vjc Type: vjc ID: 00000068 Num hooks: 4
Name: mpd2911-stats Type: socket ID: 00000067 Num hooks: 0
Name: <unnamed> Type: ksocket ID: 00000066 Num hooks: 1
Name: <unnamed> Type: pptpgre ID: 00000065 Num hooks: 2
Name: mpd2911-ng3 Type: ppp ID: 00000063 Num hooks: 1
Name: ng2 Type: iface ID: 00000062 Num hooks: 0
Name: mpd2911-ng3-so Type: socket ID: 00000061 Num hooks: 1
Name: mpd2911-ng2 Type: ppp ID: 00000060 Num hooks: 1
Name: ng1 Type: iface ID: 0000005f Num hooks: 0
Name: mpd2911-ng2-so Type: socket ID: 0000005e Num hooks: 1
Name: mpd2911-ng1 Type: ppp ID: 0000005d Num hooks: 7
Name: ng0 Type: iface ID: 0000005c Num hooks: 1
Name: mpd2911-ng1-so Type: socket ID: 0000005b Num hooks: 1
Name: ipfw Type: ipfw ID: 00000003 Num hooks: 0
Name: rl1 Type: ether ID: 00000002 Num hooks: 0
Name: rl0 Type: ether ID: 00000001 Num hooks: 0
Flow-caprure start
#/usr/local/bin/flow-capture -n 287 -w /var/db/flows/ 0.0.0.0/127.0.0.1/9996
# ipfw show
00100 572 74952 allow ip from any to any via lo0
65535 762374 628408380 allow ip from any to any
# ifconfig
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:a1:b0:01:05:71
inet 192.168.1.9 netmask 0xffffff00 broadcast 192.168.1.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:01:29:76:0f:cd
inet 192.168.100.99 netmask 0xffffff00 broadcast 192.168.100.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
plip0: flags=108810<POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT> metric 0 mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet6 ::1 prefixlen 128
inet 127.0.0.1 netmask 0xff000000
pfsync0: flags=0<> metric 0 mtu 1460
syncpeer: 224.0.0.240 maxupd: 128
pflog0: flags=0<> metric 0 mtu 33204
ng0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1500
inet 192.168.11.1 --> 192.168.11.5 netmask 0xffffffff
ng1: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1500
ng2: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1500
May this problem in my system??????????
I rebuild my system to
# uname -r
7.0-BETA1
MayBe this is a problem???
# cat /var/db/ports/mpd4/options
# This file is auto-generated by 'make config'.
# No user-servicable parts inside!
# Options for mpd-4.3
_OPTIONS_READ=mpd-4.3
WITHOUT_NG_CAR=true
WITH_NG_IPACCT=true
I rebuild mpd+ng_ipacct+other ports+kernel
I use my old PII/350Mhz computer with FreeBSD 6.0#release
But there are no netflow from mpd4.2.2
What I do wrong???
Who may show kernel config?mpd config?