Another option is to use netfilter's packet sampling/ULOG facilities to monitor network traffic. You can export the traffic as sFlow: http://host-sflow.sourceforge.net/ or NetFlow: http://www.pmacct.net/ 2011/7/14 Jan Engelhardt <jengelh@xxxxxxxxxx>: > On Thursday 2011-07-14 16:19, Usuário do Sistema wrote: > >>Hello, >> >>I'm researching about netflow on linux. I wish that an linux machine >>forwards it flows to a colletor netflow inside my network. >> >>my doubt is how to generate this netflow on linux. I've added the >>ipt_netflow-1.6.tgz module and I created some rules as bellow in >>iptables: >> >>iptables -A OUTPUT -j NETFLOW >>iptables -A OUTPUT -j NETFLOW >> >>I'm forwarding the flows to my netflow collector with modprobe >>ipt_NETFLOW destination=10.10.10.1:2055 >> >>so...my question is there is other different way to generate netflows >>on linux machine than add rules in the iptables and add ipt_netflow >>module ?? > > You could use -j TEE to send the original packets to a dedicated logging > host, and then do netflow (or any other logtype) analysis there. > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
