Problem with softflowd capturing packets while using IPFW
Michael Jung
mikej at mikej.com
Wed Sep 28 18:07:57 UTC 2016
Softflowd v0.9.8 / FreeBSD 10.3-RELEASE-p7
I have used softflowd for years to build netflow packets without issue
until now. I have never tried to use it while running IPFW.
When running softflowd while IPFW is running using the source interface
for NAT it does not build flows. I can confirm IPFW is the issue as
it work without issue when IPFW is not loaded.
softflowd emits no errors even in debug mode.
tcpdump on the same source interface has no problems capturing packets.
I also tried creating a netgraph bridge from the source NAT interface
kldload ng_ether
kldload ng_bridge
kldload ng_eiface
# create and connect bridge to PHY
ngctl mkpeer em0: bridge lower link0
ngctl connect em0: re0:lower upper link1
# name the bridge
ngctl name em0:lower em0br0
# Connect first virtual NIC
ngctl mkpeer em0:lower eiface link2 ether
But the only thing I see on the bridged interface is broadcast traffic
when on other boxes without IPFW I would see all bridged traffic which
is
odd.
Is there some magic I need in my IPFW rules or is another approach
needed?
Thanks in advance.
--mikej
More information about the freebsd-net
mailing list