diff options
Diffstat (limited to 'static/freebsd/man4/pflow.4 3.html')
| -rw-r--r-- | static/freebsd/man4/pflow.4 3.html | 93 |
1 files changed, 0 insertions, 93 deletions
diff --git a/static/freebsd/man4/pflow.4 3.html b/static/freebsd/man4/pflow.4 3.html deleted file mode 100644 index d63d6f82..00000000 --- a/static/freebsd/man4/pflow.4 3.html +++ /dev/null @@ -1,93 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">PFLOW(4)</td> - <td class="head-vol">Device Drivers Manual</td> - <td class="head-rtitle">PFLOW(4)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">pflow</code> — <span class="Nd">kernel - interface for pflow data export</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><code class="Cd">pseudo-device pflow</code></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">The <code class="Nm">pflow</code> subsystem exports - <code class="Nm">pflow</code> accounting data from the kernel using - <a class="Xr">udp(4)</a> packets. <code class="Nm">pflow</code> is - compatible with netflow version 5 and IPFIX (10). The data is extracted from - the <a class="Xr">pf(4)</a> state table.</p> -<p class="Pp">Multiple <code class="Nm">pflow</code> interfaces can be created - at runtime using the <code class="Ic">pflowctl</code><var class="Ar">N</var> - <code class="Ic">-c</code> command. Each interface must be configured with a - flow receiver IP address and a flow receiver port number.</p> -<p class="Pp">Only states created by a rule marked with the - <var class="Ar">pflow</var> keyword are exported by - <code class="Nm">pflow</code>.</p> -<p class="Pp"><code class="Nm">pflow</code> will attempt to export multiple - <code class="Nm">pflow</code> records in one UDP packet, but will not hold a - record for longer than 30 seconds.</p> -<p class="Pp">Each packet seen on this interface has one header and a variable - number of flows. The header indicates the version of the protocol, number of - flows in the packet, a unique sequence number, system time, and an engine ID - and type. Header and flow structs are defined in - <code class="In"><<a class="In">net/pflow.h</a>></code>.</p> -<p class="Pp">The <code class="Nm">pflow</code> source and destination addresses - are controlled by <a class="Xr">pflowctl(8)</a>. <code class="Cm">src</code> - is the sender IP address of the UDP packet which can be used to identify the - source of the data on the <code class="Nm">pflow</code> collector. - <code class="Cm">dst</code> defines the collector IP address and the port. - The <code class="Cm">dst</code> IP address and port must be defined to - enable the export of flows.</p> -<p class="Pp">For example, the following command sets 10.0.0.1 as the source and - 10.0.0.2:1234 as destination:</p> -<div class="Bd Pp Bd-indent Li"> -<pre># pflowctl -s pflow0 src 10.0.0.1 dst 10.0.0.2:1234</pre> -</div> -<p class="Pp">The protocol is set to IPFIX with the following command:</p> -<div class="Bd Pp Bd-indent Li"> -<pre># pflowctl -s pflow0 proto 10</pre> -</div> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">netintro(4)</a>, <a class="Xr">pf(4)</a>, - <a class="Xr">udp(4)</a>, <a class="Xr">pf.conf(5)</a>, - <a class="Xr">pflowctl(8)</a>, <a class="Xr">tcpdump(8)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="STANDARDS"><a class="permalink" href="#STANDARDS">STANDARDS</a></h1> -<p class="Pp"><cite class="Rs"><span class="RsA">B. Claise</span>, - <span class="RsT">Specification of the IP Flow Information Export (IPFIX) - Protocol for the Exchange of IP Traffic Flow Information</span>, - <span class="RsR">RFC 5101</span>, <span class="RsD">January - 2008</span>.</cite></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="HISTORY"><a class="permalink" href="#HISTORY">HISTORY</a></h1> -<p class="Pp">The <code class="Nm">pflow</code> device first appeared in - <span class="Ux">OpenBSD 4.5</span> and was imported into FreeBSD 15.0 .</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="BUGS"><a class="permalink" href="#BUGS">BUGS</a></h1> -<p class="Pp">A state created by <a class="Xr">pfsync(4)</a> can have a creation - or expiration time before the machine came up. In this case, - <code class="Nm">pflow</code> pretends such flows were created or expired - when the machine came up.</p> -<p class="Pp">The IPFIX implementation is incomplete: The required transport - protocol SCTP is not supported. Transport over TCP and DTLS protected flow - export is also not supported.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">January 8, 2024</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> |