diff options
| author | mav <mav@FreeBSD.org> | 2008-10-08 11:19:16 +0000 |
|---|---|---|
| committer | mav <mav@FreeBSD.org> | 2008-10-08 11:19:16 +0000 |
| commit | fd60d4025eab961524966cad08d08fc9d0eeb1d7 (patch) | |
| tree | f0e3ce45c79f254ebcdf5cd00e935b5145dfded3 | |
| parent | 997f16fb434f252daeb5377b1cb6bb9e1f7a5ea3 (diff) | |
| download | FreeBSD-src-fd60d4025eab961524966cad08d08fc9d0eeb1d7.zip FreeBSD-src-fd60d4025eab961524966cad08d08fc9d0eeb1d7.tar.gz | |
Document new NGM_NETFLOW_SETCONFIG control message.
| -rw-r--r-- | share/man/man4/ng_netflow.4 | 34 |
1 files changed, 31 insertions, 3 deletions
diff --git a/share/man/man4/ng_netflow.4 b/share/man/man4/ng_netflow.4 index 760a3e9..d1ef204 100644 --- a/share/man/man4/ng_netflow.4 +++ b/share/man/man4/ng_netflow.4 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 2, 2006 +.Dd October 8, 2008 .Os .Dt NG_NETFLOW 4 .Sh NAME @@ -71,7 +71,8 @@ and the same number of hooks named etc., plus a single hook named .Va export . -The node does NetFlow accounting of data received on +By default (ingress NetFlow enabled) node does NetFlow accounting of data +received on .Va iface* hooks. If corresponding @@ -81,7 +82,7 @@ If data is received on .Va out hook, it is bypassed to corresponding .Va iface -hook without any processing. +hook without any processing (egress NetFlow disabled by default). When full export datagram is built it is sent to the .Va export hook. @@ -162,6 +163,31 @@ struct ng_netflow_settimeouts { uint32_t active_timeout; }; .Ed +.It Dv NGM_NETFLOW_SETCONFIG +Sets configuration for the specified interface. +This message requires +.Vt "struct ng_netflow_setconfig" +as an argument: +.Bd -literal -offset 4n +struct ng_netflow_setconfig { + u_int16_t iface; + u_int32_t conf; +#define NG_NETFLOW_CONF_INGRESS 1 +#define NG_NETFLOW_CONF_EGRESS 2 +#define NG_NETFLOW_CONF_ONCE 4 +#define NG_NETFLOW_CONF_THISONCE 8 +}; +.Ed +.Pp +Configuration is a bitmask of several options. Option NG_NETFLOW_CONF_INGRESS +enabled by default enables ingress NetFlow generation (for data coming from +ifaceX hook). Option NG_NETFLOW_CONF_EGRESS enables egress NetFlow (for data +coming from outX hook). Option NG_NETFLOW_CONF_ONCE defines that packet should +be accounted only once if it several times passes via netflow node. Option +NG_NETFLOW_CONF_THISONCE defines that packet should be accounted only once +if it several times passes via exactly this netflow node. Last two options are +important to avoid duplicate accounting when both ingress and egress NetFlow +are enabled. .It Dv NGM_NETFLOW_SHOW This control message asks a node to dump the entire contents of the flow cache. It is called from @@ -191,6 +217,8 @@ commands are: .Qq Li "setifindex { iface = %u index = %u }" .It Dv NGM_NETFLOW_SETTIMEOUTS .Qq Li "settimeouts { inactive = %u active = %u }" +.It Dv NGM_NETFLOW_SETCONFIG +.Qq Li "setconfig { iface = %u conf = %u }" .El .Sh SHUTDOWN This node shuts down upon receipt of a |
