diff options
| author | melifaro <melifaro@FreeBSD.org> | 2012-06-18 13:56:36 +0000 |
|---|---|---|
| committer | melifaro <melifaro@FreeBSD.org> | 2012-06-18 13:56:36 +0000 |
| commit | a0b36d5a0f0c40ddf24df49d87f4c3821a55df16 (patch) | |
| tree | d964270b7ca705bda10cab664f2f95c517987ec8 /share/man/man4 | |
| parent | 45df7964fe21fb200bbfa053a6f5367cd2dc9a22 (diff) | |
| download | FreeBSD-src-a0b36d5a0f0c40ddf24df49d87f4c3821a55df16.zip FreeBSD-src-a0b36d5a0f0c40ddf24df49d87f4c3821a55df16.tar.gz | |
Make radix lookup on src and dst flow addresses optional
and configurable on per-interface basis.
Remove __inline__ for several functions being called once per
flow (e.g once per 10-20 packets on common traffic flows).
Update manual page to simplify search for BPF data link types.
Sponsored by Yandex LLC
Reviewed by: glebius
Approved by: ae(mentor)
MFC after: 2 weeks
Diffstat (limited to 'share/man/man4')
| -rw-r--r-- | share/man/man4/ng_netflow.4 | 47 |
1 files changed, 38 insertions, 9 deletions
diff --git a/share/man/man4/ng_netflow.4 b/share/man/man4/ng_netflow.4 index 9431c62..5985c44 100644 --- a/share/man/man4/ng_netflow.4 +++ b/share/man/man4/ng_netflow.4 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 2, 2011 +.Dd June 16, 2012 .Dt NG_NETFLOW 4 .Os .Sh NAME @@ -112,7 +112,18 @@ The hook number is passed as an argument. Sets data link type on the .Va iface Ns Ar N hook. -Currently, supported types are raw IP datagrams and Ethernet. +Currently, supported types are +.Cm DLT_RAW +(raw IP datagrams) and +.Cm DLT_EN10MB +(Ethernet). +DLT_ definitions can be found in +.In net/bpf.h +header. +Currently used values are 1 for +.Cm DLT_EN10MB +and 12 for +.Cm DLT_RAW . This message type uses .Vt "struct ng_netflow_setdlt" as an argument: @@ -180,18 +191,36 @@ struct ng_netflow_setconfig { #define NG_NETFLOW_CONF_EGRESS 2 #define NG_NETFLOW_CONF_ONCE 4 #define NG_NETFLOW_CONF_THISONCE 8 +#define NG_NETFLOW_CONF_NOSRCLOOKUP 16 +#define NG_NETFLOW_CONF_NODSTLOOKUP 32 }; .Ed .Pp Configuration is a bitmask of several options. Option NG_NETFLOW_CONF_INGRESS enabled by default enables ingress NetFlow generation (for data coming from -ifaceX hook). Option NG_NETFLOW_CONF_EGRESS enables egress NetFlow (for data -coming from outX hook). Option NG_NETFLOW_CONF_ONCE defines that packet should -be accounted only once if it several times passes via netflow node. Option -NG_NETFLOW_CONF_THISONCE defines that packet should be accounted only once -if it several times passes via exactly this netflow node. Last two options are -important to avoid duplicate accounting when both ingress and egress NetFlow -are enabled. +ifaceX hook). +Option +.Va NG_NETFLOW_CONF_EGRESS +enables egress NetFlow (for data coming from outX hook). +Option +.Va NG_NETFLOW_CONF_ONCE +defines that packet should be accounted only once if it several times passes +via netflow node. +Option +.Va NG_NETFLOW_CONF_THISONCE +defines that packet should be accounted only once if it several times passes +via exactly this netflow node. +These two options are important to avoid duplicate accounting when both ingress +and egress NetFlow are enabled. +Option +.Va NG_NETFLOW_CONF_NOSRCLOOKUP +skips radix lookup on flow source address used to fill in network mask. +Option +.Va NG_NETFLOW_CONF_NODSTLOOKUP +skips radix lookup on destination (which fills egress interface id, destination +mask and gateway). +If one doesn't need data provided by lookups, he/she can disable them, to reduce +load on routers. .It Dv NGM_NETFLOW_SETTEMPLATE Sets various timeouts to announce data flow templates (NetFlow v9-specific). This message requires |
