I am setting up a FreeBSD server to act as a router/firewall for an ISP that is experiencing a DDoS attack.
All services are up and running smoothly, but now I need to configure a flow packet exporter for an attack detector to monitor link turnovers and take real-time protection...
I`m trying to monitor the traffic of the firewall using netflow following the steps on the below article
everything works fine ,however everytime i add lagg0 by entering this...
I am running FreeBSD as a router at home. It has the following interfaces:
igb0: connected to my cable modem
igb1: wired LAN 192.168.0.1/24
wlan0: wlan AP, 192.168.1.1/24
Routing rules allow the wired and wireless subnets to communicate with each other and route to the Internet.
I need MAC addresses (IN_SRC_MAC and OUT_DST_MAC fields) in NetFlow v9 exports.
Has there been a change since this post from year 2013?
Packet capture of sent Netflow template:
SysUptime: 1117945.000000000 seconds
Timestamp: Jun 28, 2017...