[Flow-tools] NetFlow Probe.
Karen Durinyan
karen.durinyan at gmail.com
Sat May 10 02:14:54 EDT 2008
Hi,
I am using fprobe-ulog also. The main reason of using this probe is
that I am doing NAT.
AFAIK other probs are taking flow before or after NATting (depending
from which interface
you are taking flows). With fprobe-ulog I am able to take flows from the
FORWARD table
where I have correct src and dst addresses. If you are going to develop
new probe it would
be nice to take in to account this issue. Thanks.
--
Bests,
Karen
Paul P Komkoff Jr wrote:
> Replying to Paul Halliday:
>
>> I am currently working on a new sensor deployment.
>>
>> I have been using Fprobe for the past 4 years without any issues but
>> before I move forward I just want to see what others are using and
>> what their experiences are.
>>
>
> I'm using fprobe-ulog.
>
>
>> What is the most full featured and effective probe?
>>
>
> I don't know if there's any. :)
>
>
More information about the Flow-tools
mailing list