[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: dup-to problem with specific packets



On 4/11/05, Michael W. Lucas <[email protected]> wrote:
> Hi,
> 
> I'm trying to duplicate packets matching one particular rule.
> 
> Background: I have softflowd running on OpenBSD 3.5 i386.  This is
> exporting flows to a logging host.  Works beautifully.
> 
> The old logging host is being replaced.  I would like to run the two
> logging hosts in parallel temporarily, until I'm sure all the bugs are
> out of the new one.
> 
> While I could fire up a second instance of softflowd, it seems like
> this would be a good application of dup-to.  I don't want to duplicate
> the entire mass of traffic going through this box, just the netflow
> packets.
> 
> pass out on $int_if proto udp from any to a.b.c.251 port 8641 dup-to ($int_if a.b.c.252)
> 
Should probably read:
pass out on $int_if proto udp from any to a.b.c.251 port 8641 (dup-to a.b.c.252)
> (port number changed to protect the guilty, of course)
> 
> pfctl -nf gives me a syntax error on line 80, but won't be specific on
> what the problem is.
> 
> Any suggestions?  Or am I just outright misunderstanding dup-to?
> 
> Thanks,
> 
With regards
> ==ml
> 
> --
> Michael W. Lucas        [email protected], [email protected]
>                 http://www.BlackHelicopters.org/~mwlucas/
>                Latest book: Cisco Routers for the Desperate
>                 http://www.CiscoRoutersForTheDesperate.com
> 
Kimi
PS. Still awaiting this NetBSD book ;o)
-- 
spamassassinexception