I have added experimental NetFlow v5 & v9 support using nProbe v3.1 as
an Expansions Module to m0n0wall, with a very simple user interface
(basically one command line string with options).
The generic PC image 1.2b8_rs0 is based on 1.2b8 and includes the
TransProxy "tproxyd" as well which I integrated last month into m0n0wall
1.2b7. It is available at:
Its MD5 checksum generic-pc-1.2b8_rs0.md5 and the unified diff
1.2b8_rs0.diff from 1.2b8 to 1..2b8_rs0 is there as well.
I have not had the opportunity to test 1.2b8_rs0 yet, but I hope that it
will be more stable than 1.2b7 which was kind of hanging after running
as Captive Portal and Transparent Proxy for about 10 days under moderate
nProbe does not start properly after a reboot yet, e.g. you need to
restart it manually by disabling and reenabling it from the nProbe
screen. I will try to fix this asap and make is available in 1.2b8_rs1.
For more information on nProbe and NetFlow see Luca Deri's Web site
(author of nProbe) at http://www.ntop.org/ntop.html
For on-line help in m0n0wall, go to its exec.php page and type "nprobe
--help". A more "m0n0wall-like" point-and-click user interface with
built-in plausibility checking is in the works, as well as a polished
up, e.g. simplified, user interface for tproxyd.
As for tproxyd, a security risk assessment still needs to be done for
nProbe (as well as for licensing conditions, which looks OK after a
first quite look). Thus, as usual, use this experimental image at your
This nProbe integration may also serve as an example how to implement an
Expansions Module - it took me a while to figure it out and to get it
working. Still, I would love to have only two, instead of four,
additional PHP files. Currently there are:
etc/inc/ext/nprobe/rc start script
etc/inc/nprobe.inc common include file
usr/local/www/ext/nprobe.php GUI refers to this file
Please disregard the "ICRC hack" under Expansions module, I only added
it to support a very specific requirement. Just leave it disabled so it
won't do any harm.
Any feedback is welcome,