Exporting NetFlow with softflowd¶
softflowd is a NetFlow collector that can be deployed on pfSense® software.
Tip
This recipe requires an add-on package. pfSense Plus software contains a native solution which is easier to configure and more efficient: Firewall Packet Flow Data.
Installing softflowd¶
There is a package available under System > Packages on the Available
Packages tab. Find it in the list, click 
at the end of its row, and
confirm the installation.
Configuring and Launching softflowd¶
Once the package has been installed, visit Services > softflowd to configure the service.
- Interface:
Ctrl-click to select all of the interfaces upon which the daemon will gather NetFlow data.
- Host:
The target NetFlow server which will receive flow data.
- Port:
The port on the Host which is listening for NetFlow data.
- Max Flows:
The number of flows to track before older flows expire.
- NetFlow Version:
The desired version of the NetFlow protocol.
See also
See NetFlow Versions on Wikipedia for more information.
Controlling softflowd from the Command Line¶
To view statistics about the running softflowd process, run the following
command, replacing igc0 with the actual network interface to query:
: softflowctl -c /var/run/softflowd.igc0.ctl statistics
To expire all flows and force an update to be sent to the netflow server, run
the following command, replacing igc0 with the actual network interface to
control:
: softflowctl -c /var/run/softflowd.igc0.ctl expire-all
Known issues¶
See also
The pfSense software issue tracker contains a list of known issues with this package.
Package Support¶
This package is currently supported by Netgate TAC to those with an active support subscription.