I'm running an IDS with the bce1 interface configured as a pure monitoring interface, i.e.: ifconfig_bce1="up monitor promisc" This results in: bce1: flags=68943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,PPROMISC,MONITOR> metric 0 mtu 1500 options=c01bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE> ether XX:XX:XX:XX:XX:XX nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> media: Ethernet autoselect (1000baseT <full-duplex>) status: active Other software, like net-mgmt/darkstat, are able to detect and extract IPv6 traffic from the same interface. net-mgmt/iptop is able to detect and extract IPv6 traffic on proper interfaces, e.g. non-monitoring interfaces.
Auto-assigned to maintainer vd@FreeBSD.org
Is this still relevant. Please, maintainer feedback!
(In reply to w.schwarzenfeld from comment #2) Yes. My IDS is running stable/11 r326928 amd64, and net-mgmt/iftop doesn't display any IPv6 traffic on any of the monitoring interfaces. net-mgmt/iftop shows both IPv4 and IPv6 traffic on the management interface. I'm not sure whether the problem is within the kernel or iftop. If the bug proves too difficult to resolve, then let's close this PR and go on.
Created attachment 189644 [details] Quick and dirty patch to use latest iftop from the git repository. Will break once a new commit is done to the iftop repository.
Hey, While there is no new version of iftop released, I see that there are some commits in the git repository of the project, after 1.0pre4 has been released. I crafted a quick patch to the port to use that latest source from git instead of 1.0pre4 at https://bugs.freebsd.org/bugzilla/attachment.cgi?id=189644 Maybe you can check if the problem exists with this latest iftop?
patch fails to build in poudriere: http://people.freebsd.org/~pi/logs/net-mgmt__iftop-111-1515759265.txt
I try it with 10.4 in poudriere. Works if you add autoreconf to USES.
Yes, it builds with that change. But: Does it solve the IPv6 problem ? Has anyone tested if this newer version fixes the problem ?
Cannot test it, work without ipv6.
correct: I am working without ipv6.
(In reply to Kurt Jaeger from comment #8) I'll try as soon as time allows.
(In reply to Trond.Endrestol from comment #11) Sadly the new version didn't have any effect. Significant IPv6 traffic was spotted by the regular iftop on a local server during a FTP transfer from an external FTP server, but not by the IDS using this version.
(In reply to Trond.Endrestol from comment #12) darkstat is able to see both IPv4 and IPv6 traffic on the same interface while iftop doesn't.
(In reply to Trond.Endrestol from comment #12) I tried the new version on a different monitoring interface on my IDS. iftop sees some of the IPv6 traffic. Two SPAN ports on my core switch are feeding bce0 and bce1 on the IDS. (Yes, I know, SPAN ports have their own problems.) bce0 receives external traffic, while bce1 receives internal traffic. Maybe the volume of IPv4 traffic displaces any IPv6 traffic on bce0 when viewed with iftop. I thought connections with the highest transfer rates would bubble up to the top lines in the display regardless of IPv4 or IPv6.
Maintainership was reset.
Hey, my maintainership was not reset. I guess it was a mistake to de-assign this from me. Reassigning it back.