Commit 1007fae6 authored by Simon Redman's avatar Simon Redman

Specify the active_timeout for ipt_NETFLOW

parent 1da348b2
......@@ -24,7 +24,8 @@ from typing import List
"""
Remove the ipt_NETFLOW module if it exists and then insert it with the new parameters
"""
MODPROBE_TEMPLATE = "sudo modprobe -rq ipt_NETFLOW; sudo modprobe ipt_NETFLOW destination={collector_ip}:{port} protocol=9"
MODPROBE_TEMPLATE = "sudo modprobe -r ipt_NETFLOW;" \
"sudo modprobe ipt_NETFLOW destination={collector_ip}:{port} protocol=9 active_timeout={active_timeout}"
IPTABLES_DELETE_LINE_TEMPLATE = "sudo ip6tables -D {table} -j NETFLOW"
IPTABLES_COLLECT_LINE_TEMPLATE = "sudo ip6tables -I {table} -j NETFLOW"
......@@ -62,6 +63,7 @@ def _build_modprobe_lines(netgraph: networkx.Graph, port_nums: List[int], collec
lines: List[str] = [MODPROBE_TEMPLATE.format(
collector_ip=collector_ip,
port=port,
active_timeout=15, # Report active flows every 15 seconds
) for port in port_nums]
return lines
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment