Script for starting flow-capture and sflowtool together for cacti's flowview plugin
This script is intended to be a drop-in replacement for the flow-capture distributed with the flowview plugin for cacti, in order to be able to analyze traffic from sFlow devices.
##Installation
- Install flowview as you normally would
- Also compile and install sflowtool from http://www.inmon.com/technology/sflowTools.php
- Ensure tcpdump is installed
- Replace /etc/init.d/flow-capture with this file
- When setting up your listeners, use a UNIQUE port for EVERY listener. One suggestion would be to use ports between 61001 and 65535 as they are within the IANA range for private/ephemeral ports, but above the range most OSes use for their ephemeral ports.
##How it works Using the method outlined in Forwarding using sflowtool, packets from individual agents are captured using tcpdump and then redirected to specific flow-capture netflow sources listening on specifc ports.