add netflow v9/ipfix support to pflow(4).

large parts written by Florian Obser (florian -at- narrans -dot- de).
feedback from sperreault@ gollo@ sthen@
ok from gollo@ dlg@ henning@

2 files changed, 43 insertions, 4 deletions

diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index 64fb7d106a0..ca3c7b82d0f 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -1,4 +1,4 @@
-.\"	$OpenBSD: ifconfig.8,v 1.225 2011/12/04 06:26:10 haesbaert Exp $
+.\"	$OpenBSD: ifconfig.8,v 1.226 2012/02/02 12:34:37 benno Exp $
 .\"	$NetBSD: ifconfig.8,v 1.11 1996/01/04 21:27:29 pk Exp $
 .\"     $FreeBSD: ifconfig.8,v 1.16 1998/02/01 07:03:29 steve Exp $
 .\"
@@ -31,7 +31,7 @@
 .\"
 .\"     @(#)ifconfig.8	8.4 (Berkeley) 6/1/94
 .\"
-.Dd $Mdocdate: December 4 2011 $
+.Dd $Mdocdate: February 2 2012 $
 .Dt IFCONFIG 8
 .Os
 .Sh NAME
@@ -1186,10 +1186,15 @@ packets entering the MPLS domain.
 .El
 .\" PFLOW
 .Sh PFLOW
+.nr nS 1
+.Bk -words
 .Nm ifconfig
 .Ar pflow-interface
 .Op Oo Fl Oc Ns Cm flowdst Ar addr : Ns Ar port
 .Op Oo Fl Oc Ns Cm flowsrc Ar addr
+.Op Cm pflowproto Ar n
+.Ek
+.nr nS 0
 .Pp
 The following options are available for a
 .Xr pflow 4
@@ -1214,6 +1219,9 @@ is the IP address used as sender of the UDP packets and may be used to
 identify the source of the data on the pflow collector.
 .It Fl flowsrc
 Unset the source address.
+.It Cm pflowproto Ar n
+Set the protocol version.
+The default is version 5.
 .El
 .\" PFSYNC
 .Sh PFSYNC
diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c
index 5477b590c77..53e69e931ea 100644
--- a/sbin/ifconfig/ifconfig.c
+++ b/sbin/ifconfig/ifconfig.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ifconfig.c,v 1.253 2011/12/04 06:26:10 haesbaert Exp $	*/
+/*	$OpenBSD: ifconfig.c,v 1.254 2012/02/02 12:34:37 benno Exp $	*/
 /*	$NetBSD: ifconfig.c,v 1.40 1997/10/01 02:19:43 enami Exp $	*/
 
 /*
@@ -248,6 +248,7 @@ void	setpflow_sender(const char *, int);
 void	unsetpflow_sender(const char *, int);
 void	setpflow_receiver(const char *, int);
 void	unsetpflow_receiver(const char *, int);
+void	setpflowproto(const char *, int);
 void	list_cloners(void);
 void	setifipdst(const char *, int);
 void	setifdesc(const char *, int);
@@ -405,6 +406,7 @@ const struct	cmd {
 	{ "-flowsrc",	1,		0,		unsetpflow_sender },
 	{ "flowdst", 	NEXTARG,	0,		setpflow_receiver },
 	{ "-flowdst", 1,		0,		unsetpflow_receiver },
+	{ "pflowproto", NEXTARG,	0,		setpflowproto },
 	{ "-inet6",	IFXF_NOINET6,	0,		setifxflags } ,
 	{ "keepalive",	NEXTARG2,	0,		NULL, setkeepalive },
 	{ "-keepalive",	1,		0,		unsetkeepalive },
@@ -3811,8 +3813,9 @@ pflow_status(void)
 		 return;
 
 	printf("\tpflow: sender: %s ", inet_ntoa(preq.sender_ip));
-	printf("receiver: %s:%u\n", inet_ntoa(preq.receiver_ip),
+	printf("receiver: %s:%u ", inet_ntoa(preq.receiver_ip),
 	    ntohs(preq.receiver_port));
+	printf("version: %d\n", preq.version);
 }
 
 /* ARGSUSED */
@@ -3913,6 +3916,34 @@ unsetpflow_receiver(const char *val, int d)
 		err(1, "SIOCSETPFLOW");
 }
 
+/* PFLOWPROTO XXX */
+void
+setpflowproto(const char *val, int d)
+{
+	struct pflow_protos ppr[] = PFLOW_PROTOS;
+	struct pflowreq preq;
+	int i;
+
+	bzero(&preq, sizeof(preq));
+	preq.version = PFLOW_PROTO_MAX;
+
+	for (i = 0; i < (sizeof(ppr) / sizeof(ppr[0])); i++) {
+		if (strcmp(val, ppr[i].ppr_name) == 0) {
+			preq.version = ppr[i].ppr_proto;
+			break;
+		}
+	}
+	if (preq.version == PFLOW_PROTO_MAX)
+		errx(1, "Invalid pflow protocol: %s", val);
+
+	preq.addrmask |= PFLOW_MASK_VERSION;
+
+	ifr.ifr_data = (caddr_t)&preq;
+
+	if (ioctl(s, SIOCSETPFLOW, (caddr_t)&ifr) == -1)
+		err(1, "SIOCSETPFLOW");
+}
+
 void
 pppoe_status(void)
 {