snaplen (-L) [GLOBAL, NO_NFACCTD] Desc specifies the maximum number of bytes to capture for each packet. This directive has key importance when enabling both classification and connection tracking engines. In fact, some protocols (mostly text-based eg.: RTSP, SIP, etc.) benefit of extra bytes because they give more chances to successfully track data streams spawned by control channel. But it must be also noted that capturing larger packet portion require more resources. The right value need to be traded-off. In case classification is enabled, values under 200 bytes are often meaningless. 500-750 bytes are enough even for text based protocols. Default snaplen values are ok if classification is disabled. For uacctd daemon, this option doesn't apply to packet snapshot length but rather to the Netlink socket read buffer size. This should be reasonably large - at least 4KB, which is the default value. For large uacctd_nl_size values snaplen could be further increased.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Sep 1 2018
It just died with this log:
You could also alter the file /etc/default/uacctd and add -d into DAEMON_OPTS and restart flow-acounting
Starting with this daemon config reduces the logging entries dramatically:
@panachoi maybe this upgrade helps
Aug 31 2018
fixed in XML/python rewrite
Aug 29 2018
This produces
Aug 28 2018
@Maltahl can you share your hub/spoke configuration? This helps us to reproduce your issue.
Aug 27 2018
As stated on IRC I'm fine with the support removal as one can always upgrade through VyOS 1.1.x.
Aug 26 2018
Is there still time for a small CLI change?
cpo@LR1# show service tftp-server Possible completions: allow-upload Allow TFTP file uploads directory Folder containing files served by TFTP [REQUIRED] + listen-address Addresses for TFTP server to listen [REQUIRED] port Port for TFTP service
Aug 24 2018
Simply fixing the node.def for remote-port and local-port will break existing configuration as also the Perl script requires changes for this to work.
Working perfectly with VyOS acting as DMVPN HUB.
Nope, It was an offer to test a pre-build image ;).
Aug 23 2018
This is part of T792
If there is an official unofficial port, ad wg distinguishes if its running in server or client mode, why not use something like:
Aug 22 2018
I agree with syncer and runar.
When cisco_unity plugin is disabled globally, can Cisco DMVPN clients still connect?
Aug 21 2018
- set service dhcp-server shared-network-name <xyz> authoritative enable should be changed to be only set service dhcp-server shared-network-name <xyz> authoritative
- set service dhcp-server dynamic-dns-update enable true|false should be changed to be only set service dhcp-server dynamic-dns-update
- set service dhcp-server hostfile-update enable|disable should be changed to be only set service dhcp-server hostfile-update
Aug 20 2018
@Lochnair see branches at:
It stops here, too. Why? I have no idea, yet
Upgrading to 4.18 should not take more then two hours incl. Iproute2 for me. Should we give it a try? Then I prepare an ISO
Aug 19 2018
Thx for the info. Yeah it's a per person choice if in-tree is preferred over out-of-tree.
Is this stuff upstream? If so, we could also upgrade to 4.18, the save the backporting trouble?
Aug 18 2018
If we'd use
range { start 172.16.0.1 stop 172.16.0.250 }
this would be transparent for IPv4 and IPv6