From 8afb87cc0450aa8b606790be2bef46efca858922 Mon Sep 17 00:00:00 2001
From: Frank Brendel <frank.brendel@eurolog.com>
Date: Mon, 19 Aug 2019 09:05:44 +0200
Subject: [PATCH] netflow: set active/inactive timeout (#3651)

---
 src/etc/rc.d/netflow                             |  1 +
 .../Diagnostics/forms/netflow_capture.xml        | 14 ++++++++++++++
 .../app/models/OPNsense/Diagnostics/Netflow.xml  | 16 +++++++++++++++-
 .../templates/OPNsense/Netflow/netflow.conf      |  2 ++
 4 files changed, 32 insertions(+), 1 deletion(-)

diff --git a/src/etc/rc.d/netflow b/src/etc/rc.d/netflow
index d50f811d0..0f4c93c38 100755
--- a/src/etc/rc.d/netflow
+++ b/src/etc/rc.d/netflow
@@ -89,6 +89,7 @@ setup_interface()
        name	$interface:lower netflow_$interface
        connect $interface: netflow_$interface: upper	out$ifIndex
        mkpeer netflow_$interface: ksocket export$nfversion inet/dgram/udp
+       msg netflow_$interface: settimeouts { inactive=$netflow_inactive_timeout active=$netflow_active_timeout }
        msg netflow_$interface: setconfig {iface=$ifIndex conf=$conf}
        msg netflow_$interface:export$nfversion connect inet/$netflow_int_destination
 SEQ
diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/netflow_capture.xml b/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/netflow_capture.xml
index 3dd627ea3..fbd7e0f7e 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/netflow_capture.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Diagnostics/forms/netflow_capture.xml
@@ -34,4 +34,18 @@
         <hint>Type or select destinations.</hint>
         <allownew>true</allownew>
     </field>
+    <field>
+      <id>netflow.activeTimeout</id>
+      <label>Active Timeout</label>
+      <type>text</type>
+      <advanced>true</advanced>
+      <help><![CDATA[Split long running flows into smaller parts.]]></help>
+   </field>
+   <field>
+      <id>netflow.inactiveTimeout</id>
+      <label>Inactive Timeout</label>
+      <type>text</type>
+      <advanced>true</advanced>
+      <help><![CDATA[Expire idle flows.]]></help>
+   </field>
 </form>
diff --git a/src/opnsense/mvc/app/models/OPNsense/Diagnostics/Netflow.xml b/src/opnsense/mvc/app/models/OPNsense/Diagnostics/Netflow.xml
index db2ca7cff..b3da33498 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Diagnostics/Netflow.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Diagnostics/Netflow.xml
@@ -1,6 +1,6 @@
 <model>
     <mount>//OPNsense/Netflow</mount>
-    <version>1.0.0</version>
+    <version>1.0.1</version>
     <description>
         OPNsense Netflow
     </description>
@@ -42,5 +42,19 @@
                 <Required>Y</Required>
             </enable>
         </collect>
+        <activeTimeout type="IntegerField">
+            <default>1800</default>
+            <Required>Y</Required>
+            <MinimumValue>1</MinimumValue>
+            <MaximumValue>86400</MaximumValue>
+            <ValidationMessage>Active timeout needs to be an integer value between 1 and 86400</ValidationMessage>
+         </activeTimeout>
+         <inactiveTimeout type="IntegerField">
+            <default>15</default>
+            <Required>Y</Required>
+            <MinimumValue>1</MinimumValue>
+            <MaximumValue>86400</MaximumValue>
+            <ValidationMessage>Inactive timeout needs to be an integer value between 1 and 86400</ValidationMessage>
+         </inactiveTimeout>
     </items>
 </model>
diff --git a/src/opnsense/service/templates/OPNsense/Netflow/netflow.conf b/src/opnsense/service/templates/OPNsense/Netflow/netflow.conf
index 264ed9bee..f5c0d0cad 100644
--- a/src/opnsense/service/templates/OPNsense/Netflow/netflow.conf
+++ b/src/opnsense/service/templates/OPNsense/Netflow/netflow.conf
@@ -25,4 +25,6 @@ netflow_egress_only="{% if OPNsense.Netflow.capture.egress_only %}{% for interfa
 netflow_version="{%if OPNsense.Netflow.capture.version == 'v9' %}9{% else %}5{%endif%}"
 netflow_int_destination="127.0.0.1:2055"
 netflow_destinations="{{OPNsense.Netflow.capture.targets.replace(',', ' ')}}"
+netflow_active_timeout={{OPNsense.Netflow.activeTimeout|default(1800)}}
+netflow_inactive_timeout={{OPNsense.Netflow.inactiveTimeout|default(15)}}
 {% endif %}