diff --git a/data/templates/sflow/hsflowd.conf.j2 b/data/templates/sflow/hsflowd.conf.j2
index 7ce6554d7..94f5939be 100644
--- a/data/templates/sflow/hsflowd.conf.j2
+++ b/data/templates/sflow/hsflowd.conf.j2
@@ -1,28 +1,31 @@
# Genereated by /usr/libexec/vyos/conf_mode/system_sflow.py
# Parameters http://sflow.net/host-sflow-linux-config.php
sflow {
{% if polling is vyos_defined %}
polling={{ polling }}
{% endif %}
{% if sampling_rate is vyos_defined %}
sampling={{ sampling_rate }}
sampling.bps_ratio=0
{% endif %}
{% if agent_address is vyos_defined %}
agentIP={{ agent_address }}
{% endif %}
{% if agent_interface is vyos_defined %}
agent={{ agent_interface }}
{% endif %}
{% if server is vyos_defined %}
{% for server, server_config in server.items() %}
collector { ip = {{ server }} udpport = {{ server_config.port }} }
{% endfor %}
{% endif %}
{% if interface is vyos_defined %}
{% for iface in interface %}
pcap { dev={{ iface }} }
{% endfor %}
{% endif %}
+{% if drop_monitor_limit is vyos_defined %}
+ dropmon { limit={{ drop_monitor_limit }} start=on sw=on hw=off }
+{% endif %}
}
diff --git a/interface-definitions/system-sflow.xml.in b/interface-definitions/system-sflow.xml.in
index a53c99937..335181fe1 100644
--- a/interface-definitions/system-sflow.xml.in
+++ b/interface-definitions/system-sflow.xml.in
@@ -1,103 +1,115 @@
<?xml version="1.0" encoding="UTF-8"?>
<!-- sflow configuration -->
<interfaceDefinition>
<node name="system">
<children>
<node name="sflow" owner="${vyos_conf_scripts_dir}/system_sflow.py">
<properties>
<help>sFlow settings</help>
<priority>990</priority>
</properties>
<children>
<leafNode name="agent-address">
<properties>
<help>sFlow agent IPv4 or IPv6 address</help>
<completionHelp>
<list>auto</list>
<script>${vyos_completion_dir}/list_local_ips.sh --both</script>
</completionHelp>
<valueHelp>
<format>ipv4</format>
<description>sFlow IPv4 agent address</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>sFlow IPv6 agent address</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
<validator name="ipv6-link-local"/>
</constraint>
</properties>
</leafNode>
<leafNode name="agent-interface">
<properties>
<help>IP address associated with this interface</help>
<completionHelp>
<script>${vyos_completion_dir}/list_interfaces</script>
</completionHelp>
<valueHelp>
<format>txt</format>
<description>Interface name</description>
</valueHelp>
<constraint>
#include <include/constraint/interface-name.xml.in>
</constraint>
</properties>
</leafNode>
+ <leafNode name="drop-monitor-limit">
+ <properties>
+ <help>Export headers of dropped by kernel packets</help>
+ <valueHelp>
+ <format>u32:1-65535</format>
+ <description>Maximum rate limit of N drops per second send out in the sFlow datagrams</description>
+ </valueHelp>
+ <constraint>
+ <validator name="numeric" argument="--range 1-65535"/>
+ </constraint>
+ </properties>
+ </leafNode>
#include <include/generic-interface-multi.xml.i>
<leafNode name="polling">
<properties>
<help>Schedule counter-polling in seconds</help>
<valueHelp>
<format>u32:1-600</format>
<description>Polling rate in seconds</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-600"/>
</constraint>
</properties>
<defaultValue>30</defaultValue>
</leafNode>
<leafNode name="sampling-rate">
<properties>
<help>sFlow sampling-rate</help>
<valueHelp>
<format>u32:1-65535</format>
<description>Sampling rate (1 in N packets)</description>
</valueHelp>
<constraint>
<validator name="numeric" argument="--range 1-65535"/>
</constraint>
</properties>
<defaultValue>1000</defaultValue>
</leafNode>
<tagNode name="server">
<properties>
<help>sFlow destination server</help>
<valueHelp>
<format>ipv4</format>
<description>IPv4 server to export sFlow</description>
</valueHelp>
<valueHelp>
<format>ipv6</format>
<description>IPv6 server to export sFlow</description>
</valueHelp>
<constraint>
<validator name="ipv4-address"/>
<validator name="ipv6-address"/>
</constraint>
</properties>
<children>
#include <include/port-number.xml.i>
<leafNode name="port">
<defaultValue>6343</defaultValue>
</leafNode>
</children>
</tagNode>
</children>
</node>
</children>
</node>
</interfaceDefinition>
diff --git a/smoketest/scripts/cli/test_system_sflow.py b/smoketest/scripts/cli/test_system_sflow.py
index b593c21e6..f50052d31 100755
--- a/smoketest/scripts/cli/test_system_sflow.py
+++ b/smoketest/scripts/cli/test_system_sflow.py
@@ -1,93 +1,96 @@
#!/usr/bin/env python3
#
# Copyright (C) 2023 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import unittest
from base_vyostest_shim import VyOSUnitTestSHIM
from vyos.configsession import ConfigSessionError
from vyos.ifconfig import Section
from vyos.util import cmd
from vyos.util import process_named_running
from vyos.util import read_file
PROCESS_NAME = 'hsflowd'
base_path = ['system', 'sflow']
hsflowd_conf = '/run/sflow/hsflowd.conf'
class TestSystemFlowAccounting(VyOSUnitTestSHIM.TestCase):
@classmethod
def setUpClass(cls):
super(TestSystemFlowAccounting, cls).setUpClass()
# ensure we can also run this test on a live system - so lets clean
# out the current configuration :)
cls.cli_delete(cls, base_path)
def tearDown(self):
# after service removal process must no longer run
self.assertTrue(process_named_running(PROCESS_NAME))
self.cli_delete(base_path)
self.cli_commit()
# after service removal process must no longer run
self.assertFalse(process_named_running(PROCESS_NAME))
def test_sflow(self):
agent_address = '192.0.2.5'
agent_interface = 'eth0'
polling = '24'
sampling_rate = '128'
server = '192.0.2.254'
port = '8192'
+ mon_limit = '50'
self.cli_set(
['interfaces', 'dummy', 'dum0', 'address', f'{agent_address}/24'])
self.cli_set(base_path + ['agent-address', agent_address])
self.cli_set(base_path + ['agent-interface', agent_interface])
# You need to configure at least one interface for sflow
with self.assertRaises(ConfigSessionError):
self.cli_commit()
for interface in Section.interfaces('ethernet'):
self.cli_set(base_path + ['interface', interface])
self.cli_set(base_path + ['polling', polling])
self.cli_set(base_path + ['sampling-rate', sampling_rate])
self.cli_set(base_path + ['server', server, 'port', port])
+ self.cli_set(base_path + ['drop-monitor-limit', mon_limit])
# commit changes
self.cli_commit()
# verify configuration
hsflowd = read_file(hsflowd_conf)
self.assertIn(f'polling={polling}', hsflowd)
self.assertIn(f'sampling={sampling_rate}', hsflowd)
self.assertIn(f'agentIP={agent_address}', hsflowd)
self.assertIn(f'agent={agent_interface}', hsflowd)
self.assertIn(f'collector {{ ip = {server} udpport = {port} }}', hsflowd)
+ self.assertIn(f'dropmon {{ limit={mon_limit} start=on sw=on hw=off }}', hsflowd)
for interface in Section.interfaces('ethernet'):
self.assertIn(f'pcap {{ dev={interface} }}', hsflowd)
if __name__ == '__main__':
unittest.main(verbosity=2)