Only send NetFlow notifications for IP traffic.

NetFlow only supports exporting information about IP.  We were sending a
notification for any flow that expired, which included non-IP packets.
This would generate NetFlow messages with nearly all fields set to zero.
Now, we only send NetFlow for packets that are IP.  (Bug #1256)

diff --git a/secchan/netflow.c b/secchan/netflow.c
index 99285a0ed581f4779f86a9065d72f873eacea070..7c16facbaee670627543c0cb72b002df383a6a65 100644 (file)
--- a/secchan/netflow.c
+++ b/secchan/netflow.c
@@ -178,6 +178,11 @@ netflow_expire(struct netflow *nf, const struct ofexpired *expired)
     struct netflow_v5_record *nf_rec;
     struct timeval now;
 
+    /* NetFlow only reports on IP packets. */
+    if (expired->flow.dl_type != htons(ETH_TYPE_IP)) {
+        return;
+    }
+
     time_timeval(&now);
 
     if (!nf->packet.size) {