netflow: Increase maximum number of NetFlow records to 30.

NetFlow v5 allows up to 30 records per packet but we were incorrectly
limiting to 29.  This corrects that and also uses the count of the
number of records in the header rather than the packet size since
it is easier to reason about.

Bug #2103

diff --git a/secchan/netflow.c b/secchan/netflow.c
index 7dd2e043136b8e80d4079fc16cc3a7c36ba3c694..7912b4b88dd5dc901d583875847498a4fe8821ce 100644 (file)
--- a/secchan/netflow.c
+++ b/secchan/netflow.c
@@ -221,9 +221,8 @@ netflow_expire(struct netflow *nf, const struct ofexpired *expired)
     nf_rec->ip_proto = expired->flow.nw_proto;
     nf_rec->ip_tos = expired->ip_tos;
 
-    /* NetFlow messages are limited to 30 records.  A length of 1400
-     * bytes guarantees that the limit is not exceeded.  */
-    if (nf->packet.size >= 1400) {
+    /* NetFlow messages are limited to 30 records. */
+    if (ntohs(nf_hdr->count) >= 30) {
         netflow_run(nf);
     }
 }