Kernel module does not report all packets

[ElmerLastdrager]

I'm performing a test by downloading a 1MB file from a speedtest server. I'm expecting to see messages on the broker for all packets of the data stream. However, not all packets are shown.

It appears that in every aggregation window of 1 second, only one direction of each stream is printed. See below for an example.

Expected result: having all directions of all flows reported through the message broker, so that the total bytes add up to whatever got sent (or at least, roughly adds up).

Traffic [2s] speedtest.xs4all.net.:80 to RPi:55774: 56880 bytes
Traffic [3s] RPi:55774 to speedtest.xs4all.net.:80: 0 bytes
Traffic [4s] RPi:55774 to speedtest.xs4all.net.:80: 0 bytes
Traffic [6s] speedtest.xs4all.net.:80 to RPi:55774: 277890 bytes

Traffic summary:
speedtest.xs4all.net. -> RPi (80->55774) 334770 bytes
RPi -> speedtest.xs4all.net. (55774->80) 0 bytes

[ElmerLastdrager]

Moved to milestone 0.7 as discussed. This requires some extra thinking: the kernel module cannot keep up with all data streams. @tjeb is currently working on a version that is more efficient. However, it does not solve the problem completely.

Future work: look at netflow (and do DNS ourselves), test with better hardware, performance tests.