nfprobe

A netflow probe using bpf.

Features

• data enrichment
• output

TODO

kprobe/kretprobe can run on different processors, as a function could resume on a new processor.

Can a function resume on a new thread?

ktime does not count for hibernation.