Thanks for publishing this in the forums. I’ve successfully used this for egress netflow on two internal interfaces. Here is what I did (although getting built-in support for this would be good).
Add to /opt/vyatta/etc/config/scripts/vyatta-postconfig-bootup.script :
_NF_EGRESS_IFACES="eth0 eth2"
_NF_EGRESS_CHAINS="VYATTA_POST_FW_IN_HOOK VYATTA_POST_FW_FWD_HOOK VYATTA_POST_FW_OUT_HOOK"
for IFACE in $_NF_EGRESS_IFACES; do
for CHAIN in $_NF_EGRESS_CHAINS; do
/sbin/iptables -t filter -I $CHAIN 1 -o $IFACE -j ULOG --ulog-nlgroup 2 --ulog-cprange 64 --ulog-qthreshold 10
done
done