netflow5

package

v0.9.0 Latest Latest Go to latest Published: Oct 23, 2020 License: Apache-2.0 Imports: 7 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/VerizonDigital/vflow

Links

Open Source Insights

Documentation ¶

Overview ¶

Package netflow5 decodes netflow version v5 packets

Index ¶

type Decoder
- func NewDecoder(raddr net.IP, b []byte) *Decoder
- func (d *Decoder) Decode() (*Message, error)
type FlowRecord
type Message
- func (m *Message) JSONMarshal(b *bytes.Buffer) ([]byte, error)
type PacketHeader

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Decoder ¶

type Decoder struct {
	// contains filtered or unexported fields
}

Decoder represents Netflow payload and remote address

func NewDecoder ¶

func NewDecoder(raddr net.IP, b []byte) *Decoder

NewDecoder constructs a decoder

func (*Decoder) Decode ¶

func (d *Decoder) Decode() (*Message, error)

Decode decodes the flow records

type FlowRecord ¶

type FlowRecord struct {
	SrcAddr   uint32 // Source IP Address
	DstAddr   uint32 // Destination IP Address
	NextHop   uint32 // IP Address of the next hop router
	Input     uint16 // SNMP index of input interface
	Output    uint16 // SNMP index of output interface
	PktCount  uint32 // Number of packets in the flow
	L3Octets  uint32 // Total number of Layer 3 bytes in the packets of the flow
	StartTime uint32 // SysUptime at start of flow in ms since last boot
	EndTime   uint32 // SysUptime at end of the flow in ms since last boot
	SrcPort   uint16 // TCP/UDP source port number or equivalent
	DstPort   uint16 // TCP/UDP destination port number or equivalent
	Padding1  uint8  // Unused (zero) bytes
	TCPFlags  uint8  // Cumulative OR of TCP flags
	ProtType  uint8  // IP protocol type (for example, TCP = 6; UDP = 17)
	Tos       uint8  // IP type of service (ToS)
	SrcAsNum  uint16 // Autonomous system number of the source, either origin or peer
	DstAsNum  uint16 // Autonomous system number of the destination, either origin or peer
	SrcMask   uint8  // Source address prefix mask bits
	DstMask   uint8  // Destination address prefix mask bits
	Padding2  uint16 // Unused (zero) bytes
}

FlowRecord represents Netflow v5 flow Based on docs at https://www.plixer.com/support/netflow-v5/ 48 bytes long

type Message ¶

type Message struct {
	AgentID string
	Header  PacketHeader
	Flows   []FlowRecord
}

Message represents Netflow v5 decoded data

func (*Message) JSONMarshal ¶

func (m *Message) JSONMarshal(b *bytes.Buffer) ([]byte, error)

JSONMarshal encodes netflow v9 message

type PacketHeader ¶

type PacketHeader struct {
	Version        uint16 // Version of Flow Record format exported in this packet
	Count          uint16 // The total number of flows in the Export Packet
	SysUpTimeMSecs uint32 // Time in milliseconds since this device was first booted
	UNIXSecs       uint32 // Time in seconds since 0000 UTC 1970
	UNIXNSecs      uint32 // Residual nanoseconds since 0000 UTC 1970
	SeqNum         uint32 // Incremental sequence counter of total flows
	EngType        uint8  // An 8-bit value that identifies the type of flow-switching engine
	EngID          uint8  // An 8-bit value that identifies the Slot number of the flow-switching engine
	SmpInt         uint16 // A 16-bit value that identifies the Sampling Interval

}

PacketHeader represents Netflow v5 packet header Based on docs at https://www.plixer.com/support/netflow-v5/ 24 bytes long

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL