LINUX CATEGORIES:

GLOBAL PAGES >>
NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>

Find us on Google+

WEEK'S BEST

Linux Kernel 3.9.3 / 3....

LibreOffice 3.6.6 / 4.0.3

MPlayer 1.1.1

systemd 204

Arch Linux 2013.05.01

Blender 2.67a

KDE Software Compilatio...

CrunchBang Linux Stable...

Elementary OS 0.1 / 0.2...

SystemRescueCd 3.6.0

Home > Linux > Programming > Perl Modules

Net::Flow 0.04


Downloads: 798	View global page NEW! Tell us about an update

User Rating:
Rated by:

Good (3.5/5)
32 user(s)


Developer: License / Price: Last Updated: Category:	Atsushi Kobayashi \| More programs Perl Artistic License / FREE March 21st, 2008, 22:12 GMT ROOT / Programming / Perl Modules

Read user reviews (0)

Refer to a friend

Net::Flow description

A Perl module used to decode and encode NetFlow/IPFIX datagrams.

Net::Flow is a Perl module used to decode and encode NetFlow/IPFIX datagrams.

SYNOPSIS

EXAMPLE#1 - Output Flow Records of NetFlow v5, v9 and IPFIX -
The following script simply outputs the received Flow Records after decoding NetFlow/IPFIX datagrams. It can parse the NetFlow v5, v9 and IPFIX. If it receive NetFlow v9/IPFIX datagrams, several Templates of NetFlow/IPFIX can be kept as ARRAY reference $TemplateArrayRef. By adding it as the input parameter, it can parse the NetFlow/IPFIX datagrams without templates. If received Packet has same Template Id, this Template is overwritten by new one.

use strict ;
use Net::Flow qw(decode) ;
use IO::Socket::INET;

my $receive_port = 9993 ;
my $packet = undef ;
my $TemplateArrayRef = undef ;
my $sock = IO::Socket::INET->new( LocalPort =>$receive_port, Proto => 'udp') ;

while ($sock->recv($packet,1548)) {
my (
$HeaderHashRef,
$TemplateArrayRef,
$FlowArrayRef,
$ErrorsArrayRef)
= Net::Flow::decode(
$packet,
$TemplateArrayRef
) ;

grep{ print "$_n" }@{$ErrorsArrayRef} if( @{$ErrorsArrayRef} ) ;

print "n- Header Information -n" ;
foreach my $Key ( sort keys %{$HeaderHashRef} ){
printf " %s = =n",$Key,$HeaderHashRef->{$Key} ;
}

foreach my $TemplateRef ( @{$TemplateArrayRef} ){
print "n-- Template Information --n" ;

foreach my $TempKey ( sort keys %{$TemplateRef} ){
if( $TempKey eq "Template" ){
printf " %s = n",$TempKey ;
foreach my $Ref ( @{$TemplateRef->{Template}} ){
foreach my $Key ( keys %{$Ref} ){
printf " %s=d", $Key, $Ref->{$Key} ;
}
print "n" ;
}
}else{
printf " %s = =n", $TempKey, $TemplateRef->{$TempKey} ;
}
}
}

foreach my $FlowRef ( @{$FlowArrayRef} ){
print "n-- Flow Information --n" ;

foreach my $Id ( sort keys %{$FlowRef} ){
if( $Id eq "SetId" ){
print " $Id=$FlowRef->{$Id}n" ;
}else{
printf " Id=d Value=%sn",$Id,,unpack("H*",$FlowRef->{$Id}) ;
}
}
}
}

EXAMPLE#2 - Convert Protocol from NetFlow v5 to NetFlow v9 -
The following script converts NetFlow protocol from NetFlow v5 to NetFlow v9 as converter. At first, it decodes NetFlow v5 datagram. After that, these flow records are encoded into NetFlow v9 according to the particular Template which include sampling interval and sampling mode. And they are sent to the next Collector.

use strict;
use Net::Flow qw(decode encode) ;
use IO::Socket::INET ;

my $receive_port = 9995 ;
my $send_port = 9996 ;

my $packet = undef ;
my $TemplateRef = undef ;
my $MyTemplateRef={
'SetId' =>0,
'TemplateId' =>300,
'Template'=>[
{ 'Length' => 4, 'Id' => 8 }, # SRC_ADDR
{ 'Length' => 4, 'Id' => 12 }, # DST_ADDR
{ 'Length' => 4, 'Id' => 2 }, # PKTS
{ 'Length' => 4, 'Id' => 1 }, # BYTES
{ 'Length' => 2, 'Id' => 7 }, # SRC_PORT
{ 'Length' => 2, 'Id' => 11 }, # DST_PORT
{ 'Length' => 1, 'Id' => 4 }, # PROT
{ 'Length' => 1, 'Id' => 5 }, # TOS
{ 'Length' => 4, 'Id' => 34 }, # SAMPLING_INT
{ 'Length' => 1, 'Id' => 35 }, # SAMPLING_ALG
],
} ;

my @MyTemplates = ( $MyTemplateRef ) ;

my $EncodeHeaderHashRef = {
'SourceId' => 0,
'VersionNum' => 9,
'SequenceNum' => 0,
} ;

my $r_sock = IO::Socket::INET->new( LocalPort => $receive_port,
Proto => 'udp') ;

my $s_sock = IO::Socket::INET->new( PeerAddr => '127.0.0.1',
PeerPort => $send_port,
Proto => 'udp' ) ;

while ( $r_sock->recv($packet,1548) ) {

my $PktsArrayRef = undef ;

my ( $HeaderHashRef,
undef,
$FlowArrayRef,
$ErrorsArrayRef )
= Net::Flow::decode(
$packet,
undef
) ;

grep{ print "$_n" }@{$ErrorsArrayRef} if( @{$ErrorsArrayRef} ) ;

foreach my $HashRef ( @{$FlowArrayRef} ){
$HashRef->{"SetId"} = 300 ;
$HashRef->{"34"} = pack("N",$HeaderHashRef->{"SamplingInterval"})
if defined $HeaderHashRef->{"SamplingInterval"} ;
$HashRef->{"35"} = pack("N",$HeaderHashRef->{"SamplingMode"})
if defined $HeaderHashRef->{"SamplingMode"} ;
}

$EncodeHeaderHashRef->{"SysUpTime"} = $HeaderHashRef->{"SysUpTime"} ;
$EncodeHeaderHashRef->{"UnixSecs"} = $HeaderHashRef->{"UnixSecs"} ;
$EncodeHeaderHashRef->{"SequenceNum"} += 1 ;

( $EncodeHeaderHashRef,
$PktsArrayRef,
$ErrorsArrayRef)
= Net::Flow::encode(
$EncodeHeaderHashRef,
@MyTemplates,
$FlowArrayRef,
1400
) ;

grep{ print "$_n" }@{$ErrorsArrayRef} if( @{$ErrorsArrayRef} ) ;

foreach my $Ref (@{$PktsArrayRef}){
$s_sock->send($$Ref) ;
}

}

Product's homepage

Requirements:

· 1177

TAGS:	decode NetFlow/IPFIX datagrams \| encode NetFlow/IPFIX datagrams \| Perl module \| NetFlow \| IPFIX \| datagrams	SHARE THIS
		TWEET THIS

Go to top

SUBMIT PROGRAM \| ADVERTISE \| GET HELP \| SEND US FEEDBACK \| RSS FEEDS \| UPDATE YOUR SOFTWARE \| ROMANIAN FORUM
© 2001 - 2013 Softpedia. All rights reserved. Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.	Copyright Information \| Privacy Policy \| Terms of Use

LINUX CATEGORIES:

Net::Flow 0.04

Net::Flow description

A Perl module used to decode and encode NetFlow/IPFIX datagrams.

TAGS:

Share, bookmark, add