Documentation
¶
Index ¶
Constants ¶
const ( IN_BYTES = 1 IN_PKTS = 2 FLOWS = 3 PROTOCOL = 4 SRC_TOS = 5 TCP_FLAGS = 6 L4_SRC_PORT = 7 IPV4_SRC_ADDR = 8 SRC_MASK = 9 INPUT_SNMP = 10 L4_DST_PORT = 11 IPV4_DST_ADDR = 12 DST_MASK = 13 OUTPUT_SNMP = 14 IPV4_NEXT_HOP = 15 SRC_AS = 16 DST_AS = 17 BGP_IPV4_NEXT_HOP = 18 MUL_DST_PKTS = 19 MUL_DST_BYTES = 20 LAST_SWITCHED = 21 FIRST_SWITCHED = 22 OUT_BYTES = 23 OUT_PKTS = 24 MIN_PKT_LNGTH = 25 MAX_PKT_LNGTH = 26 IPV6_SRC_ADDR = 27 IPV6_DST_ADDR = 28 IPV6_SRC_MASK = 29 IPV6_DST_MASK = 30 IPV6_FLOW_LABEL = 31 ICMP_TYPE = 32 MUL_IGMP_TYPE = 33 SAMPLING_INTERVAL = 34 SAMPLING_ALGORITHM = 35 FLOW_ACTIVE_TIMEOUT = 36 FLOW_INACTIVE_TIMEOUT = 37 ENGINE_TYPE = 38 ENGINE_ID = 39 TOTAL_BYTES_EXP = 40 TOTAL_PKTS_EXP = 41 TOTAL_FLOWS_EXP = 42 IPV4_SRC_PREFIX = 44 IPV4_DST_PREFIX = 45 MPLS_TOP_LABEL_TYPE = 46 MPLS_TOP_LABEL_IP_ADDR = 47 FLOW_SAMPLER_ID = 48 FLOW_SAMPLER_MODE = 49 FLOW_SAMPLER_RANDOM_INTERVAL = 50 MIN_TTL = 52 MAX_TTL = 53 IPV4_IDENT = 54 DST_TOS = 55 IN_SRC_MAC = 56 OUT_DST_MAC = 57 SRC_VLAN = 58 DST_VLAN = 59 IP_PROTOCOL_VERSION = 60 DIRECTION = 61 IPV6_NEXT_HOP = 62 BGP_IPV6_NEXT_HOP = 63 IPV6_OPTION_HEADERS = 64 MPLS_LABEL_1 = 70 MPLS_LABEL_2 = 71 MPLS_LABEL_3 = 72 MPLS_LABEL_4 = 73 MPLS_LABEL_5 = 74 MPLS_LABEL_6 = 75 MPLS_LABEL_7 = 76 MPLS_LABEL_8 = 77 MPLS_LABEL_9 = 78 MPLS_LABEL_10 = 79 IN_DST_MAC = 80 OUT_SRC_MAC = 81 IF_NAME = 82 IF_DESC = 83 SAMPLER_NAME = 84 IN_PERMANENT_BYTES = 85 IN_PERMANENT_PKTS = 86 FRAGMENT_OFFSET = 88 FORWARDING_STATUS = 89 MPLS_PAL_RD = 90 MPLS_PREFIX_LEN = 91 SRC_TRAFFIC_INDEX = 92 DST_TRAFFIC_INDEX = 93 APPLICATION_DESCRIPTION = 94 APPLICATION_TAG = 95 APPLICATION_NAME = 96 )
Constants for Field Types
Variables ¶
var StartTime = time.Now().UnixNano()
StartTime Start time for this instance, used to compute sysUptime
Functions ¶
func GetNetFlowSizes ¶
GetNetFlowSizes Gets the size of a given Netflow and returns it as a String
Types ¶
type DataFlowSet ¶
type DataFlowSet struct {
FlowSetID uint16 // should equal template id previously passed... for generation maybe always use 256?
Length uint16
Items []DataItem
Padding int //used to calculate "pad" the flowset to 32 bit
}
DataFlowSet for Netflow
func (*DataFlowSet) Generate ¶
func (d *DataFlowSet) Generate(flowCount int) DataFlowSet
Generate a DataFlowSet. Per Netflow v9 spec, FlowSetID is *always* set to the TemplateID from a given TemplateFlowSet. Hardcoded TemplateID to 256, but could be variable as long as it is greater than 255 Currently hardcoded to generate random src/dst IPs from 10.0.0.0/8. TODO: Modify src/dst IP handling to allow for passing of values TODO: Currently hardcoded to be a HTTPS flow.
type Header ¶
type Header struct {
Version uint16
FlowCount uint16
SysUptime uint32
UnixSec uint32
FlowSequence uint32
SourceID uint32
}
Header NetflowHeader v9
type Netflow ¶
type Netflow struct {
Header Header
TemplateFlowSets []TemplateFlowSet
DataFlowSets []DataFlowSet
}
Netflow complete record
func GenerateDataNetflow ¶
GenerateDataNetflow Generates a Netflow containing Data flows
func GenerateNetflow ¶
GenerateNetflow Generates a combined Template and Data flow Netflow struct. Not required by spec, but can be done.
func GenerateTemplateNetflow ¶
GenerateTemplateNetflow Generates a Netflow containing Template flow
type TemplateFlowSet ¶
type TemplateFlowSet struct {
FlowSetID uint16 // seems to always be 0???
Length uint16
Templates []Template
}
TemplateFlowSet for Netflow
func (*TemplateFlowSet) Generate ¶
func (t *TemplateFlowSet) Generate() TemplateFlowSet
Generate a TemplateFlowSet. Per Netflow v9 spec, FlowSetID is *always* 0 for a TemplateFlow. Hardcoded TemplateID to 256, but could be variable as long as it is greater than 255 TODO: Hardcoded FieldCount and Fields for HTTPS Flow. Need to work on Generating different flows
Source Files