summaryrefslogtreecommitdiffstats
path: root/output/ulogd_output_IPFIX.c
Commit message (Collapse)AuthorAgeFilesLines
* IPFIX: Add IPFIX output pluginAnder Juaristi2019-04-301-546/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds an IPFIX output plugin to ulogd2. It generates NetFlow/IPFIX traces and sends them to a remote server (collector) via TCP or UDP. Based on original work by Holger Eitzenberger <holger@eitzenberger.org>. How to test this ---------------- I am currently testing this with the NFCT input and Wireshark. Place the following in ulogd.conf: # this will print all flows on screen loglevel=1 # load NFCT and IPFIX plugins plugin="/lib/ulogd/ulogd_inpflow_NFCT.so" plugin="/lib/ulogd/ulogd_output_IPFIX.so" stack=ct1:NFCT,ipfix1:IPFIX [ct1] netlink_socket_buffer_size=217088 netlink_socket_buffer_maxsize=1085440 accept_proto_filter=tcp,sctp [ipfix1] oid=1 host="127.0.0.1" #port=4739 #send_template="once" I am currently testing it by launching a plain NetCat listener on port 4739 (the default for IPFIX) and then running Wireshark and see that it dissects the IPFIX/NetFlow traffic correctly (obviously this relies on the Wireshark NetFlow dissector being correct). First: nc -vvvv -l 127.0.0.1 4739 Then: sudo ulogd -vc ulogd.conf Signed-off-by: Ander Juaristi <a@juaristi.eus> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Use stdint types everywhereFelix Janda2015-06-261-10/+10
| | | | Signed-off-by: Felix Janda <felix.janda@posteo.de>
* Get rid of SVN tag in comment.Eric Leblond2013-01-181-3/+1
| | | | This patch also update some copyright and licence declaration.
* ipfix: fix bracket imbalance if IPPROTO_SCTP is definedThomas Jarosch2012-08-061-0/+1
| | | | | | | Detected by cppcheck. Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: fix version that -V displaysPablo Neira Ayuso2012-08-031-1/+1
| | | | | | | It was wrong, use VERSION constant which uses the version information available in configure.ac. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* IPFIX: preliminary fixes, yet unusablePablo Neira Ayuso2009-07-291-9/+5
| | | | | | | | | This patch is a preliminary fix for the yet-unfinished IPFIX support. This patch resolves a couple of bugs that made ulogd crash and a couple of missing symbols that didn't allow to use this plugin in the configuration file. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Minor IPFIX fixesEric Leblond2008-07-231-5/+7
| | | | | | | IPFIX needs some huge work. This patch fixes some basic logic errors. Signed-off-by: Eric Leblond <eric@inl.fr> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* Use ULOGD_IRET_* as return for all interpretersEric Leblond2008-06-121-2/+2
| | | | | | | | This patch modifies plugins to use the already defined but not used define. This also fixes some weird behaviours in error treatment (like not stopping after OOM). Signed-off-by: Eric Leblond <eric@inl.fr>
* commit some more ipfix work/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-05-221-28/+208
|
* disabel SCTP for now :(/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-071-1/+6
|
* further work on IPFIX output/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2006-01-071-6/+53
|
* make ipfix output plugin compile (not yet functional)/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-12-151-58/+57
|
* add some more yet unfinished IPFIX output code/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=laforge/emailAddress=laforge@netfilter.org2005-12-141-24/+155
|
* some plugins support packet and flow data typeslaforge2005-11-201-1/+1
|
* introduce version field for plugins, refuse loading plugins with different ↵laforge2005-11-051-0/+1
| | | | version
* just some very early skeleton code for IPFIX exportinglaforge2005-11-041-0/+186