Skip to content

Commit

Permalink
Merge branch 'louis/fragments' into release-2.x.x
Browse files Browse the repository at this point in the history
  • Loading branch information
@lspgn
lspgn committed Oct 8, 2018
2 parents 97e3054 + f7cc44a commit d8c3bb0
Show file tree
Hide file tree
Showing 4 changed files with 89 additions and 50 deletions.
120 changes: 70 additions & 50 deletions pb/flow.pb.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions pb/flow.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,11 @@ message FlowMessage {
uint32 IcmpType = 31;
uint32 IcmpCode = 32;

// Vlan
uint32 SrcVlan = 33;
uint32 DstVlan = 34;

// Fragments (IPv4/IPv6)
uint32 FragmentId = 35;
uint32 FragmentOffset = 36;
}
5 changes: 5 additions & 0 deletions producer/producer_nf.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -259,6 +259,11 @@ func ConvertNetFlowDataSet(version uint16, baseTime uint32, uptime uint32, recor
case netflow.NFV9_FIELD_DST_VLAN:
DecodeUNumber(v, &(flowMessage.DstVlan))

case netflow.NFV9_FIELD_IPV4_IDENT:
DecodeUNumber(v, &(flowMessage.FragmentId))
case netflow.NFV9_FIELD_FRAGMENT_OFFSET:
DecodeUNumber(v, &(flowMessage.FragmentOffset))

default:
if version == 9 {
// NetFlow v9 time works with a differential based on router's uptime
Expand Down
9 changes: 9 additions & 0 deletions producer/producer_sf.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,9 @@ func ParseSampledHeader(flowMessage *flowmessage.FlowMessage, sampledHeader *sfl
var srcMac uint64
var dstMac uint64

var identification uint16
var fragOffset uint16

dstMac = binary.BigEndian.Uint64(append([]byte{0, 0}, data[0:6]...))
srcMac = binary.BigEndian.Uint64(append([]byte{0, 0}, data[6:12]...))
(*flowMessage).SrcMac = srcMac
Expand All @@ -62,6 +65,9 @@ func ParseSampledHeader(flowMessage *flowmessage.FlowMessage, sampledHeader *sfl
dataTransport = data[offset+20 : len(data)]
tos = data[offset+1]
ttl = data[offset+8]

identification = binary.BigEndian.Uint16(data[offset+4 : offset+6])
fragOffset = binary.BigEndian.Uint16(data[offset+6 : offset+8])
}
} else if etherType[0] == 0x86 && etherType[1] == 0xdd { // IPv6
(*flowMessage).IPversion = flowmessage.FlowMessage_IPv6
Expand Down Expand Up @@ -101,6 +107,9 @@ func ParseSampledHeader(flowMessage *flowmessage.FlowMessage, sampledHeader *sfl
(*flowMessage).IPTos = uint32(tos)
(*flowMessage).IPTTL = uint32(ttl)
(*flowMessage).TCPFlags = uint32(tcpflags)

(*flowMessage).FragmentId = uint32(identification)
(*flowMessage).FragmentOffset = uint32(fragOffset)
}
return nil
}
Expand Down

0 comments on commit d8c3bb0

Please sign in to comment.