Data-Netflow
3 results

 view release on metacpan or  search on metacpan

lib/Data/Netflow.pm  view on Meta::CPAN 

            if ( $Id->[$fieldsIdx]{Id} == 8 || $Id->[$fieldsIdx]{Id} == 12 )
            {
                $packedData .= $flow->[$fieldsIdx] =~ /:/ ? inet_pton( AF_INET6, $flow->[$fieldsIdx] ) : inet_pton( AF_INET, $flow->[$fieldsIdx] );
            }
            else
            {
                $packedData .= pack $L, $flow->[$fieldsIdx];
            }
        }
    }
    $out .= pack "n2", $template->{TemplateId}, ( length( $packedData ) + 4 );
    $out .= $packedData;
    return $out;
}

=head2 encodeV5

encode data for netflow version 5

=cut

sub encodeV5
{
    my ( $header, $template, $flowArrayRef ) = @_;
    my @flows = @$flowArrayRef;
    my $Id    = $template->{Fields};
    $header->{SysUptime} //= int uptime() * 1000;
    ( $header->{UnixSecs}, $header->{UnixNsecs} ) = ( gettimeofday );
    $header->{FlowSeq}     //= 0;
    $header->{EngineType}  //= 0;
    $header->{EngineId}    //= 0;
    $header->{SamplingInt} //= 0;

    $header->{Count} = scalar @flows;
    my $out = pack "n2N4CCn", @{$header}{qw{Version Count SysUptime UnixSecs UnixNsecs FlowSeq EngineType EngineId SamplingInt}};

    my $packedData;
    foreach my $flow ( @flows )
    {
        foreach my $fieldsIdx ( 0 .. $#$flow )
        {
            my $L = $Ls{$Id->[$fieldsIdx]{Length}};
            if ( $Id->[$fieldsIdx]{Id} == 1 || $Id->[$fieldsIdx]{Id} == 2 || $Id->[$fieldsIdx]{Id} == 3 )
            {
                $packedData .= $flow->[$fieldsIdx] =~ /:/ ? inet_pton( AF_INET6, $flow->[$fieldsIdx] ) : inet_pton( AF_INET, $flow->[$fieldsIdx] );
            }
            else
            {
                $packedData .= pack $L, $flow->[$fieldsIdx];
            }
        }
    }
    $out .= $packedData;
    return $out;
}

sub uptime
{
    return (
        split /\s/,
        do {local ( @ARGV, $/ ) = '/proc/uptime'; <>}
    )[0];
}

=head1 AUTHOR

DULAUNOY Fabrice, C<< <fabrice at dulaunoy.com> >>

=head1 BUGS

Please report any bugs or feature requests to C<bug-data-netflow at rt.cpan.org>, or through
the web interface at L<http://rt.cpan.org/NoAuth/ReportBug.html?Queue=Data-Netflow>.  I will be notified, and then you'll
automatically be notified of progress on your bug as I make changes.


=head1 TODO

decode V9 for multiple data set (and multiple template )
decode V9 return by id or by name (if flag) like for V5
A single encode (detect version by the header)
IPFIX (maybe)

=head1 SUPPORT

You can find documentation for this module with the perldoc command.

    perldoc Data::Netflow

For the netflow format:

Version 5:


Version 9:

https://www.ietf.org/rfc/rfc3954.txt

You can also look for information at:

=over 4

=item * RT: CPAN's request tracker (report bugs here)

L<http://rt.cpan.org/NoAuth/Bugs.html?Dist=Data-Netflow>

=item * AnnoCPAN: Annotated CPAN documentation

L<http://annocpan.org/dist/Data-Netflow>

=item * CPAN Ratings

L<http://cpanratings.perl.org/d/Data-Netflow>

=item * Search CPAN

L<http://search.cpan.org/dist/Data-Netflow/>

=back


=head1 ACKNOWLEDGEMENTS



( run in 1.263 second using v1.01-cache-2.11-cpan-f56aa216473 )