Merge branch 'j-licht-master'
This commit is contained in:
Dominik Pataky
commit
3f62e4a163
|
|
@ -15,7 +15,7 @@ Licensed under MIT License. See LICENSE.
|
||||||
import ipaddress
|
import ipaddress
|
||||||
import struct
|
import struct
|
||||||
|
|
||||||
__all__ = ["V9DataFlowSet", "V9DataRecord", "V9ExportPacket", "V9Header", "V9TemplateField",
|
__all__ = ["V9DataFlowSet", "V9DataRecord", "V9ExportPacket", "V9Header", "V9TemplateField", "V9OptionsTemplateFlowSet"
|
||||||
"V9TemplateFlowSet", "V9TemplateNotRecognized", "V9TemplateRecord"]
|
"V9TemplateFlowSet", "V9TemplateNotRecognized", "V9TemplateRecord"]
|
||||||
|
|
||||||
V9_FIELD_TYPES = {
|
V9_FIELD_TYPES = {
|
||||||
|
|
@ -263,6 +263,17 @@ class V9TemplateRecord:
|
||||||
' '.join([V9_FIELD_TYPES[field.field_type] for field in self.fields]))
|
' '.join([V9_FIELD_TYPES[field.field_type] for field in self.fields]))
|
||||||
|
|
||||||
|
|
||||||
|
class V9OptionsTemplateFlowSet:
|
||||||
|
"""An options template flowset. Always uses flowset ID 1.
|
||||||
|
TODO: not handled at the moment, only stub implementation
|
||||||
|
"""
|
||||||
|
def __init__(self, data):
|
||||||
|
pack = struct.unpack('!HHH', data[:6])
|
||||||
|
self.flowset_id = pack[0]
|
||||||
|
self.length = pack[1]
|
||||||
|
self.template_id = pack[2]
|
||||||
|
|
||||||
|
|
||||||
class V9TemplateFlowSet:
|
class V9TemplateFlowSet:
|
||||||
"""A template flowset, which holds an id that is used by data flowsets to
|
"""A template flowset, which holds an id that is used by data flowsets to
|
||||||
reference back to the template. The template then has fields which hold
|
reference back to the template. The template then has fields which hold
|
||||||
|
|
@ -340,6 +351,7 @@ class V9ExportPacket:
|
||||||
skipped_flowsets_offsets = []
|
skipped_flowsets_offsets = []
|
||||||
while offset != len(data):
|
while offset != len(data):
|
||||||
flowset_id = struct.unpack('!H', data[offset:offset + 2])[0]
|
flowset_id = struct.unpack('!H', data[offset:offset + 2])[0]
|
||||||
|
|
||||||
if flowset_id == 0: # TemplateFlowSet always have id 0
|
if flowset_id == 0: # TemplateFlowSet always have id 0
|
||||||
tfs = V9TemplateFlowSet(data[offset:])
|
tfs = V9TemplateFlowSet(data[offset:])
|
||||||
|
|
||||||
|
|
@ -353,6 +365,13 @@ class V9ExportPacket:
|
||||||
# Update the templates with the provided templates, even if they are the same
|
# Update the templates with the provided templates, even if they are the same
|
||||||
self._templates.update(tfs.templates)
|
self._templates.update(tfs.templates)
|
||||||
offset += tfs.length
|
offset += tfs.length
|
||||||
|
|
||||||
|
elif flowset_id == 1: # Option templates always use ID 1
|
||||||
|
# TODO: Options templates are ignored, to prevent template ID collision
|
||||||
|
# (if a collision can occur is not yet tested)
|
||||||
|
otfs = V9OptionsTemplateFlowSet(data[offset:])
|
||||||
|
offset += otfs.length
|
||||||
|
|
||||||
else:
|
else:
|
||||||
try:
|
try:
|
||||||
dfs = V9DataFlowSet(data[offset:], self._templates)
|
dfs = V9DataFlowSet(data[offset:], self._templates)
|
||||||
|
|
|
||||||
2
setup.py
2
setup.py
|
|
@ -7,7 +7,7 @@ with open("README.md", "r") as fh:
|
||||||
|
|
||||||
setup(
|
setup(
|
||||||
name='netflow',
|
name='netflow',
|
||||||
version='0.10.4',
|
version='0.10.5',
|
||||||
description='NetFlow v1, v5, v9 and IPFIX tool suite implemented in Python 3',
|
description='NetFlow v1, v5, v9 and IPFIX tool suite implemented in Python 3',
|
||||||
long_description=long_description,
|
long_description=long_description,
|
||||||
long_description_content_type='text/markdown',
|
long_description_content_type='text/markdown',
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue