Annotation of embedaddon/trafshow/cisco_netflow.h, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (c) 2003 Rinet Corp., Novosibirsk, Russia
! 3: *
! 4: * Redistribution and use in source forms, with and without modification,
! 5: * are permitted provided that this entire comment appears intact.
! 6: *
! 7: * THIS SOURCE CODE IS PROVIDED ``AS IS'' WITHOUT ANY WARRANTIES OF ANY KIND.
! 8: */
! 9:
! 10: #ifndef _CISCO_NETFLOW_H_
! 11: #define _CISCO_NETFLOW_H_
! 12:
! 13: #include <sys/types.h>
! 14:
! 15: #define CNF_PORT 9995 /* collector UDP port by default */
! 16:
! 17: /*
! 18: * Cisco Netflow packets format
! 19:
! 20: */
! 21: /*
! 22: * Version 1 Header Format
! 23: */
! 24: typedef struct cnf_hdr_v1 {
! 25: u_int16_t version; /* version number=1 */
! 26: u_int16_t counter; /* number of exported flows (1-24) */
! 27: u_int32_t sysuptime; /* milliseconds since router booted */
! 28: u_int32_t unix_secs; /* current seconds since UTC */
! 29: u_int32_t unix_nsecs; /* current nanoseconds since UTC */
! 30: } CNF_HDR_V1;
! 31:
! 32: /*
! 33: * Version 1 Flow Record Format
! 34: */
! 35: typedef struct cnf_data_v1 {
! 36: u_int32_t src_addr; /* source IP address */
! 37: u_int32_t dst_addr; /* destination IP address */
! 38: u_int32_t nexthop; /* next hop router's IP address */
! 39: u_int16_t ifin; /* input interface's SNMP index */
! 40: u_int16_t ifout; /* output interface's SNMP index */
! 41: u_int32_t dpkts; /* packets in the flow */
! 42: u_int32_t doctets; /* total number of L3 bytes */
! 43: u_int32_t firsttime; /* sysuptime at start of flow */
! 44: u_int32_t lasttime; /* sysuptime at last packet of flow */
! 45: u_int16_t src_port; /* source port number */
! 46: u_int16_t dst_port; /* destination port number */
! 47: u_int16_t pad1; /* unused (zero) bytes */
! 48: u_int8_t proto; /* IP protocol */
! 49: u_int8_t tos; /* type of service */
! 50: u_int8_t flags; /* cumulative OR of TCP flags */
! 51: u_int8_t tcp_retx_cnt; /* Number of mis-sequenced packets with delay >1sec */
! 52: u_int8_t tcp_retx_secs; /* Cumulative seconds between mis-sequenced packets */
! 53: u_int8_t tcp_misseq_cnt; /* Number of mis-sequenced packets seen */
! 54: u_int8_t reserved[4]; /* unused (zero) bytes */
! 55: } CNF_DATA_V1;
! 56:
! 57: /*
! 58: * Version 5 Header Format
! 59: */
! 60: typedef struct cnf_hdr_v5 {
! 61: u_int16_t version; /* version number=5 */
! 62: u_int16_t counter; /* number of exported flows (1-30) */
! 63: u_int32_t sysuptime; /* milliseconds since router booted */
! 64: u_int32_t unix_secs; /* current seconds since UTC */
! 65: u_int32_t unix_nsecs; /* current nanoseconds since UTC */
! 66: u_int32_t sequence; /* sequence counter of total flows seen */
! 67: u_int8_t engine_type; /* switching engine type (RP,VIP) */
! 68: u_int8_t engine_id; /* switching engine slot number */
! 69: u_int16_t sampling_interval; /* see bellow */
! 70: /*
! 71: * Sampling mode and the sampling interval information.
! 72: * The first two bits of this field indicates the sampling mode:
! 73: * 00 = No sampling mode is configured
! 74: * 01 = `Packet Interval' sampling mode is configured.
! 75: * (One of every x packet is selected and placed in the NetFlow cache).
! 76: * 10 = Reserved
! 77: * 11 = Reserved
! 78: * The remaining 14 bits hold the value of the sampling interval.
! 79: * The sampling interval can have any value in the range of 10 to 16382
! 80: * (for example, 0x000A to 0x3FFE).
! 81: */
! 82: } CNF_HDR_V5;
! 83:
! 84: /*
! 85: * Version 5 Flow Record Format
! 86: */
! 87: typedef struct cnf_data_v5 {
! 88: u_int32_t src_addr; /* source IP address */
! 89: u_int32_t dst_addr; /* destination IP address */
! 90: u_int32_t nexthop; /* next hop router's IP address */
! 91: u_int16_t ifin; /* input interface's SNMP index */
! 92: u_int16_t ifout; /* output interface's SNMP index */
! 93: u_int32_t dpkts; /* packets in the flow */
! 94: u_int32_t doctets; /* total number of L3 bytes */
! 95: u_int32_t firsttime; /* sysuptime at start of flow */
! 96: u_int32_t lasttime; /* sysuptime at last packet of flow */
! 97: u_int16_t src_port; /* source port number */
! 98: u_int16_t dst_port; /* destination port number */
! 99: u_int8_t pad1; /* unused (zero) byte */
! 100: u_int8_t flags; /* cumulative OR of TCP flags */
! 101: u_int8_t proto; /* IP protocol */
! 102: u_int8_t tos; /* type of service */
! 103: u_int16_t src_as; /* AS of the source (origin or peer) */
! 104: u_int16_t dst_as; /* AS of the destination */
! 105: u_int8_t src_mask; /* source address prefix mask bits */
! 106: u_int8_t dst_mask; /* dest address prefix mask bits */
! 107: u_int16_t pad2; /* unused (zero) bytes */
! 108: } CNF_DATA_V5;
! 109:
! 110: /*
! 111: * Version 7 Header Format
! 112: */
! 113: typedef struct cnf_hdr_v7 {
! 114: u_int16_t version; /* version number=7 */
! 115: u_int16_t counter; /* number of exported flows (1-27) */
! 116: u_int32_t sysuptime; /* milliseconds since router booted */
! 117: u_int32_t unix_secs; /* current seconds since UTC */
! 118: u_int32_t unix_nsecs; /* current nanoseconds since UTC */
! 119: u_int32_t sequence; /* sequence counter of total flows */
! 120: u_int32_t reserved; /* unused (zero) bytes */
! 121: } CNF_HDR_V7;
! 122:
! 123: /*
! 124: * Version 7 Flow Record Format
! 125: */
! 126: typedef struct cnf_data_v7 {
! 127: u_int32_t src_addr; /* source IP address */
! 128: u_int32_t dst_addr; /* destination IP address */
! 129: u_int32_t nexthop; /* next hop router's IP address */
! 130: u_int16_t ifin; /* input interface's SNMP index */
! 131: u_int16_t ifout; /* output interface's SNMP index */
! 132: u_int32_t dpkts; /* packets in the flow */
! 133: u_int32_t doctets; /* total number of L3 bytes */
! 134: u_int32_t firsttime; /* sysuptime at start of flow */
! 135: u_int32_t lasttime; /* sysuptime at last packet of flow */
! 136: u_int16_t src_port; /* source port number */
! 137: u_int16_t dst_port; /* destination port number */
! 138: u_int8_t pad1; /* unused (zero) byte */
! 139: u_int8_t flags; /* cumulative OR of TCP flags */
! 140: u_int8_t proto; /* IP protocol */
! 141: u_int8_t tos; /* type of service */
! 142: u_int32_t src_as; /* AS of the source (origin of peer) */
! 143: u_int32_t dst_as; /* AS of the destination */
! 144: u_int8_t src_mask; /* source address prefix mask bits */
! 145: u_int8_t dst_mask; /* dest address prefix mask bits */
! 146: u_int16_t pad2; /* unused (zero) bytes */
! 147: u_int32_t router_sc; /* router which is shortcut by switch */
! 148: } CNF_DATA_V7;
! 149:
! 150: struct pcap_handler;
! 151: int cisco_netflow_init(struct pcap_handler **ph_list, int port);
! 152:
! 153: #endif /* !_CISCO_NETFLOW_H_ */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>