[BACK]Return to cisco_netflow.h CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / trafshow
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / trafshow / cisco_netflow.h
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 16:55:18 2012 UTC (12 years, 4 months ago) by misho
Branches: trafshow, MAIN
CVS tags: v5_2_3p0, v5_2_3, HEAD
trafshow

    1: /*
    2:  *	Copyright (c) 2003 Rinet Corp., Novosibirsk, Russia
    3:  *
    4:  * Redistribution and use in source forms, with and without modification,
    5:  * are permitted provided that this entire comment appears intact.
    6:  *
    7:  * THIS SOURCE CODE IS PROVIDED ``AS IS'' WITHOUT ANY WARRANTIES OF ANY KIND.
    8:  */
    9: 
   10: #ifndef	_CISCO_NETFLOW_H_
   11: #define	_CISCO_NETFLOW_H_
   12: 
   13: #include <sys/types.h>
   14: 
   15: #define	CNF_PORT	9995	/* collector UDP port by default */
   16: 
   17: /*
   18:  * Cisco Netflow packets format
   19: 
   20:  */
   21: /*
   22:  * Version 1 Header Format
   23:  */
   24: typedef	struct cnf_hdr_v1 {
   25: 	u_int16_t	version;	/* version number=1 */
   26: 	u_int16_t	counter;	/* number of exported flows (1-24) */
   27: 	u_int32_t	sysuptime;	/* milliseconds since router booted */
   28: 	u_int32_t	unix_secs;	/* current seconds since UTC */
   29: 	u_int32_t	unix_nsecs;	/* current nanoseconds since UTC */
   30: } CNF_HDR_V1;
   31: 
   32: /*
   33:  * Version 1 Flow Record Format
   34:  */
   35: typedef	struct cnf_data_v1 {
   36: 	u_int32_t	src_addr;	/* source IP address */
   37: 	u_int32_t	dst_addr;	/* destination IP address */
   38: 	u_int32_t	nexthop;	/* next hop router's IP address */
   39: 	u_int16_t	ifin;		/* input interface's SNMP index */
   40: 	u_int16_t	ifout;		/* output interface's SNMP index */
   41: 	u_int32_t	dpkts;		/* packets in the flow */
   42: 	u_int32_t	doctets;	/* total number of L3 bytes */
   43: 	u_int32_t	firsttime;	/* sysuptime at start of flow */
   44: 	u_int32_t	lasttime;	/* sysuptime at last packet of flow */
   45: 	u_int16_t	src_port;	/* source port number */
   46: 	u_int16_t	dst_port;	/* destination port number */
   47: 	u_int16_t	pad1;		/* unused (zero) bytes */
   48: 	u_int8_t	proto;		/* IP protocol */
   49: 	u_int8_t	tos;		/* type of service */
   50: 	u_int8_t	flags;		/* cumulative OR of TCP flags */
   51: 	u_int8_t	tcp_retx_cnt;	/* Number of mis-sequenced packets with delay >1sec */
   52: 	u_int8_t	tcp_retx_secs;	/* Cumulative seconds between mis-sequenced packets */
   53: 	u_int8_t	tcp_misseq_cnt;	/* Number of mis-sequenced packets seen */
   54: 	u_int8_t	reserved[4];	/* unused (zero) bytes */
   55: } CNF_DATA_V1;
   56: 
   57: /*
   58:  * Version 5 Header Format
   59:  */
   60: typedef	struct cnf_hdr_v5 {
   61: 	u_int16_t	version;	/* version number=5 */
   62: 	u_int16_t	counter;	/* number of exported flows (1-30) */
   63: 	u_int32_t	sysuptime;	/* milliseconds since router booted */
   64: 	u_int32_t	unix_secs;	/* current seconds since UTC */
   65: 	u_int32_t	unix_nsecs;	/* current nanoseconds since UTC */
   66: 	u_int32_t	sequence;	/* sequence counter of total flows seen */
   67: 	u_int8_t	engine_type;	/* switching engine type (RP,VIP) */
   68: 	u_int8_t	engine_id;	/* switching engine slot number */
   69: 	u_int16_t	sampling_interval; /* see bellow */
   70: /*
   71:  * Sampling mode and the sampling interval information.
   72:  * The first two bits of this field indicates the sampling mode:
   73:  *   00 = No sampling mode is configured
   74:  *   01 = `Packet Interval' sampling mode is configured.
   75:  *        (One of every x packet is selected and placed in the NetFlow cache).
   76:  *   10 = Reserved
   77:  *   11 = Reserved
   78:  * The remaining 14 bits hold the value of the sampling interval.
   79:  * The sampling interval can have any value in the range of 10 to 16382
   80:  * (for example, 0x000A to 0x3FFE).
   81:  */
   82: } CNF_HDR_V5;
   83: 
   84: /*
   85:  * Version 5 Flow Record Format
   86:  */
   87: typedef	struct cnf_data_v5 {
   88: 	u_int32_t	src_addr;	/* source IP address */
   89: 	u_int32_t	dst_addr;	/* destination IP address */
   90: 	u_int32_t	nexthop;	/* next hop router's IP address */
   91: 	u_int16_t	ifin;		/* input interface's SNMP index */
   92: 	u_int16_t	ifout;		/* output interface's SNMP index */
   93: 	u_int32_t	dpkts;		/* packets in the flow */
   94: 	u_int32_t	doctets;	/* total number of L3 bytes */
   95: 	u_int32_t	firsttime;	/* sysuptime at start of flow */
   96: 	u_int32_t	lasttime;	/* sysuptime at last packet of flow */
   97: 	u_int16_t	src_port;	/* source port number */
   98: 	u_int16_t	dst_port;	/* destination port number */
   99: 	u_int8_t	pad1;		/* unused (zero) byte */
  100: 	u_int8_t	flags;		/* cumulative OR of TCP flags */
  101: 	u_int8_t	proto;		/* IP protocol */
  102: 	u_int8_t	tos;		/* type of service */
  103: 	u_int16_t	src_as;		/* AS of the source (origin or peer) */
  104: 	u_int16_t	dst_as;		/* AS of the destination */
  105: 	u_int8_t	src_mask;	/* source address prefix mask bits */
  106: 	u_int8_t	dst_mask;	/* dest address prefix mask bits */
  107: 	u_int16_t	pad2;		/* unused (zero) bytes */
  108: } CNF_DATA_V5;
  109: 
  110: /*
  111:  * Version 7 Header Format
  112:  */
  113: typedef	struct cnf_hdr_v7 {
  114: 	u_int16_t	version;	/* version number=7 */
  115: 	u_int16_t	counter;	/* number of exported flows (1-27) */
  116: 	u_int32_t	sysuptime;	/* milliseconds since router booted */
  117: 	u_int32_t	unix_secs;	/* current seconds since UTC */
  118: 	u_int32_t	unix_nsecs;	/* current nanoseconds since UTC */
  119: 	u_int32_t	sequence;	/* sequence counter of total flows */
  120: 	u_int32_t	reserved;	/* unused (zero) bytes */
  121: } CNF_HDR_V7;
  122: 
  123: /*
  124:  * Version 7 Flow Record Format
  125:  */
  126: typedef	struct cnf_data_v7 {
  127: 	u_int32_t	src_addr;	/* source IP address */
  128: 	u_int32_t	dst_addr;	/* destination IP address */
  129: 	u_int32_t	nexthop;	/* next hop router's IP address */
  130: 	u_int16_t	ifin;		/* input interface's SNMP index */
  131: 	u_int16_t	ifout;		/* output interface's SNMP index */
  132: 	u_int32_t	dpkts;		/* packets in the flow */
  133: 	u_int32_t	doctets;	/* total number of L3 bytes */
  134: 	u_int32_t	firsttime;	/* sysuptime at start of flow */
  135: 	u_int32_t	lasttime;	/* sysuptime at last packet of flow */
  136: 	u_int16_t	src_port;	/* source port number */
  137: 	u_int16_t	dst_port;	/* destination port number */
  138: 	u_int8_t	pad1;		/* unused (zero) byte */
  139: 	u_int8_t	flags;		/* cumulative OR of TCP flags */
  140: 	u_int8_t	proto;		/* IP protocol */
  141: 	u_int8_t	tos;		/* type of service */
  142: 	u_int32_t	src_as;		/* AS of the source (origin of peer) */
  143: 	u_int32_t	dst_as;		/* AS of the destination */
  144: 	u_int8_t	src_mask;	/* source address prefix mask bits */
  145: 	u_int8_t	dst_mask;	/* dest address prefix mask bits */
  146: 	u_int16_t	pad2;		/* unused (zero) bytes */
  147: 	u_int32_t	router_sc;	/* router which is shortcut by switch */
  148: } CNF_DATA_V7;
  149: 
  150: struct pcap_handler;
  151: int cisco_netflow_init(struct pcap_handler **ph_list, int port);
  152: 
  153: #endif	/* !_CISCO_NETFLOW_H_ */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>