ANNOUNCE: vflow 0.1 beta

Module: vflow
Version: 0.1b

Description
Vflow is a ruby module similar to perl’s Cflow and python’s pyflowtool.
It provides an interface to the flow-tools library to process flow
files captured by flow-tools flow-capture program.

For example, you can print the source and destination of each flow
thusly,

require 'Vflow’
vf = Vflow.new()
vf.open(‘aflowfile’)
vf.each() { |r|
# print time srcaddr:dstport -> dstaddr:dstport
print "#{Time.at(r.unix_secs)} "
print "#{IPSocket.getaddress(r.srcaddr)}:#{r.srcport} -> "
puts “#{IPSocket.getaddress(r.dstaddr)}:#{r.dstport}”
}
vf.close()

It can be downloaded from http://ghostgun.com/software/vflow/

comments welcome.

Jeff.

jm wrote:

Module: vflow
Version: 0.1b

Description
Vflow is a ruby module similar to perl’s Cflow and python’s pyflowtool.

What are Cflow, pyflowtool, and the flow-tools library?

Thanks,

James

Flow-tools is a set of programs and a library used for processing
netflow packets from routers and switches. Netflow is a UDP based
protocol designed initially by cisco and adopted other network vendors
(after deciding it was not worth maintaining their own protocols) to
meter network traffic in a more flexible manner that is possible by
using SNMP.

see Technologies - Support Documentation - Cisco
http://www.splintered.net/sw/flow-tools/

cflow and pyflowtool provide an interface to the flow tools library for
their respective language.

see http://net.doit.wisc.edu/~plonka/Cflow/
http://www.net.informatik.tu-muenchen.de/~robin/flowtools/

Hope this helps.

Jeff.

jm wrote:

Flow-tools is a set of programs and a library used for processing
netflow packets from routers and switches.
…
Hope this helps.

Yes, thanks much!

James