Time stamps, flow durations, false-index, unique flow_sequence counte…

…r all working

README.md

@@ -33,25 +33,23 @@ Go build will leave a binary in the root directory that can be run.
 
 ### RUN
 
-Feed it the target collector and port:
+Feed it the target collector and port, and optional "false-index" flag:
 
-	./nflow-generator -t <ip> -p <port>
-
-Or (this doesn't always work - the previous command did work)
-
-	go run nflow-generator.go nflow_logger.go nflow_data.go  -t 172.16.86.138 -p 9995
+	./nflow-generator -t <ip> -p <port> [ -f | --false-index ]
 
 ### Update - May 2017
 
-The original mock netflow generator placed random values in several fields which confused certain netflow collectors.
-Those collectors complained about inaccurate time stamps, 
+The original mock netflow generator placed random values in several fields which confused 
+certain netflow collectors that complained about inaccurate time stamps, 
 and were confused by the random values sent in the input and output interface fields. This update:
 
 * Sets the `SysUptime`, `unix_secs`, and `unix_nsecs` fields of the Netflow datagrams to sensible (UTC) values
 * Generates a unique `flow_sequence` value for each netflow datagram
 * Creates reasonable start/stop times for flows, so the First is set to (now-X) and Last to (now-Y), where X & Y are random times, and X > Y.
-* Sets the interface indexes to 1 or 2 - based on this algorithm. 
+* If the --false-index (-f) flag is set on the command line, 
+use this algorithm to set the interface indexes to 1 or 2:
 If the source address > dest address, input interface is set to 1, and set to 2 otherwise,
 and the output interface is set to the opposite value.
+If the -f is missing, both snmp interface indexes will be set to 0. [Default]
 
-To learn more about Netflow version 5 datagram formats, see the [Cisco Netflow documentation](http://www.cisco.com/c/en/us/td/docs/net_mgmt/netflow_collection_engine/3-6/user/guide/format.html)
+To learn more about Netflow version 5 datagram formats, see the [Cisco Netflow documentation](http://www.cisco.com/c/en/us/td/docs/net_mgmt/netflow_collection_engine/3-6/user/guide/format.html)

nflow-generator.go

@@ -35,7 +35,8 @@ var opts struct {
 	CollectorIP   string `short:"t" long:"target" description:"target ip address of the netflow collector"`
 	CollectorPort string `short:"p" long:"port" description:"port number of the target netflow collector"`
 	SpikeProto    string `short:"s" long:"spike" description:"run a second thread generating a spike for the specified protocol"`
-	Help          bool   `short:"h" long:"help" description:"show nflow-generator help"`
+    FalseIndex    bool   `short:"f" long:"false-index" description:"generate false SNMP interface indexes, otherwise set to 0"`
+    Help          bool   `short:"h" long:"help" description:"show nflow-generator help"`
 }
 
 func main() {
@@ -107,6 +108,9 @@ func showUsage() {
 Usage:
   main [OPTIONS] [collector IP address] [collector port number]
 
+  Send mock Netflow version 5 data to designated collector IP & port.
+  Time stamps in all datagrams are set to UTC.
+
 Application Options:
   -t, --target= target ip address of the netflow collector
   -p, --port=   port number of the target netflow collector
@@ -124,14 +128,23 @@ Application Options:
         https_alt - generates tcp/8080
         p2p - generates udp/6681
         bittorrent - generates udp/6682
+  -f, --false-index generate false snmp index values of 1 or 2: If the source address > dest address, input interface is set to 1, and set to 2 otherwise,
+and the output interface is set to the opposite value. Default in and out interface is 0. (Optional)
+
+Example Usage:
 
-Example:
-    -generate default flows:
-    ./nflow-generator.go -t 172.16.86.138 -p 9995
+    -first build from source (one time)
+    go build   
+
+    -generate default flows to device 172.16.86.138, port 9995
+    ./nflow-generator -t 172.16.86.138 -p 9995 
 
     -generate default flows along with a spike in the specified protocol:
     ./nflow-generator -t 172.16.86.138 -p 9995 -s ssh
 
+    -generate default flows with "false index" settings for snmp interfaces 
+    ./nflow-generator -t 172.16.86.138 -p 9995 -f
+
 Help Options:
   -h, --help    Show this help message
   `