Skip to content

Commit

Permalink
Fix up times and snmp interface before sending flow record
Browse files Browse the repository at this point in the history
  • Loading branch information
@richb-hanover
richb-hanover committed May 29, 2017
1 parent 336748e commit 8d29b45
Showing 1 changed file with 35 additions and 1 deletion.
36 changes: 35 additions & 1 deletion nflow_payload.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,7 @@ func CreateNFlowHeader(recordCount int) NetflowHeader {
t := time.Now().UnixNano()
sec := t / int64(time.Second)
nsec := t - sec*int64(time.Second)
sysUptime = uint32((t-StartTime) / int64(time.Millisecond))
sysUptime = uint32((t-StartTime) / int64(time.Millisecond))+1000
flowSequence++

// log.Infof("Time: %d; Seconds: %d; Nanoseconds: %d\n", t, sec, nsec)
Expand Down Expand Up @@ -194,6 +194,7 @@ func CreateIcmpFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -217,6 +218,7 @@ func CreateHttpFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -240,6 +242,7 @@ func CreateSnmpFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -262,6 +265,7 @@ func CreateFTPFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -285,6 +289,7 @@ func CreateNtpFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(32)
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -309,6 +314,7 @@ func CreateP2pFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(32)
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -334,6 +340,7 @@ func CreateBitorrentFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(32)
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -359,6 +366,7 @@ func CreateSshFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -384,6 +392,7 @@ func CreateHttpsFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -409,6 +418,7 @@ func CreateHttpAltFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -434,6 +444,7 @@ func CreateDnsFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -459,6 +470,7 @@ func CreateImapsFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -484,6 +496,7 @@ func CreateMySqlFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

Expand All @@ -509,6 +522,27 @@ func CreateRandomFlow() NetflowPayload {
payload.SrcPrefixMask = uint8(rand.Intn(32))
payload.DstPrefixMask = uint8(rand.Intn(32))
payload.Padding2 = 0
FixIFTimes(payload)
return *payload
}

// patch up the SnmpInIndex and SnmpOutIndex, and the start/end times for the flows
func FixIFTimes(payload *NetflowPayload) NetflowPayload {

if payload.SrcIP > payload.DstIP {
payload.SnmpInIndex = 1
payload.SnmpOutIndex = 2
} else {
payload.SnmpInIndex = 2
payload.SnmpOutIndex = 1
}
uptime := int(sysUptime)
payload.SysUptimeEnd = uint32(uptime - randomNum(10,500))
payload.SysUptimeStart = payload.SysUptimeEnd - uint32(randomNum(10,500))

// log.Infof("S&D : %x %x %d, %d", payload.SrcIP, payload.DstIP, payload.DstPort, payload.SnmpInIndex)
// log.Infof("Time: %d %d %d", sysUptime, payload.SysUptimeStart, payload.SysUptimeEnd)

return *payload
}

Expand Down

0 comments on commit 8d29b45

Please sign in to comment.