tgoodyear / flowd Goto Github PK

Automatically exported from code.google.com/p/flowd

License: Other

XS 1.46% Perl 2.68% C 84.24% Perl 6 0.12% Shell 2.78% Yacc 7.81% Python 0.92%

flowd's Introduction

This is flowd, a NetFlow collector daemon intended to be small, fast and
secure. It works well with hardware flow probes (e.g. routers) softflowd[1],
pfflowd[2], and other software agents that export NetFlow v.1, v.5, v.7 or 
v.9 datagrams.

It features some basic filtering to limit or tag the flows that are
recorded and is privilege separated, to limit security exposure from
bugs in flowd itself. Flowd is IPv6 capable - supporting flow export via
IPv6 transport and NetFlow v.9 IPv6 flow records. It also supports reception
of flow datagrams sent to multicast groups, allowing one to build redundant 
flow gathering systems.

flowd does not try to do anything beyond accepting NetFlow packets and 
writing them to disk. In particular, it does not do any analysis and it
doesn't support storage into SQL databases. These tasks are left (in 
typical Unix fashion) to separate programs. Some example tools (including 
one to store flows in a SQL database) are provided in the tools/ directory.

At present, flowd is considered stable enough for production deployment. 
Some more features are planned before the 1.0 release (see the TODO file 
if you want to help), but everything that is documented should be working 
now. Please report any problems to [email protected]. Bugs may also be reported
using the Bugzilla at http://bugzilla.mindrot.org/

flowd stores records on disk in a compact binary format, see store.h
for a specification in the form of a C header file. Perl, Python and C
APIs are provided to managing the log files that flowd creates. Example 
applications are flowd-reader.c, reader.pl and reader.py. More useful 
applications live in the tools/ directory, please refer to the 
tools/README.tools file for an explanation of what they are. These example
apps will require that the relevant Perl/Python modules are installed as 
described in the INSTALL document.

This on-disk format is a parametised format capable of storing a
superset of NetFlow v.5, including the most common records from NetFlow
v.9. Exactly which components of the NetFlow records actually get
written to disk may be specified at runtime, so the logs can be made
quite compact by excluding information that is uninteresting to you.
An optional, per-record CRC32 checksum is provided to detect log
corruption. Efforts are made to ensure that flows are written atomically
to disk, and backed out when a write fails.

At present, flowd supports NetFlow v.1, v.5, v.7 and v.9 packet formats
over both IPv4 and IPv6 transports. Future plans include sflow and IETF
IPFIX protocol support (when it is finalised). See the TODO file in
this distribution for more information (and more interesting projects if
you are a prospective developer)

flowd is tested on OpenBSD and Linux. It may work on other platforms,
but will likely need some adjusting. Please refer to the PLATFORMS file
for detailed notes on platform support and testing.

Large parts of this code have been shamelessly taken from OpenBSD, in
particular bgpd (the configuration parser) and OpenSSH (the privsep
fd passing and CRC32 code), sudo and libc. All of this code is under
BSD-like licenses, but read the LICENSE file for details.

Damien Miller <[email protected]>

$Id$

flowd's People

Contributors

Watchers

flowd's Issues

installation guide

Hi, 

I am so interested on this software, I already downloaded the software. Could 
anyone send me a file on how to install and use the software, please. Thank you.

Original issue reported on code.google.com by [email protected] on 29 Jun 2014 at 6:13

configure script errors out on OpenBSD 4.8

What steps will reproduce the problem?
1. export AUTOCONF_VERSION="2.65"
2. autoreconf
3. ./configure

What is the expected output? What do you see instead?
Makefiles is the expected output, but this is what I see:

checking for u_int8_t... yes
checking for int8_t... yes
checking for uint8_t... yes
checking for u_int... yes
checking size of char... 1
checking size of unsigned char... 1
checking size of short int... 2
checking size of unsigned short int... 2
checking size of int... 4
checking size of unsigned int... 4
checking size of long int... 8
checking size of unsigned long int... 8
checking size of long long int... 8
checking size of unsigned long long int... 8
checking size of sa_family_t... 1
checking for /proc/pid/fd directory... no
checking for msg_accrights field in struct msghdr... no
checking for msg_control field in struct msghdr... yes
checking if libc defines __progname... yes
configure: error: No 8-bit unsigned int type found



What version of the product are you using? On what operating system?
Got the latest clone from mercurial repository
OpenBSD 4.8


Please provide any additional information below.

Original issue reported on code.google.com by [email protected] on 19 Jul 2011 at 6:29

Compile error

Running FreeBSD
FreeBSD nms 9.2-RELEASE FreeBSD 9.2-RELEASE #0 r255898: Thu Sep 26 22:50:31 UTC 
2013     [email protected]:/usr/obj/usr/src/sys/GENERIC  amd64

gcc -g -O2 -fPIC -c flowd.c
flowd.c: In function 'usage':
flowd.c:1382: error: 'PROGVER' undeclared (first use in this function)
flowd.c:1382: error: (Each undeclared identifier is reported only once
flowd.c:1382: error: for each function it appears in.)
flowd.c:1387: error: 'SYSCONFDIR' undeclared (first use in this function)
flowd.c:1387: error: expected ')' before string constant
flowd.c: In function 'main':
flowd.c:1397: error: 'SYSCONFDIR' undeclared (first use in this function)
flowd.c:1397: error: expected ',' or ';' before string constant
*** [flowd.o] Error code 1

Original issue reported on code.google.com by [email protected] on 28 Jan 2014 at 7:00

Attachments:

64bit redhat6 installation error

When build flowd on 64bits redhat6, using command rpmbuild -ba flowd.spec, I 
got loads of warnings and errors as you may find in the bottom, can you please 
confirm that the source code can be build on 64bits redhat6?
Thank you very much!
Shao

FIG_H  -c -o store-v2.o store-v2.c
store-v2.c: In function 'store_v2_flow_convert':
store-v2.c:537: warning: declaration of '__v' shadows a previous local
store-v2.c:537: warning: shadowed declaration is here
store-v2.c:537: warning: declaration of '__x' shadows a previous local
store-v2.c:537: warning: shadowed declaration is here
store-v2.c:538: warning: declaration of '__v' shadows a previous local
store-v2.c:538: warning: shadowed declaration is here
store-v2.c:538: warning: declaration of '__x' shadows a previous local
store-v2.c:538: warning: shadowed declaration is here
store-v2.c:546: warning: declaration of '__v' shadows a previous local
store-v2.c:546: warning: shadowed declaration is here
store-v2.c:546: warning: declaration of '__x' shadows a previous local
store-v2.c:546: warning: shadowed declaration is here
store-v2.c:547: warning: declaration of '__v' shadows a previous local
store-v2.c:547: warning: shadowed declaration is here
store-v2.c:547: warning: declaration of '__x' shadows a previous local
store-v2.c:547: warning: shadowed declaration is here
gcc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector 
--param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC -D_GNU_SOURCE -Wall 
-Waggregate-return -Wcast-align -Wcast-qual -Wmissing-declarations 
-Wmissing-prototypes -Wno-conversion -Wpointer-arith -Wshadow -Wuninitialized 
-Wcast-align -Wcast-qual -Wformat=2 -Wformat-nonliteral -Wwrite-strings -I.  
-DSYSCONFDIR="\"/etc\"" -DPIDFILEDIR="\"/var/run\"" -DPROGVER="\"0.9.1\"" 
-DHAVE_CONFIG_H  -c -o crc32.o crc32.c
gcc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector 
--param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC -D_GNU_SOURCE -Wall 
-Waggregate-return -Wcast-align -Wcast-qual -Wmissing-declarations 
-Wmissing-prototypes -Wno-conversion -Wpointer-arith -Wshadow -Wuninitialized 
-Wcast-align -Wcast-qual -Wformat=2 -Wformat-nonliteral -Wwrite-strings -I.  
-DSYSCONFDIR="\"/etc\"" -DPIDFILEDIR="\"/var/run\"" -DPROGVER="\"0.9.1\"" 
-DHAVE_CONFIG_H  -c -o strlcpy.o strlcpy.c
gcc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector 
--param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC -D_GNU_SOURCE -Wall 
-Waggregate-return -Wcast-align -Wcast-qual -Wmissing-declarations 
-Wmissing-prototypes -Wno-conversion -Wpointer-arith -Wshadow -Wuninitialized 
-Wcast-align -Wcast-qual -Wformat=2 -Wformat-nonliteral -Wwrite-strings -I.  
-DSYSCONFDIR="\"/etc\"" -DPIDFILEDIR="\"/var/run\"" -DPROGVER="\"0.9.1\"" 
-DHAVE_CONFIG_H  -c -o strlcat.o strlcat.c
ar rv libflowd.a atomicio.o addr.o store.o store-v2.o crc32.o strlcpy.o 
strlcat.o
ar: creating libflowd.a
a - atomicio.o
a - addr.o
a - store.o
a - store-v2.o
a - crc32.o
a - strlcpy.o
a - strlcat.o
ranlib libflowd.a
gcc  -L. -o flowd flowd.o privsep_fdpass.o privsep.o filter.o parse.o log.o 
daemon.o peer.o closefrom.o setproctitle.o -lflowd 
gcc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector 
--param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC -D_GNU_SOURCE -Wall 
-Waggregate-return -Wcast-align -Wcast-qual -Wmissing-declarations 
-Wmissing-prototypes -Wno-conversion -Wpointer-arith -Wshadow -Wuninitialized 
-Wcast-align -Wcast-qual -Wformat=2 -Wformat-nonliteral -Wwrite-strings -I.  
-DSYSCONFDIR="\"/etc\"" -DPIDFILEDIR="\"/var/run\"" -DPROGVER="\"0.9.1\"" 
-DHAVE_CONFIG_H  -c -o flowd-reader.o flowd-reader.c
gcc  -L. -o flowd-reader flowd-reader.o parse.o log.o filter.o libflowd.a 
+ ./setup.py build
running build
running build_ext
building 'flowd' extension
creating build
creating build/temp.linux-x86_64-2.6
gcc -pthread -DNDEBUG -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions 
-fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -D_GNU_SOURCE 
-fPIC -fwrapv -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions 
-fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic -fPIC 
-DPROGVER="0.9.1" -I/usr/include/python2.6 -c flowd_python.c -o 
build/temp.linux-x86_64-2.6/flowd_python.o
flowd_python.c:17:20: error: Python.h: No such file or directory
flowd_python.c:19:26: error: structmember.h: No such file or directory
In file included from flowd_python.c:20:
store.h:266: error: expected ')' before '*' token
store.h:268: error: expected ')' before '*' token
flowd_python.c:26: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'initflowd'
flowd_python.c:36: error: expected specifier-qualifier-list before 
'PyObject_HEAD'
flowd_python.c:47: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'Flow_Type'
flowd_python.c: In function 'newFlowObject':
flowd_python.c:54: warning: implicit declaration of function 'PyObject_New'
flowd_python.c:54: error: expected expression before 'FlowObject'
flowd_python.c:58: error: 'FlowObject' has no member named 'user_attr'
flowd_python.c:58: warning: implicit declaration of function 'PyDict_New'
flowd_python.c:60: error: 'FlowObject' has no member named 'octets'
flowd_python.c:60: error: 'Py_None' undeclared (first use in this function)
flowd_python.c:60: error: (Each undeclared identifier is reported only once
flowd_python.c:60: error: for each function it appears in.)
flowd_python.c:61: warning: implicit declaration of function 'Py_INCREF'
flowd_python.c:62: error: 'FlowObject' has no member named 'packets'
flowd_python.c:64: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:66: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:68: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:70: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:73: error: 'FlowObject' has no member named 'flow'
flowd_python.c:73: error: 'FlowObject' has no member named 'flow'
flowd_python.c:75: error: 'FlowObject' has no member named 'user_attr'
flowd_python.c:77: warning: implicit declaration of function 'Py_XDECREF'
flowd_python.c: In function 'newFlowObject_from_flow':
flowd_python.c:94: error: expected expression before 'FlowObject'
flowd_python.c:98: error: 'FlowObject' has no member named 'user_attr'
flowd_python.c:99: error: 'FlowObject' has no member named 'octets'
flowd_python.c:100: error: 'FlowObject' has no member named 'packets'
flowd_python.c:102: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:102: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:103: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:103: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:104: warning: implicit declaration of function 'memcpy'
flowd_python.c:104: warning: incompatible implicit declaration of built-in 
function 'memcpy'
flowd_python.c:104: error: 'FlowObject' has no member named 'flow'
flowd_python.c:104: error: 'FlowObject' has no member named 'flow'
flowd_python.c:106: error: 'FlowObject' has no member named 'flow'
flowd_python.c:119: error: 'FlowObject' has no member named 'flow'
flowd_python.c:119: error: 'FlowObject' has no member named 'flow'
flowd_python.c:119: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:119: warning: implicit declaration of function 
'PyString_FromString'
flowd_python.c:119: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:119: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:119: error: 'Py_None' undeclared (first use in this function)
flowd_python.c:120: error: 'FlowObject' has no member named 'flow'
flowd_python.c:120: error: 'FlowObject' has no member named 'flow'
flowd_python.c:120: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:120: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:120: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:121: error: 'FlowObject' has no member named 'flow'
flowd_python.c:121: error: 'FlowObject' has no member named 'flow'
flowd_python.c:121: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:121: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:121: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:122: error: 'FlowObject' has no member named 'flow'
flowd_python.c:122: error: 'FlowObject' has no member named 'flow'
flowd_python.c:122: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:122: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:122: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:125: error: 'FlowObject' has no member named 'flow'
flowd_python.c:126: error: 'FlowObject' has no member named 'octets'
flowd_python.c:126: warning: implicit declaration of function 
'PyLong_FromUnsignedLongLong'
flowd_python.c:127: error: 'FlowObject' has no member named 'flow'
flowd_python.c:129: error: 'FlowObject' has no member named 'octets'
flowd_python.c:132: error: 'FlowObject' has no member named 'flow'
flowd_python.c:133: error: 'FlowObject' has no member named 'packets'
flowd_python.c:134: error: 'FlowObject' has no member named 'flow'
flowd_python.c:136: error: 'FlowObject' has no member named 'packets'
flowd_python.c:140: error: 'FlowObject' has no member named 'user_attr'
flowd_python.c:142: error: 'FlowObject' has no member named 'user_attr'
flowd_python.c:142: error: 'FlowObject' has no member named 'octets'
flowd_python.c:143: error: 'FlowObject' has no member named 'packets'
flowd_python.c: At top level:
flowd_python.c:153: error: expected ')' before '*' token
flowd_python.c: In function 'flowobj_normalise':
flowd_python.c:173: error: 'FlowObject' has no member named 'octets'
flowd_python.c:173: error: 'FlowObject' has no member named 'octets'
flowd_python.c:173: error: 'Py_None' undeclared (first use in this function)
flowd_python.c:174: warning: implicit declaration of function 'object_to_u64'
flowd_python.c:174: error: 'FlowObject' has no member named 'octets'
flowd_python.c:175: error: 'FlowObject' has no member named 'flow'
flowd_python.c:176: warning: implicit declaration of function 'PyErr_SetString'
flowd_python.c:176: error: 'PyExc_TypeError' undeclared (first use in this 
function)
flowd_python.c:180: error: 'FlowObject' has no member named 'flow'
flowd_python.c:182: error: 'FlowObject' has no member named 'flow'
flowd_python.c:184: error: 'FlowObject' has no member named 'packets'
flowd_python.c:184: error: 'FlowObject' has no member named 'packets'
flowd_python.c:185: error: 'FlowObject' has no member named 'packets'
flowd_python.c:186: error: 'FlowObject' has no member named 'flow'
flowd_python.c:191: error: 'FlowObject' has no member named 'flow'
flowd_python.c:193: error: 'FlowObject' has no member named 'flow'
flowd_python.c:209: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:209: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:209: warning: implicit declaration of function 
'PyString_AsString'
flowd_python.c:209: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:209: error: 'FlowObject' has no member named 'flow'
flowd_python.c:209: error: 'FlowObject' has no member named 'flow'
flowd_python.c:209: error: 'PyExc_ValueError' undeclared (first use in this 
function)
flowd_python.c:209: error: 'FlowObject' has no member named 'flow'
flowd_python.c:210: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:210: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:210: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:210: error: 'FlowObject' has no member named 'flow'
flowd_python.c:210: error: 'FlowObject' has no member named 'flow'
flowd_python.c:210: error: 'FlowObject' has no member named 'flow'
flowd_python.c:211: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:211: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:211: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:211: error: 'FlowObject' has no member named 'flow'
flowd_python.c:211: error: 'FlowObject' has no member named 'flow'
flowd_python.c:211: error: 'FlowObject' has no member named 'flow'
flowd_python.c:212: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:212: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:212: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:212: error: 'FlowObject' has no member named 'flow'
flowd_python.c:212: error: 'FlowObject' has no member named 'flow'
flowd_python.c:212: error: 'FlowObject' has no member named 'flow'
flowd_python.c: In function 'newFlowObject_from_blob':
flowd_python.c:231: error: 'PyExc_ValueError' undeclared (first use in this 
function)
flowd_python.c: In function 'Flow_dealloc':
flowd_python.c:243: error: 'FlowObject' has no member named 'user_attr'
flowd_python.c:244: error: 'FlowObject' has no member named 'octets'
flowd_python.c:245: error: 'FlowObject' has no member named 'packets'
flowd_python.c:246: error: 'FlowObject' has no member named 'src_addr'
flowd_python.c:247: error: 'FlowObject' has no member named 'dst_addr'
flowd_python.c:248: error: 'FlowObject' has no member named 'agent_addr'
flowd_python.c:249: error: 'FlowObject' has no member named 'gateway_addr'
flowd_python.c:250: warning: implicit declaration of function 'PyObject_Del'
flowd_python.c: At top level:
flowd_python.c:254: error: expected ')' before string constant
flowd_python.c:259: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:280: error: expected ')' before string constant
flowd_python.c:285: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:308: error: expected ')' before string constant
flowd_python.c:315: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:338: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'Flow_methods'
flowd_python.c:346: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'Flow_members'
flowd_python.c:389: error: expected ')' before string constant
flowd_python.c:391: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'Flow_Type'
flowd_python.c:441: error: expected specifier-qualifier-list before 
'PyObject_HEAD'
flowd_python.c:445: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'FlowLog_Type'
flowd_python.c: In function 'FlowLog_dealloc':
flowd_python.c:452: error: 'FlowLogObject' has no member named 'flowlog'
flowd_python.c: At top level:
flowd_python.c:457: error: expected ')' before string constant
flowd_python.c:462: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:483: error: expected ')' before string constant
flowd_python.c:488: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:518: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:524: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'FlowLog_members'
flowd_python.c:529: error: expected ')' before string constant
flowd_python.c:531: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'FlowLog_methods'
flowd_python.c:537: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'FlowLog_Type'
flowd_python.c:589: error: expected specifier-qualifier-list before 
'PyObject_HEAD'
flowd_python.c:593: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'FlowLogIter_Type'
flowd_python.c: In function 'newFlowLogIterObject':
flowd_python.c:600: error: expected expression before 'FlowLogIterObject'
flowd_python.c:604: error: 'FlowLogIterObject' has no member named 'parent'
flowd_python.c:605: warning: implicit declaration of function 'Py_XINCREF'
flowd_python.c:605: error: 'FlowLogIterObject' has no member named 'parent'
flowd_python.c: In function 'FlowLogIter_dealloc':
flowd_python.c:615: error: 'FlowLogIterObject' has no member named 'parent'
flowd_python.c: At top level:
flowd_python.c:619: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:639: error: expected ')' before string constant
flowd_python.c:641: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'FlowLogIter_Type'
flowd_python.c:691: error: expected ')' before string constant
flowd_python.c:697: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:718: error: expected ')' before string constant
flowd_python.c:723: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:743: error: expected ')' before string constant
flowd_python.c:748: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:768: error: expected ')' before string constant
flowd_python.c:774: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:789: error: expected ')' before string constant
flowd_python.c:794: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before '*' token
flowd_python.c:807: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'flowd_methods'
flowd_python.c:817: error: expected ')' before string constant
flowd_python.c:821: error: expected '=', ',', ';', 'asm' or '__attribute__' 
before 'initflowd'
error: command 'gcc' failed with exit status 1
error: Bad exit status from /var/tmp/rpm-tmp.BzP4fu (%build)


RPM build errors:
    Bad exit status from /var/tmp/rpm-tmp.BzP4fu (%build)

Original issue reported on code.google.com by [email protected] on 26 Aug 2011 at 10:15

Unexpected filter behavior from flows-reader

What steps will reproduce the problem?
Run the following filter using flowd-reader

accept dst any port 80 proto tcp

The only flows with destination port 80 should be display, however every flow 
is displayed.  Using the following filter will show the expected results.

discard quick dst any port ! 80 proto tcp


What is the expected output? What do you see instead?

Reviewing the source there is an implicit accept at the end of the filter so 
every flow will match unless the 'quick' keyword is used.  The attach diff 
changes the default filter behavior, clarifies the filter section of the man 
page.

What version of the product are you using? On what operating system?
flowd 0.9.1
OpenBSD 5.2 amd64
OpenBSD 5.3 amd64

Please provide any additional information below.


diff -r 85550dd9b2cc filter.c
--- a/filter.c  Thu Jun 21 10:30:34 2012 +1000
+++ b/filter.c  Fri Jun 21 11:54:32 2013 -0500
@@ -308,7 +308,7 @@
 u_int
 filter_flow(struct store_flow_complete *flow, struct filter_list *filter)
 {
-       u_int action = FF_ACTION_ACCEPT;
+       u_int action = FF_ACTION_DISCARD;
        struct filter_rule *fr, *last_rule;
        int i, m;

diff -r 85550dd9b2cc flowd.conf.5.in
--- a/flowd.conf.5.in   Thu Jun 21 10:30:34 2012 +1000
+++ b/flowd.conf.5.in   Fri Jun 21 11:54:32 2013 -0500
@@ -327,6 +327,11 @@
 or
 .Ar discard
 rule decides what action is taken.
+If no filters rules are speficied then an default behavior is to
+.Ar accept
+all flows.  If filter rules are used then there is an implicit
+.Ar discard
+at the end of the rules.
 .Pp
 The following actions can be used in the filter:
 .Bl -tag -width xxxxxxxx
diff -r 85550dd9b2cc parse.y
--- a/parse.y   Thu Jun 21 10:30:34 2012 +1000
+++ b/parse.y   Fri Jun 21 11:54:32 2013 -0500
@@ -1204,6 +1204,17 @@
                logit(LOG_ERR, "No listening addresses specified");
                return (-1);
        }
+       /* add explicit accept all filter if none specified to mimic previous
+        * filter behavior */
+       if (!filter_only && TAILQ_EMPTY(&conf->filter_list)) {
+               struct filter_rule      *r;
+
+               if ((r = calloc(1, sizeof(*r))) == NULL)
+                       logerrx("filterrule: calloc");
+
+               r->action.action_what = FF_ACTION_ACCEPT;
+               TAILQ_INSERT_TAIL(&conf->filter_list, r, entry);
+       }
        /* Free macros and check which have not been used. */
        for (sym = TAILQ_FIRST(&symhead); sym != NULL; sym = next) {
                next = TAILQ_NEXT(sym, entry);

Original issue reported on code.google.com by [email protected] on 21 Jun 2013 at 4:56

flowd and ASA - trouble patching

Hi, 

Collecting netflow v9 data from a CISCO ASA 5505 with flowd

When I take a look at the collected data, all values are set to 0 for the 
"octects" and "packets" fields.

I know a patch has been issued to resolved this issue so I successfully applied 
the first patch (asa_patch.diff).

I had trouble applying the second patch (asa_patch_2.diff). I get the following 
output when trying to patch the netflow.h file :
Hunk #1 FAILED at 162.
1 out of 1 hunk FAILED -- saving rejects to file

This is the content of netflow.h.rej :

--- netflow.h   Sun Oct 31 16:36:52 2010 +0000
+++ netflow.h   Wed Aug 31 09:09:01 2011 -0400
@@ -162,7 +162,10 @@
 #define NF9_ENGINE_ID                  39
 /* ... */
 #define NF9_IPV6_NEXT_HOP              62
-
+/* ... */
+//Cisco ASA Netflow
+#define NF9_ASA_NF_F_FLOW_BYTES                85
+/* ... */
+#define NF9_ASA_NF_F_FW_EVENT          40005

 #endif /* _NETFLOW_H */
-


I am using flowd 0.9.1 on CentOS 6.2

Thanks for the great collector by the way

Original issue reported on code.google.com by [email protected] on 20 Mar 2012 at 7:28

install error

i have tried to install this program on Ubuntu 11.04 
and i have the folowing problem

on the step

python setup.py build 

running install
running build
running build_ext
building 'flowd' extension
gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall 
-Wstrict-prototypes -fPIC -DPROGVER="0.9.1" -I/usr/include/python2.7 -c 
flowd_python.c -o build/temp.linux-i686-2.7/flowd_python.o
flowd_python.c:17:20: fatal error: Python.h: No such file or directory
compilation terminated.
error: command 'gcc' failed with exit status 1
kozla13@ubuntu:~/Desktop/flowd-0.9.1$ python setup.py build
running build
running build_ext
building 'flowd' extension
gcc -pthread -fno-strict-aliasing -DNDEBUG -g -fwrapv -O2 -Wall 
-Wstrict-prototypes -fPIC -DPROGVER="0.9.1" -I/usr/include/python2.7 -c 
flowd_python.c -o build/temp.linux-i686-2.7/flowd_python.o
flowd_python.c:17:20: fatal error: Python.h: No such file or directory
compilation terminated.
error: command 'gcc' failed with exit status 1




can you help my

Original issue reported on code.google.com by [email protected] on 7 May 2011 at 6:37

Running in forground with -g logs to syslog instead of stderr/stdout.

What steps will reproduce the problem?
1. Start flowd with -g.
2. Send SIGUSR2 or SIGINFO to the flowd process.

What is the expected output? What do you see instead?
Statistics info should go to stderr but they are logged to stdout.

What version of the product are you using? On what operating system?
0.9.1 on FreeBSD.

Please provide any additional information below.
It seems the loginit has the second two options swapped in privsep.c.  Here is 
a patch.

diff -r 85550dd9b2cc privsep.c
--- a/privsep.c Thu Jun 21 10:30:34 2012 +1000
+++ b/privsep.c Tue Jun 11 16:34:35 2013 -0400
@@ -1141,8 +1141,8 @@
        case -1:
                logerr("fork");
        case 0: /* Child */
-               loginit(PROGNAME, (conf->opts & FLOWD_OPT_VERBOSE),
-                   (conf->opts & FLOWD_OPT_DONT_FORK));
+               loginit(PROGNAME, (conf->opts & FLOWD_OPT_DONT_FORK),
+                   (conf->opts & FLOWD_OPT_VERBOSE));
                close(monitor_to_child_sock);

                if ((conf->opts & FLOWD_OPT_INSECURE) == 0 &&
@@ -1156,8 +1156,8 @@
                setproctitle("net");
                return;
        default: /* Parent */
-               loginit(PROGNAME, (conf->opts & FLOWD_OPT_VERBOSE),
-                   (conf->opts & FLOWD_OPT_DONT_FORK));
+               loginit(PROGNAME, (conf->opts & FLOWD_OPT_DONT_FORK),
+                   (conf->opts & FLOWD_OPT_VERBOSE));
                if ((conf->opts & FLOWD_OPT_DONT_FORK) == 0 &&
                    dup2(devnull, STDERR_FILENO) == -1)
                        logerr("dup2");

Original issue reported on code.google.com by [email protected] on 14 Jun 2013 at 5:20

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.