Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 31.309.852 Times

flow-tools 0.68

  Date Added: May 04, 2010  |  Visits: 913


Report Broken Link
Printer Friendly Version

Product Homepage
Download (87 downloads)

flow-tools is a set of programs for processing and managing NetFlow exports from Cisco and Juniper routers. The tools included are: flow-capture, flow-cat, flow-dscan, flow-expire, flow-export, flow-fanout, flow-filter, flow-gen, flow-header, flow-import, flow-mask, flow-merge, flow-nfilter, flow-print, flow-receive, flow-report, flow-send, flow-split, flow-stat, flow-tag, and flow-xlate. Flow data is collected and stored by default in host byte ordera nd the files are portable across every endian architectures. Commands that utilize the network use a localip/remoteip/port designation for communication. "localip" is the IP address the host will use as a source for sending or bind to when receiving NetFlow PDUs (ie the destination address of the exporter. Configuring the "localip" to 0 will force the kernel to decide what IP address to use for sending and listen on all IP addresses for receiving. "remoteip" is the destination IP address used for sending or the expected address of the source when receiving. If the "remoteip" is 0 then the application will accept flows from any source address. The "port" is the UDP port number used for sending or receiving. When using multicast addresses the localip/remoteip/port is used to represent the source, group, and port respectively. Flows are exported from a router in a number of different configurable versions. A flow is a collection of key fields and additional data. The flow key is {srcaddr, dstaddr, input, output, srcport, dstport, prot, ToS}. Flow-tools supports one export version per file. Export versions 1, 5, 6, and 7 all maintain {nexthop, dPkts, dOctets, First, Last, flags}, ie the next-hop IP address, number of packets, number of octets (bytes), start time, end time, and flags such as the TCP header bits. Version 5 adds the additional fields {src_as, dst_as, src_mask, dst_mask}, ie source AS, destination AS, source network mask, and destination network mask. Version 7 which is specific to the Catalyst switches adds in addition to the version 5 fields {router_sc}, which is the Router IP address which populates the flow cache shortcut in the Supervisor. Version 6 which is not officially supported by Cisco adds in addition to the version 5 fields {in_encaps, out_encaps, peer_nexthop}, ie the input and output interface encapsulation size, and the IP address of the next hop within the peer. Version 1 exports do not contain a sequence number and therefore should be avoided, although it is safe to store the data as version 1 if the additional fields are not used. Version 8 IOS NetFlow is a second level flow cache that reduces the data exported from the router. There are currently 11 formats, all of which provide {dFlows, dOctets, dPkts, First, Last} for the key fields. 8.1 - Source and Destination AS, Input and Output interface 8.2 - Protocol and Port 8.3 - Source Prefix and Input interface 8.4 - Destination Prefix and Output interface 8.5 - Source/Destination Prefix and Input/Output interface 8.9 - 8.1 + ToS 8.10 - 8.2 + ToS 8.11 - 8.3 + ToS 8.12 - 8.5 + ToS 8.13 - 8.2 + ToS 8.14 - 8.3 + ports + ToS Version 8 CatIOS NetFlow appears to be a less fine grained first level flow cache. 8.6 - Destination IP, ToS, Marked ToS, 8.7 - Source/Destination IP, Input/Output interface, ToS, Marked ToS, 8.8 - Source/Destination IP, Source/Destination Port, Input/Output interface, ToS, Marked ToS, The following programs are included in the flow-tools distribution. flow-capture - Collect, compress, store, and manage disk space for exported flows from a router. flow-cat - Concatenate flow files. Typically flow files will contain a small window of 5 or 15 minutes of exports. Flow-cat can be used to append files for generating reports that span longer time periods. flow-fanout - Replicate NetFlow datagrams to unicast or multicast destinations. Flow-fanout is used to facilitate multiple collectors attached to a single router. flow-report - Generate reports for NetFlow data sets. Reports include source/destination IP pairs, source/destination AS, and top talkers. Over 50 reports are currently supported. flow-tag - Tag flows based on IP address or AS #. Flow-tag is used to group flows by customer network. The tags can later be used with flow-fanout or flow-report to generate customer based traffic reports. flow-filter - Filter flows based on any of the export fields. Flow-filter is used in-line with other programs to generate reports based on flows matching filter expressions. flow-import - Import data from ASCII or cflowd format. flow-export - Export data to ASCII or cflowd format. flow-send - Send data over the network using the NetFlow protocol. flow-receive - Receive exports using the NetFlow protocol without storing to disk like flow-capture. flow-gen - Generate test data. flow-dscan - Simple tool for detecting some types of network scanning and Denial of Service attacks. flow-merge - Merge flow files in chronoligical order. flow-xlate - Perform translations on some flow fields. flow-expire - Expire flows using the same policy of flow-capture. flow-header - Display meta information in flow file. flow-split - Split flow files into smaller files based on size, time, or tags..

Requirements: No special requirements
Platforms: Linux
Keyword: Address Based On Data Destination Ip Fields Flow Flowtools Ip Address Marked Tos Netflow Networking Source Tos Used Used To
Users rating: 0/10

License: Freeware Size: 983.04 KB
Networking Tools  -  VMPS 1.3
VMPS (VLAN Management Policy Server) is a way of assigning switch ports to specific VLANs based on MAC address of connecting device. OpenVMPS is a GPL implementation of VMPS. Because it was developed based solely on infomation obtained by...
95.23 KB  
Network & Internet  -  PloneNewsLetter 2.0
PloneNewsLetter provides a product for sending newsletters based on new Plone content to an email address in TXT or HTML format. PloneNewsLetter gives you the possibility to create your custom newsletters. The newsletter is prepared for being...
112.64 KB  
Communication Tools  -  Java NNTP Server 1.0
Java realization of News Server based on Network News Transfer Protocol (via TCP/IP)It will be a bridge between data storage (some SQL DB) and News Reader (client)OS: OS independentProgramming Language: Java
12.29 KB  
Network & Internet  -  mod_access_referer 1.0.2
mod_access_referer is a module for the Apache HTTP Server that provides access control based on "Referer" HTTP header content. Why is mod_access_referer useful? Basically, it allow or deny the access based on what page is shown in the Web...
10.24 KB  
Database Tools  -  PHP - REPGEN for Scripts 0.44
This program generates PDF-reports based on data, created by an SQL-statement.It consists of two parts:- The HTML-Definition of the report- and the print-machine, which creates the PDF-printout.This program is based on PHP 4.05, mysql 3.23 or ODBC...
348.16 KB  
Graphs and Charts  -  DynaGraph for Scripts 0.2a-1
DynaGraph creates dynamic graphs based on data selected from a database query. Using PHP, DynaGraph accesses a MySQL database, and uses the results to plot information to a bar graph in the GIF format, using gd library.
10 KB  
Graphs and Charts  -  DynaGraph Script 0.2a-1
DynaGraph creates dynamic graphs based on data selected from a database query. Using PHP, DynaGraph accesses a MySQL database, and uses the results to plot information to a bar graph in the GIF format, using gd library.
10 KB  
Networking Tools  -  qrwho 0.8.1
qrwho is a graphical frontend for rwho/rwhod based on Qt. qrwho has a very simple user interface and can be used to show the users currently logged in and the average loads of the hosts in the network . The usage is very simple, a left mouse...
67.58 KB  
Utilities  -  Arudius Linux LiveCD 0.5
Arudius is a live CD Linux distribution based on Minislack (Zenwalk) and Slaxs Linux Live scripts. It contains an extensive set of software tools used by IT security professionals for penetration testing and vulnerability analysis. Its goal is...
206 MB  
Code Management Tools  -  Delphi Yacc & Lex 1.4
Delphi Yacc & Lex is a parser generator toolset for Delphi and Kylix, based on Turbo Pascal Lex and Yacc version 4.1. The primary goal of Delphi Yacc & Lex is to clean up the code, and improve compatibility and maintainability. The project...
215.04 KB  
Network & Internet  -  Free WiFi Hotspot 3.3.1
Free WiFi Hotspot is a super easy solution to turn your laptop or notebook into a portable Wi-Fi hotspot, wirelessly sharing your internet connections like DSL, Cable, Bluetooth, Mobile Broadband Card, Dial-Up, etc. through the built-in wireless...
1.04 MB  
Network & Internet  -  Easy Uploads 1.8
Easy uploads is a file storage media streaming application designed by Filestreamers that allows you to upload, store, and stream your files from their virtually unlimited file storage server. Easy Uploads can backup,share, and stream your files...
615.97 KB  
Network & Internet  -  IPv6 CARE 3.2b
IPv6 CARE, "IPv6 Compliant Automatic Runtime Environment", is a Linux tool able to patch ipv6-agnostic programs on-the-fly ('patch' mode). It can also generate a diagnosis about the IPv6 compliance of an application ('check' mode).
409.6 KB  
Network & Internet  -  PacketFence ZEN 3.1.0
PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system. Boosting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X...
1024 MB  
Network & Internet  -  django-dbstorage 1.3
A Django file storage backend for files in the database.
10.24 KB  
Networking Tools  -  gvrpad 0.1
gvrpad is a daemon that makes GVRP announcements of all VLAN interfaces on a FreeBSD system. GVRP is the GARP VLAN Registration Protocol, defined in IEEE 802.1Q (VLANS); GARP is the Generic Attribute Registration Protocol, defined in 802.1D...
15.36 KB  
Networking Tools  -  Cheops 0.61
Cheops is an Open Source Network User Interface. It is designed to be the network equivalent of a swiss-army knife, unifying your network utilities. Cheops is for the network what a file manager is for your filesystem..
317.44 KB  
Networking Tools  -  dynacc 0.5.0
Dynacc aims to be a Pakage which gives you control other your Internet Connection. It runs a linux router/host which provides MASQ services and HTTP proxying for a LAN. It gives you the Power to define users/groups which are allowed to make...
122.88 KB  
Networking Tools  -  ssh tunnel on demand 1.0
ssh tunnel on demand provides a script that creates an SSH tunnel on demand. ssh tunnel on demand is a script that makes it possible for a user to create an SSH tunnel to a server and connect to it without needing an account on the box or any...
13.31 KB  
Networking Tools  -  strongSwan 4.1.5
strongSwan is an OpenSource IPsec implementation for the Linux operating system. strongSwan is an OpenSource IPsec implementation for the Linux operating system. In order to have a stable IPsec platform to base our future extensions of the X.509...
1.7 MB