Section: Maintenance Commands (8)Updated: 24 November 2004Local indexUp
NAME
flowprobe - libpcap traffic collector and NetFlow packets originator
for NeTAMS project.
SYNOPSIS
flowprobe {options}
DESCRIPTION
Flowprobe
is a part of NeTAMS (Network Traffic Accounting and Monitoring Software)
project, a data source for NeTAMS daemon. It listens an ethernet interface
(PCAP library, like tcpdump) and collects accconting data. Every N seconds it
exports this data as NetFlow v5 UDP packet to any collector, for example
NeTAMS daemon with "data-source netflow" enabled.
OPTIONS
-h
print help screen and exit
-q
quiet output
-d
turn debugging on
-e export_to
IP address to export flows to, A.B.C.D:XXXX, where XXXX is remote port number
(default is 20001)
-r rule
libpcap rule to capture packets
-i interface
network interface to listen
-1 active_timeout
active flow timeout (sec.), default is 600
-2 inactive_timeout
inactive flow timeout (sec.), default is 60
SYSTEM REQUIREMENTS
libpcap library and header file pcap.h must present in your system
EXAMPLE
flowprobe -d -e 1.2.3.4:1000 -r ip -i eth0 -1 200 -2 20
Exporting to: 1.2.3.4:1000
Interface: eth0
Rule: ip
Active timeout: 200 seconds
Inact timeout: 20 seconds
Libpcap: ethernet interface