Categorygithub.com/BroadBridgeNetworks/goflowd
modulepackage
0.0.0-20200704215023-41fb47dd8339
Repository: https://github.com/broadbridgenetworks/goflowd.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
22
Dependents
0
Files
5.5k SLOC

# README

goflowd

Summary

goflowd is netflow probe like softflowd. It is written by golang. goflowd uses ietf-ipfix-psamp.yang standarized in RFC6728 data model for configuration. The yang model configuraiton is acheived by using openconfig/ygot.

Execution

./goflowd -c config.json

Configuration sample

Configuration file is json based. In following sample, the packets are read from enp0s3 interface and export flow to 192.168.1.1 port 4739. In this sample, FlowKeys are sourceIPv4Address, destinationIPv4Address, protocolIdentifier, sourceTransportPort, and destinationTransportPort.

If you want to use offline pcap file instead of online capture, you need to use offlineFile": "file name" instread of ifName": [ "interface name" ].

{
    "observationPoint": [
        {
            "name": "pcap",
            "observationDomainId": 1,
             "ifName": [ "enp0s3" ],
            "direction": "ingress",
            "selectionProcess": [
                "All"
            ]
        }
    ],
    "selectionProcess": [
        {   
            "name": "All",
            "selector": [
                {
                    "name": "Select all",
                    "selectAll": [
                        null
                    ]
                }
            ],
            "cache": "Flow cache"
        }
    ],
    "cache": [
        {
            "name": "Flow cache",
            "timeoutCache": {
                "maxFlows": 4096,
                "activeTimeout": 5000,
                "idleTimeout": 10000,
                "cacheLayout": {
                    "cacheField": [
                        {
                            "name": "Field 1",
                            "ieName": "sourceIPv4Address",
                            "isFlowKey": [
                                null
                            ]
                        },
                        {
                            "name": "Field 2",
                            "ieName": "destinationIPv4Address",
                            "isFlowKey": [
                                null
                            ]
                        },
                        {
                            "name": "Field 3",
                            "ieName": "protocolIdentifier",
                            "isFlowKey": [
                                null
                            ]
                        },
                        {
                            "name": "Field 4",
                            "ieName": "sourceTransportPort",
                            "isFlowKey": [
                                null
                            ]
                        },
                        {
                            "name": "Field 5",
                            "ieName": "destinationTransportPort",
                            "isFlowKey": [
                                null
                            ]
                        },
                        {
                            "name": "Field 6",
                            "ieName": "flowStartMilliseconds"
                        },
                        {
                            "name": "Field 7",
                            "ieName": "flowEndMilliseconds"
                        },
                        {
                            "name": "Field 8",
                            "ieName": "octetDeltaCount"
                        },
                        {
                            "name": "Field 9",
                            "ieName": "packetDeltaCount"
                        }
                    ]
                }
            },
            "exportingProcess": [
                "UDP"
            ]
        }
    ],
    "exportingProcess": [
        {
            "name": "UDP",
            "destination": [
                {
                    "name": "UDP",
                    "udpExporter": {
                        "ipfixVersion": 10,
                        "destinationPort": 4739,
                        "destinationIPAddress": "192.168.1.1"
                    }
                }
            ]
        }
    ]
}

Configurable Informaiton Elements for FlowKeys

Information Element IDInformation Element Name
4protocolIdentifier
5ipClassOfService
7sourceTransportPort
8sourceIPv4Address
11destinationTransportPort
12destinationIPv4Address
27sourceIPv6Address
28destinationIPv6Address
31flowLabelIPv6
32icmpTypeCodeIPv4
54fragmentIdentification
56sourceMacAddress
57postDestinationMacAddress
58vlanId
60ipVersion
139icmpTypeCodeIPv6
176icmpTypeIPv4
177icmpCodeIPv4
178icmpTypeIPv6
179icmpCodeIPv6
180udpSourcePort
181udpDestinationPort
182tcpSourcePort
183tcpDestinationPort
193nextHeaderIPv6
195ipDiffServCodePoint
196ipPrecedence

Configurable Informaiton Elements for Non-FlowKeys for collection

Information Element IDInformation Element Name
1octetDeltaCount
2packetDeltaCount
6tcpControlBits
21flowEndSysUpTime
22flowStartSysUpTime
150flowStartSeconds
151flowEndSeconds
152flowStartMilliseconds
153flowEndMilliseconds

Functionality comparison with softflowd

softflowdgoflowd
Online packet capturesupportedsupported
Reading pcap filesupported(-r)supported
PSAMP collectorsupported(-R)TODO
NetFlow version 1 exportsupported(-v 1)TODO
NetFlow version 5 exportsupported(-v 5)supported
NetFlow version 7 exportunsupportedTODO
NetFlow version 8 exportunsupportedTODO
NetFlow version 9 exportsupported(-v 9)TODO
IPFIX exportsupported(-v 10)supported
IPv6 support(v9,IPFIX)supported(-6)supported
Bidirectioal flow exportsupported(-b)TODO
PSAMP exportsupported(-v PSAMP)TODO
ntopng direct injectionsupported(-v ntopng)TODO
Flow export on UDPsupported(-P udp)supported
Flow export on TCPsupported(-P tcp)supported
Flow export on SCTPsupported(-P sctp)TODO
Configurationunsupportedsupported
FlowKey Configurationpartially supported(-T)supported
Count-based samplingsupportedsupported
Time-based samplingunsupportedsupported

Limiation of IPFIX export in goflowd

  • SCTP is mandatory in IPFIX (RFC7011), however go's net.Dial does not support SCTP. Hence, goflowd does not support SCTP export.
  • Every packets exported by goflowd contain Template Set.
  • Option Template has not implemented.

# Functions

No description provided by the author
NewCacheFiled retruns new CacheField from common parameters IETFIpfixPsamp_Ipfix_Cache_ImmediateCache_*_CacheField struct.
No description provided by the author
Schema returns the details of the generated schema.
Unmarshal unmarshals data, which must be RFC7951 JSON format, into destStruct, which must be non-nil and the correct GoStruct type.
UnzipSchema unzips the zipped schema and returns a map of yang.Entry nodes, keyed by the name of the struct that the yang.Entry describes the schema for.

# Constants

No description provided by the author
IETFIpfixPsamp_Direction_both corresponds to the value both of IETFIpfixPsamp_Direction.
IETFIpfixPsamp_Direction_egress corresponds to the value egress of IETFIpfixPsamp_Direction.
IETFIpfixPsamp_Direction_ingress corresponds to the value ingress of IETFIpfixPsamp_Direction.
IETFIpfixPsamp_Direction_UNSET corresponds to the value UNSET of IETFIpfixPsamp_Direction.
IETFIpfixPsamp_ExportMode_fallback corresponds to the value fallback of IETFIpfixPsamp_ExportMode.
IETFIpfixPsamp_ExportMode_loadBalancing corresponds to the value loadBalancing of IETFIpfixPsamp_ExportMode.
IETFIpfixPsamp_ExportMode_parallel corresponds to the value parallel of IETFIpfixPsamp_ExportMode.
IETFIpfixPsamp_ExportMode_UNSET corresponds to the value UNSET of IETFIpfixPsamp_ExportMode.
IETFIpfixPsamp_HashFunction_BOB corresponds to the value BOB of IETFIpfixPsamp_HashFunction.
IETFIpfixPsamp_HashFunction_CRC corresponds to the value CRC of IETFIpfixPsamp_HashFunction.
IETFIpfixPsamp_HashFunction_IPSX corresponds to the value IPSX of IETFIpfixPsamp_HashFunction.
IETFIpfixPsamp_HashFunction_UNSET corresponds to the value UNSET of IETFIpfixPsamp_HashFunction.
IETFIpfixPsamp_OptionsType_accuracy corresponds to the value accuracy of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_exportingReliability corresponds to the value exportingReliability of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_extendedTypeInformation corresponds to the value extendedTypeInformation of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_flowKeys corresponds to the value flowKeys of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_meteringReliability corresponds to the value meteringReliability of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_meteringStatistics corresponds to the value meteringStatistics of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_reducingRedundancy corresponds to the value reducingRedundancy of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_selectionSequence corresponds to the value selectionSequence of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_selectionStatistics corresponds to the value selectionStatistics of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_OptionsType_UNSET corresponds to the value UNSET of IETFIpfixPsamp_OptionsType.
IETFIpfixPsamp_TransportSessionStatus_active corresponds to the value active of IETFIpfixPsamp_TransportSessionStatus.
IETFIpfixPsamp_TransportSessionStatus_inactive corresponds to the value inactive of IETFIpfixPsamp_TransportSessionStatus.
IETFIpfixPsamp_TransportSessionStatus_unknown corresponds to the value unknown of IETFIpfixPsamp_TransportSessionStatus.
IETFIpfixPsamp_TransportSessionStatus_UNSET corresponds to the value UNSET of IETFIpfixPsamp_TransportSessionStatus.
No description provided by the author
Information Element List.
Information Element List.
No description provided by the author
No description provided by the author
Information Element List.

# Variables

No description provided by the author
ΛEnum is a map, keyed by the name of the type defined for each enum in the generated Go code, which provides a mapping between the constant int64 value of each value of the enumeration, and the string that is used to represent it in the YANG schema.
ΛEnumTypes is a map, keyed by a YANG schema path, of the enumerated types that correspond with the leaf.

# Structs

No description provided by the author
cache field is a type to store real entity for cacheField configuration.
No description provided by the author
No description provided by the author
Device represents the /device YANG schema element.
goflowd flow parameters.
goflowd fixed flowkeys.
No description provided by the author
IETFIpfixPsamp_Ipfix represents the /ietf-ipfix-psamp/ipfix YANG schema element.
IETFIpfixPsamp_Ipfix_Cache represents the /ietf-ipfix-psamp/ipfix/cache YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_ImmediateCache represents the /ietf-ipfix-psamp/ipfix/cache/immediateCache YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_ImmediateCache_CacheLayout represents the /ietf-ipfix-psamp/ipfix/cache/immediateCache/cacheLayout YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_ImmediateCache_CacheLayout_CacheField represents the /ietf-ipfix-psamp/ipfix/cache/immediateCache/cacheLayout/cacheField YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_NaturalCache represents the /ietf-ipfix-psamp/ipfix/cache/naturalCache YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_NaturalCache_CacheLayout represents the /ietf-ipfix-psamp/ipfix/cache/naturalCache/cacheLayout YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_NaturalCache_CacheLayout_CacheField represents the /ietf-ipfix-psamp/ipfix/cache/naturalCache/cacheLayout/cacheField YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_PermanentCache represents the /ietf-ipfix-psamp/ipfix/cache/permanentCache YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_PermanentCache_CacheLayout represents the /ietf-ipfix-psamp/ipfix/cache/permanentCache/cacheLayout YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_PermanentCache_CacheLayout_CacheField represents the /ietf-ipfix-psamp/ipfix/cache/permanentCache/cacheLayout/cacheField YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_TimeoutCache represents the /ietf-ipfix-psamp/ipfix/cache/timeoutCache YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_TimeoutCache_CacheLayout represents the /ietf-ipfix-psamp/ipfix/cache/timeoutCache/cacheLayout YANG schema element.
IETFIpfixPsamp_Ipfix_Cache_TimeoutCache_CacheLayout_CacheField represents the /ietf-ipfix-psamp/ipfix/cache/timeoutCache/cacheLayout/cacheField YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess represents the /ietf-ipfix-psamp/ipfix/collectingProcess YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_FileReader represents the /ietf-ipfix-psamp/ipfix/collectingProcess/fileReader YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_FileReader_Template represents the /ietf-ipfix-psamp/ipfix/collectingProcess/fileReader/template YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_FileReader_Template_Field represents the /ietf-ipfix-psamp/ipfix/collectingProcess/fileReader/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_SctpCollector represents the /ietf-ipfix-psamp/ipfix/collectingProcess/sctpCollector YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_SctpCollector_TransportLayerSecurity represents the /ietf-ipfix-psamp/ipfix/collectingProcess/sctpCollector/transportLayerSecurity YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_SctpCollector_TransportSession represents the /ietf-ipfix-psamp/ipfix/collectingProcess/sctpCollector/transportSession YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_SctpCollector_TransportSession_Template represents the /ietf-ipfix-psamp/ipfix/collectingProcess/sctpCollector/transportSession/template YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_SctpCollector_TransportSession_Template_Field represents the /ietf-ipfix-psamp/ipfix/collectingProcess/sctpCollector/transportSession/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_TcpCollector represents the /ietf-ipfix-psamp/ipfix/collectingProcess/tcpCollector YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_TcpCollector_TransportLayerSecurity represents the /ietf-ipfix-psamp/ipfix/collectingProcess/tcpCollector/transportLayerSecurity YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_TcpCollector_TransportSession represents the /ietf-ipfix-psamp/ipfix/collectingProcess/tcpCollector/transportSession YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_TcpCollector_TransportSession_Template represents the /ietf-ipfix-psamp/ipfix/collectingProcess/tcpCollector/transportSession/template YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_TcpCollector_TransportSession_Template_Field represents the /ietf-ipfix-psamp/ipfix/collectingProcess/tcpCollector/transportSession/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_UdpCollector represents the /ietf-ipfix-psamp/ipfix/collectingProcess/udpCollector YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_UdpCollector_TransportLayerSecurity represents the /ietf-ipfix-psamp/ipfix/collectingProcess/udpCollector/transportLayerSecurity YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_UdpCollector_TransportSession represents the /ietf-ipfix-psamp/ipfix/collectingProcess/udpCollector/transportSession YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_UdpCollector_TransportSession_Template represents the /ietf-ipfix-psamp/ipfix/collectingProcess/udpCollector/transportSession/template YANG schema element.
IETFIpfixPsamp_Ipfix_CollectingProcess_UdpCollector_TransportSession_Template_Field represents the /ietf-ipfix-psamp/ipfix/collectingProcess/udpCollector/transportSession/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess represents the /ietf-ipfix-psamp/ipfix/exportingProcess YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_FileWriter represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/fileWriter YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_FileWriter_Template represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/fileWriter/template YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_FileWriter_Template_Field represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/fileWriter/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_SctpExporter represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/sctpExporter YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_SctpExporter_TransportLayerSecurity represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/sctpExporter/transportLayerSecurity YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_SctpExporter_TransportSession represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/sctpExporter/transportSession YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_SctpExporter_TransportSession_Template represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/sctpExporter/transportSession/template YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_SctpExporter_TransportSession_Template_Field represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/sctpExporter/transportSession/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_TcpExporter represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/tcpExporter YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_TcpExporter_TransportLayerSecurity represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/tcpExporter/transportLayerSecurity YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_TcpExporter_TransportSession represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/tcpExporter/transportSession YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_TcpExporter_TransportSession_Template represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/tcpExporter/transportSession/template YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_TcpExporter_TransportSession_Template_Field represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/tcpExporter/transportSession/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_UdpExporter represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/udpExporter YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_UdpExporter_TransportLayerSecurity represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/udpExporter/transportLayerSecurity YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_UdpExporter_TransportSession represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/udpExporter/transportSession YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_UdpExporter_TransportSession_Template represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/udpExporter/transportSession/template YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Destination_UdpExporter_TransportSession_Template_Field represents the /ietf-ipfix-psamp/ipfix/exportingProcess/destination/udpExporter/transportSession/template/field YANG schema element.
IETFIpfixPsamp_Ipfix_ExportingProcess_Options represents the /ietf-ipfix-psamp/ipfix/exportingProcess/options YANG schema element.
IETFIpfixPsamp_Ipfix_ObservationPoint represents the /ietf-ipfix-psamp/ipfix/observationPoint YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess represents the /ietf-ipfix-psamp/ipfix/selectionProcess YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_SelectionSequence represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selectionSequence YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector_FilterHash represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector/filterHash YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector_FilterHash_SelectedRange represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector/filterHash/selectedRange YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector_FilterMatch represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector/filterMatch YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector_SampCountBased represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector/sampCountBased YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector_SampRandOutOfN represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector/sampRandOutOfN YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector_SampTimeBased represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector/sampTimeBased YANG schema element.
IETFIpfixPsamp_Ipfix_SelectionProcess_Selector_SampUniProb represents the /ietf-ipfix-psamp/ipfix/selectionProcess/selector/sampUniProb YANG schema element.
PacketLayers is real entity of packet headers for gopacket.NewDecodingLayerParser.
No description provided by the author
ParserParameters has parameters relating gopacket.NewDecodingLayerParser.
No description provided by the author

# Interfaces

No description provided by the author

# Type aliases

Binary is a type that is used for fields that have a YANG type of binary.
No description provided by the author
E_IETFIpfixPsamp_Direction is a derived int64 type which is used to represent the enumerated node IETFIpfixPsamp_Direction.
E_IETFIpfixPsamp_ExportMode is a derived int64 type which is used to represent the enumerated node IETFIpfixPsamp_ExportMode.
E_IETFIpfixPsamp_HashFunction is a derived int64 type which is used to represent the enumerated node IETFIpfixPsamp_HashFunction.
E_IETFIpfixPsamp_OptionsType is a derived int64 type which is used to represent the enumerated node IETFIpfixPsamp_OptionsType.
E_IETFIpfixPsamp_TransportSessionStatus is a derived int64 type which is used to represent the enumerated node IETFIpfixPsamp_TransportSessionStatus.
YANGEmpty is a type that is used for fields that have a YANG type of empty.