# # Copyright (C) 2007-2008 Red Hat, Inc. # Author: Andreas Thienemann # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU Library General Public License as published by # the Free Software Foundation; version 2 only # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Library General Public License for more details. # # You should have received a copy of the GNU Library General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # Copyright 2004, 2005 Red Hat, Inc. # # AUTHOR: Andreas Thienemann # import sys import struct import xdrlib import IPy import FlowHandler import pprint import binascii #import logging import thread #logging.info('sFlow9 protocol disector loaded') class Sflow5Parser(FlowHandler.AbstractFlowParser): name = 'sflow5' def SnmpRefresh(): '''Call this with thread.start_new_thread(SnmpRefresh, (args))''' def parse(self): flow_decode = [] xu = xdrlib.Unpacker(self.pkgdata) # The flow header # Version (uint), IP Version (uint), Agent IP,sysUpTime (int), # UNIX Secs (int), Sequence Number (int), Source ID (int) flow_hdr = list((xu.unpack_uint(), xu.unpack_uint())) if flow_hdr[1] == 1: flow_hdr.append(IPy.IP(xu.unpack_uint()).strNormal()) elif flow_hdr[1] == 2: flow_hdr.append(IPy.IP(xu.unpack_fopaque(16)).strNormal()) flow_hdr.extend(list((xu.unpack_uint(), xu.unpack_uint(), xu.unpack_uint(), xu.unpack_uint()))) print flow_hdr