root/trunk/FlowParser/sFlow5.py

#
# Copyright (C) 2007-2008 Red Hat, Inc.
# Author: Andreas Thienemann <athienem@redhat.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU Library General Public License as published by
# the Free Software Foundation; version 2 only
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Library General Public License for more details.
#
# You should have received a copy of the GNU Library General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
# Copyright 2004, 2005 Red Hat, Inc.
#
# AUTHOR: Andreas Thienemann <athienem@redhat.com>
#

import sys
import struct
import xdrlib
import IPy
import FlowHandler
import pprint
import binascii
#import logging
import thread


#logging.info('sFlow9 protocol disector loaded')




class Sflow5Parser(FlowHandler.AbstractFlowParser):
    name = 'sflow5'

    def SnmpRefresh():
        '''Call this with thread.start_new_thread(SnmpRefresh, (args))'''

    def parse(self):

        flow_decode = []

        xu = xdrlib.Unpacker(self.pkgdata)

        # The flow header
        # Version (uint), IP Version (uint), Agent IP,sysUpTime (int),
        # UNIX Secs (int), Sequence Number (int), Source ID (int)
        flow_hdr = list((xu.unpack_uint(), xu.unpack_uint()))
        if flow_hdr[1] == 1:
            flow_hdr.append(IPy.IP(xu.unpack_uint()).strNormal())
        elif flow_hdr[1] == 2:
           flow_hdr.append(IPy.IP(xu.unpack_fopaque(16)).strNormal())
        flow_hdr.extend(list((xu.unpack_uint(), xu.unpack_uint(), xu.unpack_uint(), xu.unpack_uint())))

        print flow_hdr