IPFlow - Collecteur Netflow IPv4 et IPv6 et NFSIM

Soumis par francois ropert le sam, 05/17/2008 - 19:27.

IPFlow c'est bien! Ca collecte les exports netflow de tes équipements réseaux mais ça marche que sous Linux et compagnie.

http://www.ipflow.utc.fr/index.php/Main_Page 

Features

The main features of the IPFlow collector are:

  • Decoding of Netflow v1, v5, v7, v8 and v9 packets ;
  • Support of Netflow-IPv6 and Netflow-MPLS ;
  • Support of SCTP as export protocol (requires a special version);
  • Custom logging into binary and text files ;
  • Flow filtering with Access-Control Lists (ACL) ;
  • Site classification ;
  • RRDTool databases feeding ;
  • Aggregation of flows (custom fields);
  • Re-exporting Netflow datagrams ;

IPFlow has post-treatment tools to manipulate binary output files:

  • "grep": performs a multi-criteria search (addresses, ports, etc.) ;
  • "top": computes top talkers (addresses, ports, ...) ;
  • "sdraw": fills RRDTool database ;
  • "concat": concatenates files ;
  • ...


IPFlow has also a "Netflow Simulator"
that allows to generate Netflow packets from datagrams received on a
Linux/Unix box (using PCAP).
It is able to analyze IPv4 and IPv6 packets, on various layer-2
encapsulations, like raw Ethernet, 802.1Q ("QinQ" tunneling supported),
Cisco ISL and MPLS frames.

 

‹ iperf - mesure de bande passante - exemples d'utilisationhautListing Anonymizers (PCAP, Netflow et autres formats) ›

... et un peut de pub pour payer l'hébergement ;)