BLOG     |     FORUM

Forum Login

Login is optional - if you want to be notified about responses via email. You can also simply ask a question without logging in.



Just ask your question

No signup required

There is no need to sign up or register to ask a question in the forums.

Just ask your question.

You need to signup if you wish to be notified of answers to your question by email.

Other links

Other ways to reach us

Follow us on Twitter

Follow on twitter

Send us an email

mail us

Welcome, Guest
Please Login or Register.    Lost Password?
Unleash Networks Forum
Unleash Networks Forums
Unsniff Users

Simulating netflow packets in .cap file
(1 viewing) (1) Guest
All your questions answered real quick by Unleash Networks Engineers.
Go to bottom
Post Reply
Post New Topic
Page: 1
TOPIC: Simulating netflow packets in .cap file
#248
Simulating netflow packets in .cap file 2 Years, 2 Months ago Karma: 0
Hi,

I am unable to simulate netflow packets that are stored in .cap extension files.

I use the below command to simulate netflow packets:
./pcap2flow /home/test/pcap2flow-0.1/NetFlow_Cisco_ASA.cap 192.168.111.177 2055 -ports 2055 -gaus 2000

I read the below document to simulate live netflow packets from a .pcap extension file:
www.unleashnetworks.com/open-source/pcap2netflow.html

Is there any fix or alternative solution available to simulate netflow from .cap files?

Thanks
Nathan
Enter code here   
Please note: although no board code and smiley buttons are shown, they are still usable.
senthil085
User Offline Click here to see the profile of this user
Reply Quote
 
#249
Re: Simulating netflow packets in .cap file 2 Years, 2 Months ago Karma: 2
I think it should be -gapus instead of -gaus


Note that your capture file should already contain netflow packets. This tool is not like softflowd, which can construct netflow packets from the wire.
Enter code here   
Please note: although no board code and smiley buttons are shown, they are still usable.
vivek [unleash]
User Offline Click here to see the profile of this user
Reply Quote
Vivek R
Unleash Networks
Support : www.unleashnetworks.com/forums
  
#250
Re: Simulating netflow packets in .cap file 2 Years, 2 Months ago Karma: 0
Hi Vivek,

Thanks for pointing out, i just overlooked.

Parameter -gapus deals with the flow rate at which the flow should be exported.

Anyway, still I'm unable to simulate V9 flow from .cap file that already has V9 packets.

I even tried softflowd, which generates V9 packets similar to Cisco routers. But my requirement is to simulate V9 packets similar to Cisco ASA 5500 firewall(NSEL logs). The file I'm using to simulate using pcaptoflow has NSEL logs in it.

More info on Cisco ASA netflow is as below:
www.cisco.com/en/US/docs/security/asa/as...netflow/netflow.html

Any idea will be greatly appreciated.

Thanks
Nathan
Enter code here   
Please note: although no board code and smiley buttons are shown, they are still usable.
senthil085
User Offline Click here to see the profile of this user
Reply Quote
 
Go to top
Post Reply
Post New Topic
Page: 1
Unleash Networks Forum
Unleash Networks Forums
Unsniff Users
Powered by Kunenaget the latest posts directly to your desktop

Sitemap | Privacy

Copyright (c) 2009-11 Unleash Networks