NAME
flowprobe - libpcap traffic collector and NetFlow packets originator
for NeTAMS project.
SYNOPSIS
flowprobe {options}
DESCRIPTION
Flowprobe is a part of NeTAMS (Network Traffic Accounting and
Monitoring Software) project, a data source for NeTAMS daemon. It
listens an ethernet interface (PCAP library, like tcpdump) and collects
accconting data. Every N seconds it exports this data as NetFlow v5 UDP
packet to any collector, for example NeTAMS daemon with "data-source
netflow" enabled.
OPTIONS
-h print help screen and exit
-q quiet output
-d turn debugging on
-e export_to
IP address to export flows to, A.B.C.D:XXXX, where XXXX is
remote port number (default is 20001)
-r rule
libpcap rule to capture packets
-i interface
network interface to listen
-1 active_timeout
active flow timeout (sec.), default is 600
-2 inactive_timeout
inactive flow timeout (sec.), default is 60
SYSTEM REQUIREMENTS
libpcap library and header file pcap.h must present in your system
EXAMPLE
flowprobe -d -e 1.2.3.4:1000 -r ip -i eth0 -1 200 -2 20
Exporting to: 1.2.3.4:1000
Interface: eth0
Rule: ip
Active timeout: 200 seconds
Inact timeout: 20 seconds
Libpcap: ethernet interface
SEE ALSO
http://www.netams.com
AUTHORS
Anton Vinokurov <anton@netams.com>, Yuriy Shkandybin <jura@netams.com>
24 November 2004 flowprobe(8)