parser = argparse.ArgumentParser(description="Netflow v9 collector.") parser.add_argument("--host", default="0.0.0.0", help="ipv4 host address to listen on") parser.add_argument("--port", default=2055, help="the udp port to listen on", type=int) args = parser.parse_args() p = pprint.PrettyPrinter(indent=4, depth=6) netflowpacket = NetFlowPacket() host = args.host port = args.port addrs = socket.getaddrinfo(host, port, socket.AF_INET, socket.SOCK_DGRAM, 0, socket.AI_PASSIVE) socks = [] for addr in addrs: sock = socket.socket(addr[0], addr[1]) sock.bind(addr[4]) socks.append(sock) print "listening on [%s]:%d" % (addr[4][0], addr[4][1]) while 1: (rlist, wlist, xlist) = select.select(socks, [], socks) for sock in rlist: (data, addrport) = sock.recvfrom(8192) print "Received flow packet from %s:%d" % addrport netflowpacket.data(data) netflowpacket.decodePacket() # print len(netflowpacket.flows) netflowpacket.export(lambda flow: export_hydra(flow))
r = requests.post(url, data=json.dumps(flowset), headers=headers) if r.status_code != 200: print r.status_code print r.content p.pprint(flowset) print json.dumps(flowset) raise def export(flows): for flow in flows: p.pprint(flow) if __name__ == "__main__": os.chdir("./tests/testdata") netflowpacket = NetFlowPacket() hexfiles = os.listdir(".") hexfiles.sort() packets = [] for files in hexfiles: if files.endswith(".dat"): f = open(files,'r') packets.append(binascii.unhexlify(f.readline())) f.close() # while 1: for packet in packets: netflowpacket.data(packet) netflowpacket.decodePacket() # print len(netflowpacket.flows) # netflowpacket.export(lambda flow: export(flow) ) netflowpacket.export()