Turn into a Gem and complete the PDU5 spec

Added a gemspec so it can be used by Bundler straight out of git.
Switched from jewler to bundler for simplicity
Fleshed out the Netflow v5 packet spec

.rvmrc

@@ -0,0 +1 @@
+rvm --create 1.9.2@netflow

Gemfile

@@ -1,13 +1,4 @@
-source "http://rubygems.org"
-# Add dependencies required to use your gem here.
-# Example:
-#   gem "activesupport", ">= 2.3.5"
+source :rubygems
 
-# Add dependencies to develop your gem here.
-# Include everything needed to run rake, tests, features, etc.
-group :development do
-  gem "rspec", "~> 2.3.0"
-  gem "bundler", "~> 1.0.0"
-  gem "jeweler", "~> 1.5.2"
-  gem "rcov", ">= 0"
-end
+# Specify your gem's dependencies in netflow.gemspec
+gemspec

Gemfile.lock

@@ -0,0 +1,32 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    bindata (1.4.1)
+    diff-lcs (1.1.2)
+    eventmachine (0.12.10)
+    git (1.2.5)
+    jeweler (1.5.2)
+      bundler (~> 1.0.0)
+      git (>= 1.2.5)
+      rake
+    rake (0.9.2)
+    rcov (0.9.9)
+    rspec (2.3.0)
+      rspec-core (~> 2.3.0)
+      rspec-expectations (~> 2.3.0)
+      rspec-mocks (~> 2.3.0)
+    rspec-core (2.3.1)
+    rspec-expectations (2.3.0)
+      diff-lcs (~> 1.1.2)
+    rspec-mocks (2.3.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bindata
+  bundler (~> 1.0.0)
+  eventmachine
+  jeweler (~> 1.5.2)
+  rcov
+  rspec (~> 2.3.0)

Rakefile

@@ -1,48 +1 @@
-require 'rubygems'
-require 'bundler'
-begin
-  Bundler.setup(:default, :development)
-rescue Bundler::BundlerError => e
-  $stderr.puts e.message
-  $stderr.puts "Run `bundle install` to install missing gems"
-  exit e.status_code
-end
-require 'rake'
-
-require 'jeweler'
-Jeweler::Tasks.new do |gem|
-  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
-  gem.name = "netflow"
-  gem.homepage = "http://github.com/seeingidog/netflow"
-  gem.license = "MIT"
-  gem.summary = %Q{Ruby Netflow collector based on EventMachine}
-  gem.description = %Q{Listens and parses netflow datagrams sent from network devices. More information on Netflow format: http://tools.ietf.org/html/rfc3954}
-  gem.email = "ian@ruby-code.com"
-  gem.authors = ["seeingidog"]
-  gem.add_runtime_dependency 'bindata'
-  gem.add_runtime_dependency 'eventmachine'
-end
-Jeweler::RubygemsDotOrgTasks.new
-
-require 'rspec/core'
-require 'rspec/core/rake_task'
-RSpec::Core::RakeTask.new(:spec) do |spec|
-  spec.pattern = FileList['spec/**/*_spec.rb']
-end
-
-RSpec::Core::RakeTask.new(:rcov) do |spec|
-  spec.pattern = 'spec/**/*_spec.rb'
-  spec.rcov = true
-end
-
-task :default => :spec
-
-require 'rake/rdoctask'
-Rake::RDocTask.new do |rdoc|
-  version = File.exist?('VERSION') ? File.read('VERSION') : ""
-
-  rdoc.rdoc_dir = 'rdoc'
-  rdoc.title = "netflow #{version}"
-  rdoc.rdoc_files.include('README*')
-  rdoc.rdoc_files.include('lib/**/*.rb')
-end
+require 'bundler/gem_tasks'

bin/netflow.rb

@@ -1,9 +1,7 @@
-require File.expand_path(File.join(File.dirname(__FILE__), '..','lib','netflow'))
+#!/usr/bin/env ruby
 
-puts "Help" unless ARGV[0] != nil
+$:.unshift File.expand_path(File.join(File.dirname(__FILE__), '..','lib'))
 
-ARGV.each do |arg|
-  puts "Arguement #{arg}"
-end
+require 'netflow/collector'
 
-Netflow.start_collector
+NetflowCollector.start_collector

lib/netflow.rb

@@ -1,7 +1,8 @@
 require 'bindata'
 require 'eventmachine'
 
-require File.expand_path(File.join(File.dirname(__FILE__), 'netflow','models','binary_models'))
-require File.expand_path(File.join(File.dirname(__FILE__), 'netflow','parsers','parsers'))
-require File.expand_path(File.join(File.dirname(__FILE__), 'netflow','storage','storage'))
-require File.expand_path(File.join(File.dirname(__FILE__), 'netflow','collector'))
+require 'netflow/version'
+
+require 'netflow/models/binary_models'
+require 'netflow/parsers/parsers'
+require 'netflow/storage/storage'

lib/netflow/collector.rb

@@ -1,6 +1,8 @@
-class Netflow
-
-  module NetflowCollector
+require 'netflow'
+
+class NetflowCollector
+
+  module Collector
     def post_init
       puts "Server listening."
     end
@@ -15,11 +17,11 @@ def receive_data(data)
       end
     end
   end
-  
+
   def self.start_collector(bind_ip = '0.0.0.0', bind_port = 2055)
     EventMachine::run do
-      EventMachine::open_datagram_socket(bind_ip, bind_port, NetflowCollector)
+      EventMachine::open_datagram_socket(bind_ip, bind_port, Collector)
     end
   end
-  
+
 end

lib/netflow/models/binary_models.rb

@@ -1,11 +1,42 @@
 class Header < BinData::Record
   endian :big
   uint16 :version
+end
+
+class Netflow5PDU < BinData::Record
+  endian :big
+  uint16 :version
   uint16 :flow_records
   uint32 :uptime
   uint32 :unix_sec
+  uint32 :unix_nsec
   uint32 :flow_seq_num
-  uint32 :source_id
+  uint8  :engine_type
+  uint8  :engine_id
+  bit1   :sampling_type
+  bit14  :sampling_interval
+  array  :records, :initial_length => :flow_records do
+    uint32 :srcaddr
+    uint32 :dstaddr
+    uint32 :nexthop
+    uint16 :iface_in
+    uint16 :iface_out
+    uint32 :packets
+    uint32 :octets
+    uint32 :first_uptime
+    uint32 :last_uptime
+    uint16 :srcport
+    uint16 :dstport
+    uint8  :pad1
+    uint8  :tcpflags
+    uint8  :proto
+    uint8  :tos
+    uint16 :srcas
+    uint16 :dstas
+    uint8  :srcmask
+    uint8  :dstmask
+    uint16 :pad2
+  end
 end
 
 class TemplateFlowset < BinData::Record
@@ -19,27 +50,23 @@ class TemplateFlowset < BinData::Record
 
 class Netflow9PDU < BinData::Record
   endian :big
-  header :header
+  uint16 :version
+  uint16 :flow_records
+  uint32 :uptime
+  uint32 :unix_sec
+  uint32 :flow_seq_num
+  uint32 :source_id
   template_flowset :template_flowset
 
   uint16 :template_id
   uint16 :data_flowset_length
   #string :data, :read_length  =>  lambda { data_flowset_length - 32 }
 end
 
-class Netflow5PDU < BinData::Record
-  endian :big
-  header :header
-end
-
 class DataFlowset < BinData::Record
   endian :big
-  
+
   uint16 :template_id
   uint16 :data_flowset_length
 end
 
-class Version5DataFlowset < BinData::Record
-  endian :big
-
-end

lib/netflow/parsers/parsers.rb

@@ -1,20 +1,16 @@
-class Netflow  
+class Netflow
   def self.parse_packet(data)
     begin
       header = Header.read(data)
       if header.version == 9
         flowset = Netflow9PDU.read(data)
-        puts flowset.inspect
       elsif header.version == 5
-        puts header.inspect
-        #read data
-
+        flowset = Netflow5PDU.read(data)
       else
         raise "Unsupported Netflow version"
       end
     rescue
       raise "Error reading header."
     end
   end
-
 end

lib/storage/storage.rb → lib/netflow/storage/storage.rb

@@ -1,3 +1,2 @@
 class Netflow
-
-end
+end

lib/netflow/version.rb

@@ -0,0 +1,3 @@
+class Netflow
+  VERSION = "0.0.1"
+end

netflow.gemspec

@@ -0,0 +1,24 @@
+# -*- encoding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "netflow/version"
+
+Gem::Specification.new do |s|
+  s.name        = "netflow"
+  s.version     = Netflow::VERSION
+  s.authors     = ["seeingidog"]
+  s.email       = ["ian@ruby-code.com"]
+  s.homepage    = "http://github.com/seeingidog/netflow"
+  s.license     = "MIT"
+  s.summary     = %q{Ruby Netflow collector based on EventMachine}
+  s.description = %q{Listens and parses netflow datagrams sent from network devices. More information on Netflow format: http://tools.ietf.org/html/rfc3954}
+
+  s.rubyforge_project = "netflow"
+
+  s.files         = `git ls-files`.split("\n")
+  s.test_files    = `git ls-files -- {test,spec,features}/*`.split("\n")
+  s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
+  s.require_paths = ["lib"]
+
+  s.add_runtime_dependency 'bindata'
+  s.add_runtime_dependency 'eventmachine'
+end