Skip to content
This repository
Newer
Older
100644 67 lines (58 sloc) 1.806 kb
09588f5b »
2012-04-01 Migration to github
1 * discover and create MIME objects.
2 * Run a subprocess when each file is opened or closed.
3 ================
4 Hi:
5
6 I managed to port tcpflow 1.0.2 to FreeBSD 7, by adding the following
7 to tcpflow.h - its quite possible that a number of the libraries are
8 not necessary, but I just cut and pasted the libraries from a working
9 libpcap program, and it works, so I didn't go further.... Thanks for
10 the ipv6 support, thats what I needed it for....
11
12 # diff -c /home/melland/src/tcpflow-1.0.2/src/tcpflow.h tcpflow.h
13
14 *** /home/melland/src/tcpflow-1.0.2/src/tcpflow.h Tue Sep 20 06:00:42 2011
15 --- tcpflow.h Tue Dec 6 14:29:28 2011
16 ***************
17 *** 36,41 ****
18 --- 36,66 ----
19 *
20 */
21
22 + #include <sys/types.h>
23 + #include <net/ethernet.h>
24 +
25 +
26 + #include <sys/types.h>
27 + #include <sys/stat.h>
28 +
29 + #include <netinet/in.h>
30 + #include <netinet/in_systm.h>
31 + #include <netinet/ip.h>
32 + #include <netinet/ip_var.h>
33 + #include <netinet/tcp.h>
34 + #include <netinet/tcpip.h>
35 +
36 + #include <arpa/inet.h>
37 +
38 + #include <ctype.h>
39 + #include <pcap.h>
40 + #include <stdio.h>
41 + #include <stdlib.h>
42 + #include <string.h>
43 + #include <syslog.h>
44 + #include <unistd.h>
45 +
46 +
47 #ifndef __TCPFLOW_H__
48 #define __TCPFLOW_H__
49 ================
50 Here is my currently plan for the plugin approach:
51
52 -Ps "command" --- Run command at the start of each flow; pipe the flow to stdin
53 -Pe "command" --- Run command at the end of each flow; pipe the flow to stdin (from the file)
54 -PE "command" --- Run command at the end of each flow, but do not pipe flow to stdin
55
56 Substitution options for command:
57
58 %t - time_t of the flow start
59 %T - ISO8601 time for the flow start
60 %s - source IP address
61 %S - source Port
62 %d - destination IP address
63 %D - destination IP port
64 %l - length of the flow (only useful for -Pe, of course)
65 %f - filename of the flow
66
Something went wrong with that request. Please try again.