ft2nfdump(1) [debian man page]

ft2nfdump(1)															      ft2nfdump(1)

NAME

       ft2nfdump - flow-tools data converter program

SYNOPSIS

       ft2nfdump [options]

DESCRIPTION

       ft2nfdump is the flow-tools converter program to read, convert and store netflow data, created with the flow-tools package. It works either
       as a pipe filter or reads flow-tools data format directly from file and exports nfdump data format at stdout.

OPTIONS

       -r <flow-tools-file>
	  Read flow-tools formated netflow data from file flow-tools-file.  Default: Read from stdin.

       -c num
	  Read only num flows from input file.

       -E Print raw netflow records to stdout. This option is for debugging purpose only, to see any incoming netflow data. Compatible	to  option
	  -E in nfcapd.

       -V Print ft2nfdump version and exit.

       -h Print help text on stdout with all options and exit.

RETURN VALUE

       Returns
	   0   No error.
	   255 Conversion failed.

EXAMPLES

       flow-cat ft-v05.2001-05-01.* | ft2nfdump | nfdump -w nfcap.20010501 Convert files into nfdump format.

       ft2nfdump -r ft-v05.2001-05-01 | nfdump -w nfcap.20010501 Convert files into nfdump format.

NOTES

SEE ALSO

       nfcapd(1), nfdump(1), nfprofile(1), nfreplay(1)

BUGS

								    2009-09-09							      ft2nfdump(1)

nfexpire(1)															       nfexpire(1)

NAME

       nfanon - netflow anonymisation

SYNOPSIS

       nfanon [options]

DESCRIPTION

       nfanon  is used to anonymise all IP addresses ( src, dst, next hop, router IP etc. ) in the netflow records using the CryptoPAn (Cryptogra-
       phy-based  Prefix-preserving Anonymization) module. The key -K is used to initialize the Rijndael cipher.  The key is either a 32 character
       string, or a 64 hex digit string starting with 0x.

	  See http://www.cc.gatech.edu/computing/Telecomm/cryptopan/ for more information about CryptoPAn.

       nfanon has several modes of operation.

       o  nfanon reads a sequence of input files, specified by -r, -R and -M and anonymises the flows in the given files. The input file arguments
       have the same syntax and meaning as nfdump(1).

       o nfanon reads a sequence of input files, specified by -r, -R and -M.  All anonymised flows are written to a single file specified by -w.

       o nfanon works as filter and reads flows from stding and writes the anonymised flows to stdout.

OPTIONS

       -r inputfile
	  Read input data from inputfile. Default is read from stdin.

       -R expr
	  Read input from a sequence of files in the same directory. expr may be one of:
	   /any/dir	     Read recursively all files in directory dir.
	   /dir/file	     Read all files beginning with file.
	   /dir/file1:file2  Read all files from file1 to file2.

	   Note: files are read in alphabetical sequence.

       -M expr
	  Read input from multiple directories. expr looks like: /any/path/to/dir1:dir2:dir3  etc.  and  will  be  expanded  to  the  directories:
	  /any/path/to/dir1, /any/path/to/dir2 and /any/path/to/dir3 Any number of colon separated directories may be given. The files to read are
	  specified by -r or -R and are expected to exist in all the given directories.  The options -r and -R must not contain any directory part
	  when used in conjunction with -M.

       -w outputfile
	  If specified writes anonymised netflow records to outputfile.

       -K key
	  The key is used to initialize the Rijndael cipher. key is either a 32 character string, or a 64 hex digit string starting with 0x.

RETURN VALUE

       Returns
	   0   No error.
	   255 Initialization failed.
	   250 Internal error.

NOTES

       None.

SEE ALSO

       nfdump(1)

BUGS

								    2009-09-09							       nfexpire(1)