Hello
Neil from inmon.com asked me to send this patch to the mailing list
to estimate if there's interest in including it into his sflowtool.
> On Jan 23, 2006, at 3:07 AM, Christian Hammers wrote:
> >Attached you'll find a little patch that we use to filter some VLANs
> >which should not be accounted. It still contains some comment lines
> >and may be not the best C but feel free to use it.
bye,
-christian-
--
Christian Hammers WESTEND GmbH | Internet-Business-Provider
Technik CISCO Systems Partner - Authorized Reseller
L|tticher Stra_e 10 Tel 0241/701333-11
ch@westend.com D-52064 Aachen Fax 0241/911879
--- sflowtool-3.9/src/sflowtool.c Mon Sep 19 20:08:45 2005
+++ oldsflowtool-3.9/src/sflowtool.c Mon Jan 23 12:46:13 2006
@@ -138,6 +138,8 @@
typedef enum { SFLFMT_FULL=0, SFLFMT_PCAP, SFLFMT_LINE } EnumSFLFormat;
+#define SFCONFIG_FILTER_IN_VLANS_NUM 100
+
typedef struct _SFConfig {
/* sflow options */
u_int16_t sFlowInputPort;
@@ -165,6 +167,9 @@
#endif
SFForwardingTarget *forwardingTargets;
+
+ unsigned int filterInVlansNum;
+ u_int32_t filterInVlans[SFCONFIG_FILTER_IN_VLANS_NUM];
} SFConfig;
/* make the options structure global to the program */
@@ -1869,6 +1874,7 @@
static void readFlowSample_v2v4(SFSample *sample)
{
+ int i;
sf_log("sampleType FLOWSAMPLE\n");
sample->samplesGenerated = getData32(sample);
@@ -1927,6 +1933,14 @@
}
}
+ /* #42#WESTEND# VLAN-Filterung */
+ for (i=0; i<sfConfig.filterInVlansNum; i++) {
+ if (sample->in_vlan == sfConfig.filterInVlans[i]) {
+ sf_log("skipping vlan #%d %u\n", i, sfConfig.filterInVlans[i]);
+ return;
+ }
+ }
+
/* if we are exporting netflow and we have an IPv4 layer, compose the datagram now */
if(sfConfig.netFlowOutputSocket && sample->gotIPV4) sendNetFlowDatagram(sample);
/* if we are writing tcpdump format, write the next packet record now */
@@ -2583,6 +2597,9 @@
fprintf(stderr,"\n");
fprintf(stderr,"%s version: %s\n", command, VERSION);
fprintf(stderr,"\n");
+ fprintf(stderr,"filtering:\n");
+ fprintf(stderr, " -x vlan1,vlan2,... - Discard packets from specified VLANs\n");
+ fprintf(stderr,"\n");
fprintf(stderr,"forwarding:\n");
fprintf(stderr, " -f host/port - (forward sflow to another collector\n");
fprintf(stderr, " - ...repeat for multiple collectors)\n");
@@ -2618,6 +2635,10 @@
/* set defaults */
sfConfig.sFlowInputPort = 6343;
+
+ /* #42#WESTEND# */
+ sfConfig.filterInVlansNum = 0;
+ bzero(sfConfig.filterInVlans, sizeof(sfConfig.filterInVlans));
/* walk though the args */
while (arg < argc) {
if(argv[arg][0] != '-') instructions(*argv);
@@ -2645,6 +2666,25 @@
case 'S': sfConfig.spoofSource = YES; break;
#endif
case 'f': if(addForwardingTarget(argv[arg++]) == NO) exit(-35); break;
+ /* #42#WESTEND# */
+ case 'x':
+ {
+ /* parse argument string to '-x' to array of integer */
+ /* #42#WESTEND# FIXME: manpage discouraged using strtok() but did not suggest a replacement. */
+ int i;
+ char *vlan_id = strtok(argv[arg++], ",");
+ while (vlan_id != NULL) {
+ if (sfConfig.filterInVlansNum < SFCONFIG_FILTER_IN_VLANS_NUM) {
+ sfConfig.filterInVlans[sfConfig.filterInVlansNum++] = atoi(vlan_id);
+ }
+ vlan_id = strtok(NULL, ",");
+ }
+ /* show array contents */
+ for (i=0; i<sfConfig.filterInVlansNum; i++) {
+ fprintf(stderr, "Filtering VLAN %u\n", sfConfig.filterInVlans[i]);
+ }
+ }
+ break;
case '?':
case 'h':
default: instructions(*argv);
Received on Tue Jan 24 02:57:24 2006
This archive was generated by hypermail 2.1.8 : 01/24/06 PST