init manflow

Author: 123joshuawu

.github/workflows/image-build.yml

@@ -32,3 +32,4 @@ _testmain.go
 
 # Project binary
 nflow-generator
+manflow

.gitignore

@@ -4,7 +4,8 @@ WORKDIR /src
 RUN go build -v .
 
 FROM alpine:latest
-MAINTAINER Brent Salisbury <[email protected]>
 
-COPY --from=build /src/nflow-generator /usr/local/bin/
-ENTRYPOINT ["/usr/local/bin/nflow-generator"]
+WORKDIR /app
+
+COPY --from=build /src/manflow /usr/local/bin/
+ENTRYPOINT ["/usr/local/bin/manflow"]

Dockerfile

@@ -1,144 +1,45 @@
-# Usage - nflow-generator
+# manflow
 
-[![nflow-generator image CI](https://github.com/nerdalert/nflow-generator/actions/workflows/image-build.yml/badge.svg)](https://github.com/nerdalert/nflow-generator/actions/workflows/image-build.yml)
+Netflow generator
 
-This program generates mock netflow (v5) data that can be used to test netflow collector programs. 
-The program simulates a router that is exporting flow records to the collector.
-It is useful for determining whether the netflow collector is operating and/or receiving netflow datagrams.
+Documentation: https://aviatrix.atlassian.net/wiki/spaces/copconf/pages/1913815177/manflow+netflow+generator
 
-nflow-generator generates several netflow datagrams per second, each with 8 or 16 records for varying kinds of traffic (HTTP, SSH, SNMP, DNS, MySQL, and many others.)
+## Usage
 
-### Docker Image Run (Easiest)
+Using following `flowConfig.json` file:
 
-Simply run in a container and pass any arguments at runtime. Below is an example passing the `--help` flag:
-
-```
-docker run -it --rm networkstatic/nflow-generator --help
-# or podman/quay repos
-podman run -it --rm /quay.io/networkstatic/nflow-generator --help
-```
-
-To generate mock flow data simply add the target IP and port:
-
-```
-docker run -it --rm networkstatic/nflow-generator -t <ip> -p <port>
-# or podman/quay repos
-podman run -it --rm /quay.io/networkstatic/nflow-generator -t <ip> -p <port>
+```json
+{
+  "seed": 1,
+  "flow_timeout": 10,
+  "collector_ip": "10.0.0.11",
+  "collector_port": 31283,
+  "hosts": [
+    {
+      "ip": "10.0.0.103",
+      "name": "gw1"
+    }
+  ],
+  "flows": [
+    {
+      "src_addr": "10.14.0.0",
+      "dst_addr": "10.0.1.0",
+      "dst_port": "80",
+      "hops": ["gw1"],
+      "count": 1
+    }
+  ]
+}
 ```
 
-### Download the binary
-
-You can download the Linux binary here [nflow-generator-x86_64-linux](https://github.com/nerdalert/nflow-generator/blob/master/binaries/nflow-generator-x86_64-linux).
-### Build
-
-Install [Go](http://golang.org/doc/install), then:
+Run following commands
 
-	git clone https://github.com/nerdalert/nflow-generator.git 
-	cd nflow-generator
-	go build
-
-Go build will leave a binary in the root directory that can be run.
-	
-### RUN
-
-Feed it the target collector and port, and optional "false-index" flag:
-
-	./nflow-generator -t <ip> -p <port> [ -f | --false-index ]
-
-### Run a Test Collection
-
-You can run a simple test collection using nfcapd from the nfdump package with the following.
-
-- Start a netflow collector
-
-```
-sudo apt-get install nfdump
-mkdir /tmp/nfcap-test
-nfcapd -E  -p 9001 -l /tmp/nfcap-test
+```bash
+go build # one time
+./manflow -i gw1
 ```
 
-In a seperate console, run the netflow-generator pointing at an IP on the host the collector is running on (in this case the VM has an IP of 192.168.1.113).
-
-```
-sudo docker run -it --rm networkstatic/nflow-generator -t 192.168.1.113 -p 9001
-```
-
-- You should start seeing records displayed to the output of the screen running nfcapd like the following.
-
-```
-$> nfcapd -E  -p 9001 -l /tmp/nfcap-test
-Add extension: 2 byte input/output interface index
-Add extension: 4 byte input/output interface index
-Add extension: 2 byte src/dst AS number
-Add extension: 4 byte src/dst AS number
-Bound to IPv4 host/IP: any, Port: 9001
-Startup.
-Init IPFIX: Max number of IPFIX tags: 62
-
-Flow Record:
-  Flags        =              0x00 FLOW, Unsampled
-  export sysid =                 1
-  size         =                56
-  first        =        1552592037 [2019-03-14 15:33:57]
-  last         =        1552592038 [2019-03-14 15:33:58]
-  msec_first   =               973
-  msec_last    =               414
-  src addr     =      112.10.20.10
-  dst addr     =     172.30.190.10
-  src port     =                40
-  dst port     =                80
-  fwd status   =                 0
-  tcp flags    =              0x00 ......
-  proto        =                 6 TCP
-  (src)tos     =                 0
-  (in)packets  =               792
-  (in)bytes    =                23
-  input        =                 0
-  output       =                 0
-  src as       =             48730
-  dst as       =             15401
-
-
-Flow Record:
-  Flags        =              0x00 FLOW, Unsampled
-  export sysid =                 1
-  size         =                56
-  first        =        1552592038 [2019-03-14 15:33:58]
-  last         =        1552592038 [2019-03-14 15:33:58]
-  msec_first   =               229
-  msec_last    =               379
-  src addr     =     192.168.20.10
-  dst addr     =     202.12.190.10
-  src port     =                40
-  dst port     =               443
-  fwd status   =                 0
-  tcp flags    =              0x00 ......
-  proto        =                 6 TCP
-  (src)tos     =                 0
-  (in)packets  =               599
-  (in)bytes    =               602
-  input        =                 0
-  output       =                 0
-  src as       =              1115
-  dst as       =             50617
-
-```
-
-### Notes
-
-The original mock netflow generator placed random values in several fields which confused 
-certain netflow collectors that complained about inaccurate time stamps, 
-and were confused by the random values sent in the input and output interface fields. 
-
-Changes:
-
-* Sets the `SysUptime`, `unix_secs`, and `unix_nsecs` fields of the Netflow datagrams to sensible (UTC) values
-* Generates a unique `flow_sequence` value for each netflow datagram
-* Creates reasonable start/stop times for flows, so the First is set to (now-X) and Last to (now-Y), where X & Y are random times, and X > Y.
-* If the --false-index (-f) flag is set on the command line, 
-use this algorithm to set the interface indexes to 1 or 2:
-If the source address > dest address, input interface is set to 1, and set to 2 otherwise,
-and the output interface is set to the opposite value.
-If the -f is missing, both snmp interface indexes will be set to 0. [Default]
+Command-line arguments:
 
-To learn more about Netflow version 5 datagram formats, see the [Cisco Netflow documentation](http://www.cisco.com/c/en/us/td/docs/net_mgmt/netflow_collection_engine/3-6/user/guide/format.html)
+- `-i` - host name of one of the hosts in `flowConfig.json` file
+- `-l` - disable flow-level logging

README.md

@@ -0,0 +1,104 @@
+package main
+
+import (
+	"fmt"
+	"os"
+
+	"github.com/jessevdk/go-flags"
+)
+
+var opts struct {
+	Help           bool   `short:"h" long:"help" description:"show nflow-generator help"`
+	HostName       string `short:"i" long:"host-name" description:"provide host name to use with config file"`
+	ConfigFile     string `short:"e" long:"config-file" description:"provide config file to describe complex flow generation behavior"`
+	GenGraphFile   string `short:"g" long:"gen-graph-file" description:"generate graph file"`
+	DisableLogging bool   `short:"l" long:"disable-logging" description:"disable logging"`
+	Simulate       bool   `short:"m" long:"simulate" description:"simulate only, do not send to collector"`
+	StatsOutFile   string `short:"o" long:"stats-out-file" description:"write stats to file"`
+	GenComposeFile string `short:"q" long:"gen-compose-file" description:"generate compose file"`
+	GenTargetsFile string `short:"r" long:"gen-targets-file" description:"generate prometheus targets file"`
+}
+
+type ConfigArgs struct {
+	ConfigFile string
+	HostName   string
+}
+
+func ParseConfigArgs() (ConfigArgs, error) {
+	_, err := flags.Parse(&opts)
+
+	if err != nil {
+		return ConfigArgs{}, fmt.Errorf("failed to parse config args: %v", err)
+	}
+
+	inputConfigFile := "flowConfig.json"
+	if opts.ConfigFile != "" {
+		inputConfigFile = opts.ConfigFile
+	} else if os.Getenv("CONFIG_FILE") != "" {
+		inputConfigFile = os.Getenv("CONFIG_FILE")
+	}
+
+	inputHostName := ""
+	if opts.HostName != "" {
+		inputHostName = opts.HostName
+	} else if os.Getenv("HOST_NAME") != "" {
+		inputHostName = os.Getenv("HOST_NAME")
+	}
+
+	return ConfigArgs{
+		ConfigFile: inputConfigFile,
+		HostName:   inputHostName,
+	}, nil
+}
+
+func showUsage() {
+	var usage string
+	usage = `
+Usage:
+  main [OPTIONS] [collector IP address] [collector port number]
+
+  Send mock Netflow version 5 data to designated collector IP & port.
+  Time stamps in all datagrams are set to UTC.
+
+Application Options:
+  -t, --target= target ip address of the netflow collector
+  -p, --port=   port number of the target netflow collector
+  -s, --spike run a second thread generating a spike for the specified protocol
+    protocol options are as follows:
+        ftp - generates tcp/21
+        ssh  - generates tcp/22
+        dns - generates udp/54
+        http - generates tcp/80
+        https - generates tcp/443
+        ntp - generates udp/123
+        snmp - generates ufp/161
+        imaps - generates tcp/993
+        mysql - generates tcp/3306
+        https_alt - generates tcp/8080
+        p2p - generates udp/6681
+        bittorrent - generates udp/6682
+  -f, --false-index generate a false snmp index values of 1 or 2. The default is 0. (Optional)
+  -c, --flow-count set the number of flows to generate in each iteration. The default is 16. (Optional)
+
+Example Usage:
+
+    -first build from source (one time)
+    go build   
+
+    -generate default flows to device 172.16.86.138, port 9995
+    ./nflow-generator -t 172.16.86.138 -p 9995 
+
+    -generate default flows along with a spike in the specified protocol:
+    ./nflow-generator -t 172.16.86.138 -p 9995 -s ssh
+
+    -generate default flows with "false index" settings for snmp interfaces 
+    ./nflow-generator -t 172.16.86.138 -p 9995 -f
+
+    -generate default flows with up to 256 flows
+    ./nflow-generator -c 128 -t 172.16.86.138 -p 9995
+
+Help Options:
+  -h, --help    Show this help message
+  `
+	fmt.Print(usage)
+}