From irino at sfc.wide.ad.jp Wed Sep 26 00:18:27 2012 From: irino at sfc.wide.ad.jp (Hitoshi Irino) Date: Tue, 25 Sep 2012 23:18:27 +0900 Subject: [netflow-tools] softflowd-0.9.9 compile on Solaris 10 In-Reply-To: References: Message-ID: <5061BD33.3020204@sfc.wide.ad.jp> Please use gmake (GNU make) instead of make. $ uname -a SunOS solaris 5.11 11.0 i86pc i386 i86pc $ make gcc -g -O2 -I. -c softflowd.c In file included from softflowd.h:31:0, from softflowd.c:48: treetype.h:52:2: error: #error No flow tree type defined treetype.h:80:2: error: #error No expiry tree type defined In file included from softflowd.c:48:0: softflowd.h:90:2: error: expected specifier-qualifier-list before ?FLOW_HEAD? softflowd.h:162:2: error: expected specifier-qualifier-list before ?FLOW_ENTRY? softflowd.h:200:2: error: expected specifier-qualifier-list before ?EXPIRY_ENTRY? $ gmake gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o softflowd.o softflowd.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o log.o log.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o netflow1.o netflow1.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o netflow5.o netflow5.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o netflow9.o netflow9.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o freelist.o freelist.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o convtime.o convtime.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o strlcpy.o strlcpy.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o strlcat.o strlcat.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o closefrom.o closefrom.c gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o daemon.o daemon.c gcc -o softflowd softflowd.o log.o netflow1.o netflow5.o netflow9.o freelist.o convtime.o strlcpy.o strlcat.o closefrom.o daemon.o -lpcap -lsocket -lnsl gcc -g -O2 -DFLOW_SPLAY -DEXPIRY_RB -I. -c -o softflowctl.o softflowctl.c gcc -o softflowctl softflowctl.o convtime.o strlcpy.o strlcat.o closefrom.o daemon.o -lpcap -lsocket -lnsl I think that softflowd-0.9.9 will be failed to compile with solaris 10 because it uses strsep function. Solaris 10 does not have strsep. Please checkout newest version from google code (http://code.google.com/p/softflowd/source/checkout). It uses strtok instead of strsep. regards, Hitoshi Irino (2012/08/02 2:58), Canell, Stephen E (2240) wrote: > Tried to compile softflowd-0.9.9 on Solaris 10 using gcc and got the following: > > This is just the start of the error messages?. > > make > gcc -g -O2 -I. -c softflowd.c > In file included from softflowd.h:31, > from softflowd.c:48: > treetype.h:52:2: #error No flow tree type defined > treetype.h:80:2: #error No expiry tree type defined > In file included from softflowd.c:48: > softflowd.h:90: error: syntax error before "FLOW_HEAD" > softflowd.h:90: warning: no semicolon at end of struct or union > softflowd.h:91: error: syntax error before "expiries" > softflowd.h:91: warning: data definition has no type or storage class > softflowd.h:149: error: syntax error before '}' token > softflowd.h:162: error: syntax error before "FLOW_ENTRY" > softflowd.h:162: warning: no semicolon at end of struct or union > softflowd.h:181: error: conflicting types for 'octets' > softflowd.h:126: error: previous declaration of 'octets' was here > softflowd.h:182: error: conflicting types for 'packets' > softflowd.h:127: error: previous declaration of 'packets' was here > softflowd.h:183: error: syntax error before '}' token > softflowd.h:200: error: syntax error before "EXPIRY_ENTRY" > softflowd.h:200: warning: no semicolon at end of struct or union > softflowd.h:208: error: syntax error before '}' token > In file included from softflowd.c:49: > treetype.h:52:2: #error No flow tree type defined > treetype.h:80:2: #error No expiry tree type defined > softflowd.c: In function `flow_compare': > softflowd.c:142: error: dereferencing pointer to incomplete type > softflowd.c:142: error: dereferencing pointer to incomplete type > softflowd.c:143: error: dereferencing pointer to incomplete type > softflowd.c:143: error: dereferencing pointer to incomplete type > softflowd.c:145: error: dereferencing pointer to incomplete type > softflowd.c:145: error: dereferencing pointer to incomplet????????????. > > -=Steve > -- > > > > > _______________________________________________ > netflow-tools mailing list > netflow-tools at mindrot.org > https://lists.mindrot.org/mailman/listinfo/netflow-tools > From irino at sfc.wide.ad.jp Sun Sep 30 00:30:25 2012 From: irino at sfc.wide.ad.jp (Hitoshi Irino) Date: Sat, 29 Sep 2012 23:30:25 +0900 Subject: [netflow-tools] A softflowd bug in NetFlow v9 header's sequence number field is found. Message-ID: <50670601.802@sfc.wide.ad.jp> Hello Damien and softflowd users, I fixed softflowd a bug. The sequence number field in NetFlow version 9 header is number of exported packets. In RFC3954, Sequence Number Incremental sequence counter of all Export Packets sent from the current Observation Domain by the Exporter. This value MUST be cumulative, and SHOULD be used by the Collector to identify whether any Export Packets have been missed. Softflowd 0.99 and older version uses number of exported flows for this field. I commited patches. http://code.google.com/p/softflowd/source/detail?r=68102f450d59504e4f351df6035e9b326ae397bb regards, Hitoshi Irino From raphaelruiz at gmail.com Sun Sep 30 11:35:33 2012 From: raphaelruiz at gmail.com (Raphael Ruiz) Date: Sat, 29 Sep 2012 22:35:33 -0300 Subject: [netflow-tools] Thanks!!! Message-ID: > > Hi every one! > > >> This is my contribution for the list. > > >> In the link down is possible get my dissertation. The job is based >> exclusive in the use of Softlfowd with Nfdump and Nfsen. I setup one server >> connected a switch with port mirror configuration enabled. In the same >> server i installed the Nfdump anf Nfsen. This testbed was build in the >> network of the Federal Fluminense University, considered a WAN, in function >> of your distributed units over the city of the Niteroi, in the Brazil. > > Was has possible the monitoring of the all the 46 networks of the >> university. Were registered several security incidents from the observe >> the graphics. Further, all traffic was measured, with rich details. > > I hope this information help the people like helped me > > Take this opportunity to thanks Damien Miller for having developed the >> Softflowd. > > I'm avaiable for questions. > > Best regards. > > >> Raphael Ruiz > > IT Manager of the University Hospital Antonio Pedro of Federal Fluminense University - NIter?i - Brazil http://www.bdtd.ndc.uff.br/tde_arquivos/38/TDE-2011-06-29T120015Z-2984/Publico/Dissert_RaphaelMartins.pdf -------------- next part -------------- An HTML attachment was scrubbed... URL: From raphael at huap.uff.br Sun Sep 30 11:36:29 2012 From: raphael at huap.uff.br (Raphael Ruiz Martins) Date: Sat, 29 Sep 2012 22:36:29 -0300 Subject: [netflow-tools] Thanks!!! In-Reply-To: References: Message-ID: Hi every one! > >>> This is my contribution for the list. >> >> >>> In the link down is possible get my dissertation. The job is based >>> exclusive in the use of Softlfowd with Nfdump and Nfsen. I setup one server >>> connected a switch with port mirror configuration enabled. In the same >>> server i installed the Nfdump anf Nfsen. This testbed was build in the >>> network of the Federal Fluminense University, considered a WAN, in function >>> of your distributed units over the city of the Niteroi, in the Brazil. >> >> Was has possible the monitoring of the all the 46 networks of the >>> university. Were registered several security incidents from the observe >>> the graphics. Further, all traffic was measured, with rich details. >> >> I hope this information help the people like helped me >> >> Take this opportunity to thanks Damien Miller for having developed the >>> Softflowd. >> >> I'm avaiable for questions. >> >> Best regards. >> >> >>> Raphael Ruiz >> >> IT Manager of the University Hospital Antonio Pedro of Federal Fluminense > University - NIter?i - Brazil > > > > http://www.bdtd.ndc.uff.br/tde_arquivos/38/TDE-2011-06-29T120015Z-2984/Publico/Dissert_RaphaelMartins.pdf > -------------- next part -------------- An HTML attachment was scrubbed... URL: