-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathsflow_drop_test.py
More file actions
executable file
·69 lines (56 loc) · 4.12 KB
/
sflow_drop_test.py
File metadata and controls
executable file
·69 lines (56 loc) · 4.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/usr/bin/env python3
import binascii
try:
import sflow
import util
except:
from sflow import sflow
from sflow import util
# UDP daragram of sFlow drop data
sflow_drop1 = "0000000500000001c0a87a7600000000000046f7001e55a00000000b00000005000000700002e33700000000000f4254000000" \
"01000f4254000000000000012e00000001000000010000004800000001000000400000000400000036c0d6820b156b84ebefd1" \
"539b08004500002843830000f006aa462d5d147e80a0147daf231503c1bc42fd000000005002040005fc0000e3220000000500" \
"0000700002e33800000000000f425400000001000f4254000000000000012e0000000100000001000000480000000100000040" \
"0000000400000036c0d6820b156b84ebefd1539b0800450000280f5b0000f106c04c9859c65880a014c8aed113ef3e05087c00" \
"00000050020400a8780000425400000005000000700002e33900000000000f425400000001000f425400000000000000000000" \
"0001000000010000004800000001000000400000000400000036c0d6820b156b84ebefd1539b08004500002c1b9100003706a3" \
"0494489e5880a00be8001962b71709b6f20000397a6012400028990000425400000005000000700002e33a00000000000f4254" \
"00000001000f4254000000000000000000000001000000010000004800000001000000400000000400000036c0d6820b156b84" \
"ebefd1539b08004510002ce51e0000740652c19df5de6c80a00bcc76aa01850bd9bcbb0000000060025166f71f000042540000" \
"0005000000700002e33b00000000000f425400000001000f4254000000000000012e0000000100000001000000480000000100" \
"0000400000000400000036c0d6820b156b84ebefd1539b080045000028330a0000f10618edc21a1d9b80a01775b1822a422bc9" \
"0e3d0000000050020400183f0000425400000005000000700002e33c00000000000f425400000001000f425400000000000000" \
"0000000001000000010000004800000001000000400000000400000036c0d6820b156b84ebefd1539b08004510002c340d0000" \
"75067173a45c6a0f80a00b2276aa01857cb2e7d0000000006002dbf93f3e0000425400000005000000700002e33d0000000000" \
"0f425400000001000f4254000000000000012e00000001000000010000004800000001000000460000000400000036c0d6820b" \
"156b84ebefd1539b0800450200343e28400078068a5e5fa43eba80a0152fe44401bb4bb591110000000080c22000514e000000" \
"0000000005000000700002e33e00000000000f425400000001000f425400000000000000000000000100000001000000480000" \
"0001000000400000000400000036c0d6820b156b84ebefd1539b080045000028745e0000f50630f74f6e3e8c80a00bd2b0e2e0" \
"c710499f4b00000000500204004a290000000000000005000000700002e33f00000000000f425400000001000f425400000000" \
"0000000000000001000000010000004800000001000000400000000400000036c0d6820b156b84ebefd1539b0800452800281d" \
"880000f3062335c2b4319980a00befb1b88ffe78e699990000000050020400d0c00000000000000005000000640002e3400000" \
"0000000f425400000001000f4254000000000000000000000001000000010000003c0000000100000059000000040000002ac0" \
"d6820b156b84ebefd1539b080045000047d4310000f6110a355b5cf86b80a00bc93d3c00350033000042540000000500000064" \
"0002e34100000000000f425400000001000f4254000000000000012e00000001000000010000003c000000010000006a000000" \
"040000002ac0d6820b156b84ebefd1539b08004500005830d340003a11d229ac44f66880a0143da7f70035004424a10000"
if __name__ == '__main__':
# Convert stored hex data into our UDP segment
data = binascii.unhexlify(sflow_drop1)
# Address tuple, as localhost and sFlow port.
addr = ('127.0.0.1', 6343)
# Create a flow data object
flow_data = sflow.Datagram()
# Unpack the UDP segment
flow_data.unpack(addr, data)
# Print representative data.
print(flow_data)
# Circle Packets
for sample in flow_data.sample_records:
if sample.sample_type == 5:
for rec in sample.flow_records:
payload = rec.sampled_packet.payload
print("{:3}: {:15} to {:15}".format(sample.reason,
util.ip_to_string(payload.src),
util.ip_to_string(payload.dst)))
# pprint.pprint(flow_data.__dict__)
print("Packet Test Complete")