| Net-Netfilter-NetFlow documentation | Contained in the Net-Netfilter-NetFlow distribution. |
Oliver Gorwits <oliver.gorwits@oucs.ox.ac.uk>
Copyright (c) The University of Oxford 2009.
This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
| Net-Netfilter-NetFlow documentation | Contained in the Net-Netfilter-NetFlow distribution. |
package Net::Netfilter::NetFlow::ConntrackFormat; use strict; use warnings FATAL => 'all'; use base 'Exporter'; our @EXPORT = qw( %ct_new_key %ct_destroy_key %ct_mask_fields ); # TODO document and make user configurable # 1:icmp - src,src,dst,id # 6:tcp - src,sport,src,sport,dst,dport # 17:udp - src,sport,src,sport,dst,dport # first src is private, second is public (post SNAT) our %ct_new_key = ( 1 => [4,11,5,8], 6 => [5,7,11,13,6,8], 17 => [4,6,10,12,5,7], ); our %ct_destroy_key = ( 1 => [3,11,4,7], 6 => [3,5,10,12,4,6], 17 => [3,5,10,12,4,6], ); # dpkts, doctets, srcaddr, dstaddr, srcport, dstport our %ct_mask_fields = ( 1 => { # field 17 does not exist private_src => [8,9,3,4,17,17], public_src => [8,9,11,10,17,17], dst => [15,16,10,11,17,17], }, 6 => { private_src => [7,8,3,4,5,6], public_src => [7,8,10,9,12,11], dst => [13,14,9,10,11,12], }, 17 => { private_src => [7,8,3,4,5,6], public_src => [7,8,10,9,12,11], dst => [13,14,9,10,11,12], }, ); __END__