_NAFlowRaw Struct Reference
A raw flow record. More...
#include <nafcore.h>
Data Fields | |
| uint64_t | oct |
| Forward direction octet count. | |
| uint64_t | roct |
| Reverse direction octet count. | |
| uint64_t | pkt |
| Forward direction packet count. | |
| uint64_t | rpkt |
| Reverse direction packet count. | |
| uint32_t | flo |
| Forward direction flow count. | |
| uint32_t | rflo |
| Reverse direction flow count. | |
| uint32_t | stime |
| Flow start time in epoch seconds. | |
| uint32_t | etime |
| Flow end time in epoch seconds. | |
| uint32_t | srcid |
| Source ID. | |
| uint32_t | sip |
| Source IP address. | |
| uint32_t | dip |
| Destination IP address. | |
| uint16_t | sp |
| Source transport port. | |
| uint16_t | dp |
| Destination transport port. | |
| uint8_t | sipmask |
| Source IP address CIDR mask length. | |
| uint8_t | dipmask |
| Destination IP address CIDR mask length. | |
| uint8_t | proto |
| IP protocol. | |
| char | pad0 [5] |
| Structure alignment padding for fixbuf transcoder. | |
Detailed Description
A raw flow record.This is the interface between the various NAF aggregation input facilities and the NAF aggregation core.
Field Documentation
|
|
Destination IP address CIDR mask length. Caller must set this to 32 if record is host-addressed. |
|
|
Destination transport port. Contains type and code for ICMP |
|
|
Flow end time in epoch seconds. Sub-second resolution is not supported by NAF, as sub-second binning is not supported. |
|
|
Source IP address CIDR mask length. Caller must set this to 32 if record is host-addressed. |
|
|
Source ID. User or flow source assigned observation domain ID. |
|
|
Flow start time in epoch seconds. Sub-second resolution is not supported by NAF, as sub-second binning is not supported. |
The documentation for this struct was generated from the following file: