_NAFlowRaw Struct Reference
A raw flow record. More...
#include <nafcore.h>
Data Fields | |
| uint64_t | oct |
| Forward direction octet count. | |
| uint64_t | roct |
| Reverse direction octet count. | |
| uint64_t | pkt |
| Forward direction packet count. | |
| uint64_t | rpkt |
| Reverse direction packet count. | |
| uint32_t | flo |
| Forward direction flow count. | |
| uint32_t | rflo |
| Reverse direction flow count. | |
| uint32_t | stime |
| Flow start time in epoch seconds. | |
| uint32_t | etime |
| Flow end time in epoch seconds. | |
| uint32_t | srcid |
| Source ID. | |
| uint32_t | sip |
| Source IP address. | |
| uint32_t | dip |
| Destination IP address. | |
| uint16_t | sp |
| Source transport port. | |
| uint16_t | dp |
| Destination transport port. | |
| uint8_t | sipmask |
| Source IP address CIDR mask length. | |
| uint8_t | dipmask |
| Destination IP address CIDR mask length. | |
| uint8_t | proto |
| IP protocol. | |
| char | pad0 [5] |
| Structure alignment padding for fixbuf transcoder. | |
Detailed Description
A raw flow record.This is the interface between the various NAF aggregation input facilities and the NAF aggregation core.
Field Documentation
| uint32_t _NAFlowRaw::stime |
Flow start time in epoch seconds.
Sub-second resolution is not supported by NAF, as sub-second binning is not supported.
| uint32_t _NAFlowRaw::etime |
Flow end time in epoch seconds.
Sub-second resolution is not supported by NAF, as sub-second binning is not supported.
| uint32_t _NAFlowRaw::srcid |
Source ID.
User or flow source assigned observation domain ID.
| uint16_t _NAFlowRaw::dp |
Destination transport port.
Contains type and code for ICMP
| uint8_t _NAFlowRaw::sipmask |
Source IP address CIDR mask length.
Caller must set this to 32 if record is host-addressed.
| uint8_t _NAFlowRaw::dipmask |
Destination IP address CIDR mask length.
Caller must set this to 32 if record is host-addressed.
The documentation for this struct was generated from the following file: