IPFIX Protocol Library

libfixbuf is a compliant implementation of the IPFIX Protocol, as defined in the "Specification of the IPFIX Protocol for the Exchange of Flow Information" (RFC 7011). It supports the information model defined in "Information Model for IP Flow Information Export" (RFC 7012), extended as proposed by "Bidirectional Flow Export using IPFIX" (RFC 5103) to support information elements for representing biflows. libfixbuf supports structured data elements as described in "Export of Structured Data in IPFIX" (RFC 6313), which adds the ability to export basicLists, subTemplateLists, and subTemplateMultiLists. libfixbuf can export type information for IPFIX elements as described in "Exporting Type Information for IPFIX Information Elements" (RFC 5610), and it supports reading this information.

libfixbuf supports UDP, TCP, SCTP, and TLS over TCP as transport protocols. Support for DTLS over UDP and DTLS over SCTP is forthcoming. It also supports operation as an IPFIX File Writer or IPFIX File Reader as defined in "Specification of the IPFIX File Format" (RFC 5655).

See howto for tutorials on writing C programs that use libfixbuf. The reference for the functions and types of the C API is public.h.

A Python API to libfixbuf is available in the pyfixbuf package, distributed separately.

Included Utilities

libfixbuf comes with two command line utilties:

ipfix2json converts an IPFIX file to JSON. It was added in libfixbuf-3.0.0.

ipfixDump prints the contents of an IPFIX file as text, and it can also produce information about the file. As of libfixbuf-2.3.0, ipfixDump is distributed with libfixbuf. (Previously it was distributed with YAF.)

These utilities are built by default; see the Installation Instructions for details.

Pages

Copyright

libfixbuf is copyright 2005-2022 Carnegie Mellon University, and is released under the GNU General Public License (GPL) Version 2, June 1991. See the LICENSE.txt file in the distribution for details.

libfixbuf was developed at Carnegie Mellon University by Brian Trammell and the CERT Network Situational Awareness Group Engineering Team for use in the YAF and SiLK tools.

Previous: | Next: Installation Instructions