when compile i got this warnings? is it normal?
ipfix.c: In function ‘Process_ipfix_templates’:
ipfix.c:884:10: warning: variable ‘id’ set but not used
[-Wunused-but-set-variable]
uint32_t id, count;
^
ipfix.c: In function ‘Process_ipfix_template_withdraw’:
ipfix.c:1068:16: warning: variable ‘count’ set but not used
[-Wunused-but-set-variable]
uint32_t id, count;
^
ipfix.c: In function ‘Process_ipfix_option_templates’:
ipfix.c:1146:16: warning: variable ‘length’ set but not used
[-Wunused-but-set-variable]
uint16_t id, length;
^
ipfix.c:1145:12: warning: variable ‘enterprise_value’ set but not used
[-Wunused-but-set-variable]
uint32_t enterprise_value;
^
ipfix.c:1179:16: warning: variable ‘length’ set but not used
[-Wunused-but-set-variable]
uint16_t id, length;
^
ipfix.c:1178:12: warning: variable ‘enterprise_value’ set but not used
[-Wunused-but-set-variable]
uint32_t enterprise_value;
^
ipfix.c:1101:69: warning: variable ‘found_std_sampling’ set but not used
[-Wunused-but-set-variable]
uint16_t offset_std_sampler_interval, offset_std_sampler_algorithm,
found_std_sampling;
^
ipfix.c:1101:39: warning: variable ‘offset_std_sampler_algorithm’ set but
not used [-Wunused-but-set-variable]
uint16_t offset_std_sampler_interval, offset_std_sampler_algorithm,
found_std_sampling;
^
ipfix.c:1101:10: warning: variable ‘offset_std_sampler_interval’ set but
not used [-Wunused-but-set-variable]
uint16_t offset_std_sampler_interval, offset_std_sampler_algorithm,
found_std_sampling;
^
ipfix.c:1100:75: warning: variable ‘found_sampler’ set but not used
[-Wunused-but-set-variable]
uint16_t offset_sampler_id, offset_sampler_mode, offset_sampler_interval,
found_sampler;
^
ipfix.c:1100:50: warning: variable ‘offset_sampler_interval’ set but not
used [-Wunused-but-set-variable]
uint16_t offset_sampler_id, offset_sampler_mode, offset_sampler_interval,
found_sampler;
^
ipfix.c:1100:29: warning: variable ‘offset_sampler_mode’ set but not used
[-Wunused-but-set-variable]
uint16_t offset_sampler_id, offset_sampler_mode, offset_sampler_interval,
found_sampler;
^
ipfix.c:1100:10: warning: variable ‘offset_sampler_id’ set but not used
[-Wunused-but-set-variable]
uint16_t offset_sampler_id, offset_sampler_mode, offset_sampler_interval,
found_sampler;
^
ipfix.c:1099:54: warning: variable ‘sampler_id_length’ set but not used
[-Wunused-but-set-variable]
uint16_t id, field_count, scope_field_count, offset, sampler_id_length;
^
ipfix.c:1099:46: warning: variable ‘offset’ set but not used
[-Wunused-but-set-variable]
uint16_t id, field_count, scope_field_count, offset, sampler_id_length;
^
ipfix.c:1099:10: warning: variable ‘id’ set but not used
[-Wunused-but-set-variable]
uint16_t id, field_count, scope_field_count, offset, sampler_id_length;
^
ipfix.c: In function ‘Process_IPFIX’:
ipfix.c:1623:24: warning: variable ‘ObservationDomain’ set but not used
[-Wunused-but-set-variable]
uint32_t ExportTime, ObservationDomain, Sequence, flowset_length;
^
ipfix.c:1623:12: warning: variable ‘ExportTime’ set but not used
[-Wunused-but-set-variable]
uint32_t ExportTime, ObservationDomain, Sequence, flowset_length;
2017-03-15 16:56 GMT+03:00 Alexander Khokhlov <hohlo...@gmail.com>:
> Hello!
>
> I have a task to save IP_SRC_ADDR, IP_DST_ADDR, postNATSourceIPv4Address
> and postNATDestinationIPv4Address. These fields are present in tcpdump. In
> the output of nfdump these NAT addresses are missing. Please help to
> solve this problem.
>
>
>
> nfcapd: Version: 1.6.15
>
> nfcapd -e -z -w -t 60 -l /netflow/test -b 10.0.0.118 -p 9995 -E -T all -B
> 200000
>
> Process_ipfix: [0] Add template 258
>
>
>
> After start of nfcapd errors appear
>
>
>
> Process_ipfix: [0] option template length error: size left 20 too small
> for 5 scopes length and 1 options length
>
>
>
> Flow Record:
>
> Flags = 0x06 FLOW, Unsampled
>
> export sysid = 2
>
> size = 68
>
> first = 0 [1970-01-01 03:00:00]
>
> last = 0 [1970-01-01 03:00:00]
>
> msec_first = 0
>
> msec_last = 0
>
> src addr = 10.0.176.236
>
> dst addr = 54.194.31.135
>
> src port = 56428
>
> dst port = 80
>
> fwd status = 0
>
> tcp flags = 0x00 ......
>
> proto = 6 TCP
>
> (src)tos = 0
>
> (in)packets = 0
>
> (in)bytes = 0
>
> ip router = X.X.X.X
>
> received at = 1489584299366 [2017-03-15 16:24:59.366]
>
>
>
> tcpdump output
>
>
>
> Set 1 [id=2] (Data Template): 258
>
> FlowSet Id: Data Template (V10 [IPFIX]) (2)
>
> FlowSet Length: 52
>
> Template (Id = 258, Count = 11)
>
> Template Id: 258
>
> Field Count: 11
>
> Field (1/11): observationTimeMilliseconds
>
> Field (2/11): IP_SRC_ADDR
>
> Field (3/11): IP_DST_ADDR
>
> Field (4/11): postNATSourceIPv4Address
>
> Field (5/11): postNATDestinationIPv4Address
>
> Field (6/11): L4_SRC_PORT
>
> Field (7/11): L4_DST_PORT
>
> Field (8/11): postNAPTSourceTransportPort
>
> Field (9/11): postNAPTDestinationTransportPort
>
> Field (10/11): PROTOCOL
>
> Field (11/11): natEvent
>
>
>
> Flow 1
>
> Observation Time Milliseconds: Mar 6, 2017 15:50:01.892000000 RTZ 2
> (зима)
>
> SrcAddr: 10.0.166.44
>
> DstAddr: 104.157.28.150
>
> Post NAT Source IPv4 Address: X.X.X.X
>
> Post NAT Destination IPv4 Address: 104.157.28.150
>
> SrcPort: 17043
>
> DstPort: 22675
>
> Post NAPT Source Transport Port: 17043
>
> Post NAPT Destination Transport Port: 22675
>
> Protocol: UDP (17)
>
> Nat Event: 2
>
>
>
> nfdump -r nfcapd.201703151624 -o "fmt:%nsa:%nsp => %nda:%ndp" -c 10
>
> X-late Src IP XsPort X-late Dst IP XdPort
>
> 0.0.0.0: 0 => 0.0.0.0: 0
>
> 0.0.0.0: 0 => 0.0.0.0: 0
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss