Follow

Flow generation from CentOS 6.7

 

Requirements

In order to install the flow generator, CentOS version 6.7 must already be installed.

Downloading and Installing the Flow Generator

First, we must install the flow generator dependencies. The first of these is scapy:

[root@rbmanager ~]# wget http://pkgs.repoforge.org/scapy/scapy-2.0.0.10-1.el6.rf.noarch.rpm
[root@rbmanager ~]# yum install nmap
[root@rbmanager ~]# yum install python-setuptools && easy_install argparse
[root@rbmanager ~]# sudo rpm -vUh scapy-2.0.0.10-1.el6.rf.noarch.rpm

The flow generator file must be downloaded from the following page: https://github.com/redBorder/pygennf

If we are inside the terminal, we can execute the following commands to download the latest verion:

[root@rbmanager ~]# wget https://github.com/redBorder/pygennf/raw/master/download/pygennf-0.1-1_python26.noarch.rpm ^
--no-check-certificate
[root@rbmanager ~]# sudo rpm -vUh pygennf-0.1-1_python26.noarch.rpm

 

Flow Generator

This flow generator consists of various files:

  •  pygennf_v10.py: Generates type 10 netflow traffic
  • pygennf_v5.py: Generates type 5 netflow traffic
  • pygennf_v9.py: Generates type 9 netflow traffic

The utilization scheme is identical in all three cases:

pygennf_v5.py [-h] [-s SRC_IP] [-sp SRC_PORT] [-d DST_IP] [-dp DST_PORT] [-t TIME_INTERVAL]

Where:

  • -s SRC_IP, --source-ip SRC_IP: Source IP
  • -sp SRC_PORT, --source-port SRC_PORT: Source IP
  • -d DST_IP, --dst-ip DST_IP: Destination IP
  • -dp DST_PORT, --dst-port DST_PORT: Destination Port
  • -t TIME_INTERVAL, --time-interval TIME_INTERVAL: Wait time between messages

Examples

Examples of traffic generation:

[root@rbmanager ~]# python /usr/bin/pygennf_v5.py -s 10.0.203.2 -d 10.0.30.89 -t 2
Sends a type 5 netflow message with source IP 10.0.203.2 and destination IP 10.0.30.89 every two seconds.
[root@rbmanager ~]# python /usr/bin/pygennf_v9.py -s 10.0.25.6 -sp 4080 -d 10.0.234.24 -dp 2055
Sends a type 9 netflow message with source IP 10.0.25.6, source port 4080, destination IP 10.0.234.24 and destination port 2055.
Have more questions? Submit a request

Comments

Powered by Zendesk