Requirements
In order to install the flow generator, CentOS version 6.7 must already be installed.
Downloading and Installing the Flow Generator
First, we must install the flow generator dependencies. The first of these is scapy:
[root@rbmanager ~]# wget http://pkgs.repoforge.org/scapy/scapy-2.0.0.10-1.el6.rf.noarch.rpm
[root@rbmanager ~]# yum install nmap
[root@rbmanager ~]# yum install python-setuptools && easy_install argparse
[root@rbmanager ~]# sudo rpm -vUh scapy-2.0.0.10-1.el6.rf.noarch.rpm
The flow generator file must be downloaded from here.
If we are inside the terminal, we can execute the following commands to download the latest verion:
[root@rbmanager ~]# wget https://github.com/redBorder/pygennf/raw/master/download/pygennf-0.1-1_python26.noarch.rpm ^
--no-check-certificate
[root@rbmanager ~]# sudo rpm -vUh pygennf-0.1-1_python26.noarch.rpm
Flow Generator
This flow generator consists of various files:
- pygennf_v10.py: Generates type 10 netflow traffic
- pygennf_v5.py: Generates type 5 netflow traffic
- pygennf_v9.py: Generates type 9 netflow traffic
The utilization scheme is identical in all three cases:
pygennf_v5.py [-h] [-s SRC_IP] [-sp SRC_PORT] [-d DST_IP] [-dp DST_PORT] [-t TIME_INTERVAL]
Where:
- -s SRC_IP, --source-ip SRC_IP: Source IP
- -sp SRC_PORT, --source-port SRC_PORT: Source IP
- -d DST_IP, --dst-ip DST_IP: Destination IP
- -dp DST_PORT, --dst-port DST_PORT: Destination Port
- -t TIME_INTERVAL, --time-interval TIME_INTERVAL: Wait time between messages
Examples
Examples of traffic generation:
[root@rbmanager ~]# python /usr/bin/pygennf_v5.py -s 10.0.203.2 -d 10.0.30.89 -t 2Sends a type 5 netflow message with source IP 10.0.203.2 and destination IP 10.0.30.89 every two seconds.
[root@rbmanager ~]# python /usr/bin/pygennf_v9.py -s 10.0.25.6 -sp 4080 -d 10.0.234.24 -dp 2055Sends a type 9 netflow message with source IP 10.0.25.6, source port 4080, destination IP 10.0.234.24 and destination port 2055.
Comments
0 comments
Article is closed for comments.