You might try nprobe from the NTOP group: http://www.ntop.org/nProbe.html Web site indicates that universities can get it for no cost.
fprobe is another option. http://sourceforge.net/projects/fprobe GPL license without a fee, I believe. These convert captured IP packets into netflow data and export that to your collector (e.g., flow-tools) Joe "Dainin Touch" <[EMAIL PROTECTED]> Sent by: [EMAIL PROTECTED] 01/04/2008 08:50 AM To [email protected] cc Subject [Flow-tools] Newbie asking for help Hello all, I would like to use the traffic generator Harpoon (http://pages.cs.wisc.edu/~jsommers/harpoon/) to generate synthetic traffic in order to conduct experiments for my research project. Since I don't have any netflow records available, I plan to use Harpoon to replay the packet traces available at the Dartmouth archive (http://crawdad.cs.dartmouth.edu/ ). The problem is that most of these traces are stored as packet header traces (tcpdump) and Harpoon can only use either Netflow version 5 wire format or flow-tools format. My questions are: 1. Are there tools available to convert tcpdump traces into flow-tools format? 2. If no such tools are available, I could try to write one. But can someone give me a hint how the flow-tools format look like? Harpoon appears to be able to work with flow-cat's output but I couldn't find any information on the Internet how flow-cat's format look like. I am sorry if my questions are obvious. I am new to flow-tools. Much thanks in advance, Dainin _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
_______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
