Hi Hitoshi , I found that HAVE_ENDIAN_H not defined in configure script that’s why problem persist. After define HAVE_ENDIAN_H problem is solved.
$ grep ^# config.h #define HAVE_DAEMON 1 #define HAVE_INT16_T 1 #define HAVE_INT32_T 1 #define HAVE_INT64_T 1 #define HAVE_INT8_T 1 #define HAVE_INTTYPES_H 1 #define HAVE_LIBPCAP 1 #define HAVE_MEMORY_H 1 #define HAVE_PCAP_BPF_H 1 #define HAVE_PCAP_H 1 #define HAVE_SETGID 1 #define HAVE_SETRESGID 1 #define HAVE_SETRESUID 1 #define HAVE_SETREUID 1 #define HAVE_STDINT_H 1 #define HAVE_STDLIB_H 1 #define HAVE_STRINGS_H 1 #define HAVE_STRING_H 1 #define HAVE_STRUCT_IP6_EXT 1 #define HAVE_SYS_STAT_H 1 #define HAVE_SYS_TYPES_H 1 #define HAVE_UINT16_T 1 #define HAVE_UINT32_T 1 #define HAVE_UINT64_T 1 #define HAVE_UINT8_T 1 #define HAVE_UNISTD_H 1 #define HAVE_U_INT16_T 1 #define HAVE_U_INT32_T 1 #define HAVE_U_INT64_T 1 #define HAVE_U_INT8_T 1 #define OUR_CFG_INT16_T short int #define OUR_CFG_INT32_T int #define OUR_CFG_INT64_T long int #define OUR_CFG_INT8_T signed char #define OUR_CFG_U_INT16_T uint16_t #define OUR_CFG_U_INT32_T uint32_t #define OUR_CFG_U_INT64_T uint64_t #define OUR_CFG_U_INT8_T uint8_t #define PACKAGE_BUGREPORT "" #define PACKAGE_NAME "" #define PACKAGE_STRING "" #define PACKAGE_TARNAME "" #define PACKAGE_URL "" #define PACKAGE_VERSION "" #define SIZEOF_CHAR 1 #define SIZEOF_INT 4 #define SIZEOF_LONG_INT 8 #define SIZEOF_LONG_LONG_INT 8 #define SIZEOF_SHORT_INT 2 #define STDC_HEADERS 1 There is need to update configure script and config.h.in file. In configure script add check for endian.h file. for ac_header in endian.h do : as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default" if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : cat >>confdefs.h <<_ACEOF #define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 _ACEOF fi done In config.h.in add #undef HAVE_ENDIAN_H line. Regards, Varun On Fri, Sep 5, 2014 at 6:39 AM, Hitoshi Irino <ir...@sfc.wide.ad.jp> wrote: > Hello Varun, > > Could you show me reuslt of this command: > > grep ^# config.h > > Regards, > Hitoshi > > > On 2014/09/01 13:14, Varun Sharma wrote: >> >> Hi Hitoshi, >> >> Test environment : >> >> Two 16 core machines are connected back to back using dual port 10G >> card. CentOS release 6.2 (Final) 64bit version install on both >> machines. >> $ uname -a >> Linux hwcentos 2.6.32-220.el6.x86_64 #1 SMP Tue Dec 6 19:48:22 GMT >> 2011 x86_64 x86_64 x86_64 GNU/Linux >> >> On one of machine I install Softflowd(Revision:80aac3b2fec3). >> Softflowd observed packet sent by iperf client. >> >> >> I go through the ipfix.c code. If I comment line number 409 and 426 in >> ipfix.c file. >> >> 409 : //#if defined (_BSD_SOURCE) && defined (HAVE_ENDIAN_H) || >> defined (HAVE_HTOBE64) || defined (HAVE_HTONLL) >> >> 426 : //#endif >> >> Now Exported IPFIX flow records include accurate flow end time in >> milliseconds format and also read properly on collector(nfdump) side. >> I think (HAVE_ENDIAN_H) is not defined that’s why problem persist. >> >> How to resolve this problem ? >> >> Thanks in advance . >> >> Regards, >> Varun >> >> On Thu, Aug 28, 2014 at 6:25 PM, Hitoshi Irino <ir...@sfc.wide.ad.jp> >> wrote: >>> >>> Hello Varun, >>> >>> I tested on Ubuntu Linux 14.04.1 64bit version. >>> In my test environment, softflowd observed packets sent by nmap -sU(UDP >>> port >>> scan). It works well. Exported IPFIX flow records include accurate flow >>> end >>> time. >>> >>> Could you teach me your environment? >>> >>> Regards, >>> Hitoshi >>> >>> >>> On 2014/08/28 14:22, Varun Sharma wrote: >>>> >>>> >>>> Hi , >>>> >>>> I am using Softflowd IPFIX supported version ( Revision : 80aac3b2fec3 >>>> ) downloaded from google code. I export flows in IPFIX format to >>>> collector server ( NFDUMP 1.6.10 ) . I am seeing issue with date and >>>> time field when I am reading nfdump logs . >>>> >>>> Whereas In case of Netflow v5 and v9 it is working fine means proper >>>> date and time comes in nfdump logs. >>>> >>>> Command run : >>>> >>>> softflowd -i eth3 -n 192.168.50.2:9995 -v 10 -d -t maxlife=30 -D -A >>>> milli >>>> >>>> nfdump log : >>>> >>>> $ nfdump -r nfcapd.201408280909 >>>> >>>> Date first seen Duration Proto Src IP Addr:Port >>>> Dst IP Addr:Port Packets Bytes Flows >>>> >>>> 2005-04-02 04:35:37.968 1970-01-01 05:30:00.000 3182570558.032 TCP >>>> 192.168.50.1:43241 -> 192.168.50.2:5001 .AP.SF 0 17405 >>>> 823.5 M 1 >>>> >>>> 2005-04-02 04:35:37.968 1970-01-01 05:30:00.000 3182570558.032 TCP >>>> 192.168.50.2:5001 -> 192.168.50.1:43241 .A..SF 0 15470 >>>> 711626 1 >>>> >>>> 2005-04-02 04:35:37.968 1970-01-01 05:30:00.000 3182570558.032 TCP >>>> 192.168.50.1:43242 -> 192.168.50.2:5001 .AP.SF 0 20138 >>>> 928.1 M 1 >>>> >>>> 2005-04-02 04:35:37.968 1970-01-01 05:30:00.000 3182570558.032 TCP >>>> 192.168.50.2:5001 -> 192.168.50.1:43242 .A..SF 0 20814 >>>> 957450 1 >>>> >>>> 2005-04-02 04:35:37.967 1970-01-01 05:30:00.000 3182570558.033 TCP >>>> 192.168.50.1:43243 -> 192.168.50.2:5001 .AP.SF 0 20031 >>>> 925.8 M 1 >>>> >>>> ....... >>>> >>>> 2015-06-17 11:04:55.259 1970-01-01 05:30:00.000 2860448000.741 TCP >>>> 192.168.50.1:43257 -> 192.168.50.2:5001 .AP.SF 0 7235 >>>> 348.3 M 1 >>>> >>>> 2015-06-17 11:04:55.259 1970-01-01 05:30:00.000 2860448000.741 TCP >>>> 192.168.50.2:5001 -> 192.168.50.1:43257 .A..SF 0 10138 >>>> 466354 1 >>>> >>>> 2015-06-17 11:04:55.248 1970-01-01 05:30:00.000 2860448000.752 TCP >>>> 192.168.50.1:43258 -> 192.168.50.2:5001 .AP.SF 0 13164 >>>> 610.1 M 1 >>>> >>>> 2015-06-17 11:04:55.248 1970-01-01 05:30:00.000 2860448000.752 TCP >>>> 192.168.50.2:5001 -> 192.168.50.1:43258 .A..SF 0 15663 >>>> 720504 1 >>>> ....... >>>> >>>> 2016-01-02 07:16:04.432 1970-01-01 05:30:00.000 2843268131.568 TCP >>>> 192.168.50.2:5001 -> 192.168.50.1:43268 .A..SF 0 18639 >>>> 857400 1 >>>> >>>> 2016-01-02 07:16:04.421 1970-01-01 05:30:00.000 2843268131.579 TCP >>>> 192.168.50.1:43269 -> 192.168.50.2:5001 .AP.SF 0 28301 >>>> 1.3 G 1 >>>> >>>> 2016-01-02 07:16:04.421 1970-01-01 05:30:00.000 2843268131.579 TCP >>>> 192.168.50.2:5001 -> 192.168.50.1:43269 .A..SF 0 34656 >>>> 1.6 M 1 >>>> >>>> 2016-01-02 07:16:04.421 1970-01-01 05:30:00.000 2843268131.579 TCP >>>> 192.168.50.1:43270 -> 192.168.50.2:5001 .AP.SF 0 29209 >>>> 1.3 G 1 >>>> >>>> >>>> .... >>>> >>>> Summary: total flows: 162, total bytes: 59.4 G, total packets: 2.6 M, >>>> avg bps: 0, avg pps: 0, avg bpp: 0 >>>> Time window: 2014-08-28 09:09:31 - 2014-08-28 09:14:31 >>>> Total flows processed: 162, Blocks skipped: 0, Bytes read: 9832 >>>> Sys: 0.005s flows/second: 27009.0 Wall: 0.005s flows/second: 30291.7 >>>> >>>> >>>> I also used sec with –A option but in that case also same problem >>>> persist. I attached tcpdump pcap file also. Pls find attachment. >>>> >>>> Can anybody know why it’s happening ? >>>> >>>> >>>> Regards >>>> Varun >>>> >>>> >>>> >>>> _______________________________________________ >>>> netflow-tools mailing list >>>> netflow-tools@mindrot.org >>>> https://lists.mindrot.org/mailman/listinfo/netflow-tools >>>> >>> >> > _______________________________________________ netflow-tools mailing list netflow-tools@mindrot.org https://lists.mindrot.org/mailman/listinfo/netflow-tools
