-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi gijs,
- --On April 18, 2007 17:09:03 +0200 Gijs Molenaar <[EMAIL PROTECTED]> wrote:
| Hello,
|
| We want to directly read and understand nfdump files from Java (don't
| ask why ;) ). We can write a parser for nfdump, but we also discovered
Why?
| JNI, an java-to-other_language API builder. Did anyone already tried to
| to this with nfdump?
|
| Next to that, how likely is the storage format of nfdump / nfcapd going
| to change in the future? My problem is; if we write a Java API for
| reading nfdump files, we will base this on the current version of
| nfdump. We would like this code to be able to read nfcapd exported files
| also in the future.
nfdump is going to accept more v9 data in future => flexible netflow, and
therefore will have new data fields in the current extendable file format.
For your JNI, it's best to base on current C file reader functions, and
work with the master record. I posted some time ago a bare-bone
nfdump file reader on this list. If you link this bare-bone reader with
your Java-JNI app, it should work. Do not re-implement a flow reader in
Java. If you need more detailed info, contact me offlist.
- Peter
|
| any great insights or opinions, anybody?
|
| - gijs
|
|
|
| -------------------------------------------------------------------------
| This SF.net email is sponsored by DB2 Express
| Download DB2 Express C - the FREE version of DB2 express and take
| control of your XML. No limits. Just data. Click to get it now.
| http://sourceforge.net/powerbar/db2/
| _______________________________________________
| Nfdump-discuss mailing list
| Nfdump-discuss@lists.sourceforge.net
| https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
- --
_______ SWITCH - The Swiss Education and Research Network ______
Peter Haag, Security Engineer, Member of SWITCH CERT
PGP fingerprint: D9 31 D5 83 03 95 68 BA FB 84 CA 94 AB FC 5D D7
SWITCH, Werdstrasse 2, P.O. Box, CH-8021 Zurich, Switzerland
E-mail: [EMAIL PROTECTED] Web: http://www.switch.ch/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
iQCVAwUBRiddlv5AbZRALNr/AQLUAgP+IF/Rlgef8UfoDdukVTX4F3lPbLTWoqUW
DYFhYGj8RF7bMAeQt3ObiFUqY7hr9vJu7tR8HyhOgNK5qCKQDw/Okki1Zgp0cYyN
9mqNHSZSzXF+wirb127q7NhIqKeD5HORu7xaoPu6tqRFLeYThFQEqqH/cUkwf01s
4tEvPN65TKE=
=AmfU
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Nfdump-discuss mailing list
Nfdump-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfdump-discuss
