PF_RING API
API documentation for PF_RING: high-speed packet capture, filtering and analysis framework.
Loading...
Searching...
No Matches
Classes | Macros | Typedefs | Enumerations | Functions
pfring_ft.h File Reference

PF_RING FT library header file. More...

#include <sys/types.h>

Go to the source code of this file.

Classes

struct  pfring_ft_flow_filter
 
struct  __attribute__
 
struct  pfring_ft_pcap_pkthdr
 
struct  pfring_ft_ext_pkthdr
 
struct  pfring_ft_packet_metadata
 
union  pfring_ft_ip_address
 
struct  pfring_ft_ndpi_protocol
 
struct  pfring_ft_flow_key
 
struct  pfring_ft_flow_dir_value
 
struct  pfring_ft_flow_value
 
struct  pfring_ft_stats
 
struct  pfring_ft_export_stats
 

Macros

#define FT_API_VERSION   95
 
#define PFRING_FT_ACTION_DEFAULT   0
 
#define PFRING_FT_ACTION_FORWARD   1
 
#define PFRING_FT_ACTION_DISCARD   2
 
#define PFRING_FT_ACTION_USER_1   3
 
#define PFRING_FT_ACTION_USER_2   4
 
#define PFRING_FT_ACTION_SLICE   5
 
#define PF_RING_FT_FLOW_FLAGS_L7_GUESS   (1 << 0)
 
#define PFRING_FT_TABLE_FLAGS_DPI   (1 << 0)
 
#define PFRING_FT_TABLE_FLAGS_DPI_EXTRA   (1 << 1)
 
#define PFRING_FT_DECODE_TUNNELS   (1 << 2)
 
#define PFRING_FT_IGNORE_HW_HASH   (1 << 3)
 
#define PFRING_FT_IGNORE_VLAN   (1 << 4)
 
#define PFRING_FT_TABLE_FLAGS_NO_GUESS   (1 << 5)
 

Typedefs

typedef void pfring_ft_table
 
typedef void pfring_ft_list
 
typedef void pfring_ft_flow
 
typedef u_int8_t pfring_ft_action
 
typedef u_int32_t pfring_ft_in4_addr
 
typedef void(* pfring_ft_export_list_func) (pfring_ft_list *flows_list, void *user)
 
typedef void(* pfring_ft_export_flow_func) (pfring_ft_flow *flow, void *user)
 
typedef void(* pfring_ft_flow_packet_func) (const u_char *data, pfring_ft_packet_metadata *metadata, pfring_ft_flow *flow, void *user)
 

Enumerations

enum  pfring_ft_direction { s2d_direction = 0 , d2s_direction , PF_RING_FT_FLOW_NUM_DIRECTIONS }
 
enum  pfring_ft_flow_status {
  PFRING_FT_FLOW_STATUS_ACTIVE = 0 , PFRING_FT_FLOW_STATUS_IDLE_TIMEOUT , PFRING_FT_FLOW_STATUS_ACTIVE_TIMEOUT , PFRING_FT_FLOW_STATUS_END_DETECTED ,
  PFRING_FT_FLOW_STATUS_FORCED_END , PFRING_FT_FLOW_STATUS_SLICE_TIMEOUT , PFRING_FT_FLOW_STATUS_OVERFLOW
}
 

Functions

pfring_ft_table * pfring_ft_create_table (u_int32_t flags, u_int32_t max_flows, u_int32_t flow_idle_timeout, u_int32_t flow_lifetime_timeout, u_int32_t user_metadata_size)
 
void pfring_ft_destroy_table (pfring_ft_table *table)
 
void pfring_ft_flow_set_flow_slicing (pfring_ft_table *table, u_int32_t flow_slice_timeout)
 
void pfring_ft_set_new_flow_callback (pfring_ft_table *table, pfring_ft_export_flow_func callback, void *user)
 
void pfring_ft_set_flow_packet_callback (pfring_ft_table *table, pfring_ft_flow_packet_func callback, void *user)
 
void pfring_ft_set_l7_detected_callback (pfring_ft_table *table, pfring_ft_flow_packet_func callback, void *user)
 
void pfring_ft_set_flow_export_callback (pfring_ft_table *table, pfring_ft_export_flow_func callback, void *user)
 
void pfring_ft_set_flow_list_export_callback (pfring_ft_table *table, pfring_ft_export_list_func callback, void *user)
 
pfring_ft_action pfring_ft_process (pfring_ft_table *table, const u_char *packet, const pfring_ft_pcap_pkthdr *header, const pfring_ft_ext_pkthdr *ext_header)
 
int pfring_ft_housekeeping (pfring_ft_table *table, u_int32_t epoch)
 
void pfring_ft_flush (pfring_ft_table *table)
 
pfring_ft_flow * pfring_ft_list_get_next (pfring_ft_list *list)
 
u_int64_t pfring_ft_flow_get_id (pfring_ft_flow *flow)
 
pfring_ft_flow_keypfring_ft_flow_get_key (pfring_ft_flow *flow)
 
pfring_ft_flow_valuepfring_ft_flow_get_value (pfring_ft_flow *flow)
 
struct ndpi_flow_struct * pfring_ft_flow_get_ndpi_handle (pfring_ft_flow *flow)
 
void pfring_ft_flow_set_action (pfring_ft_flow *flow, pfring_ft_action action)
 
pfring_ft_action pfring_ft_flow_get_action (pfring_ft_flow *flow)
 
int pfring_ft_flow_get_users (pfring_ft_flow *flow)
 
void pfring_ft_flow_free (pfring_ft_flow *flow)
 
void pfring_ft_zmq_export_configure (pfring_ft_table *table, const char *endpoint, const char *server_public_key, u_int8_t probe_mode, u_int8_t disable_compression, u_int8_t use_json)
 
void pfring_ft_zmq_export_flow (pfring_ft_flow *flow, void *user)
 
void pfring_ft_zmq_export_stats (pfring_ft_table *table, const char *if_name, u_int16_t if_speed, const char *if_ip, const char *management_ip)
 
void pfring_ft_zmq_get_stats (pfring_ft_table *table, pfring_ft_export_stats *stats)
 
void pfring_ft_set_default_action (pfring_ft_table *table, pfring_ft_action action)
 
int pfring_ft_load_configuration (pfring_ft_table *table, const char *path)
 
int pfring_ft_load_configuration_ext (pfring_ft_table *table, const char *path, pfring_ft_flow_filter *filter)
 
void pfring_ft_set_shunt_protocol_by_name (pfring_ft_table *table, const char *protocol_name, u_int8_t packets)
 
void pfring_ft_set_filter_all_protocols (pfring_ft_table *table, pfring_ft_action action)
 
void pfring_ft_set_filter_protocol_by_name (pfring_ft_table *table, const char *protocol_name, pfring_ft_action action)
 
char * pfring_ft_l7_protocol_name (pfring_ft_table *table, pfring_ft_ndpi_protocol *protocol, char *buffer, int buffer_len)
 
u_int16_t pfring_ft_l7_protocol_id (pfring_ft_table *table, const char *name)
 
int pfring_ft_set_ndpi_handle (pfring_ft_table *table, struct ndpi_detection_module_struct *ndpi)
 
struct ndpi_detection_module_struct * pfring_ft_get_ndpi_handle (pfring_ft_table *table)
 
int pfring_ft_load_ndpi_protocols (pfring_ft_table *table, const char *path)
 
int pfring_ft_load_ndpi_categories (pfring_ft_table *table, const char *path)
 
int pfring_ft_is_ndpi_available ()
 
pfring_ft_statspfring_ft_get_stats (pfring_ft_table *table)
 
void pfring_ft_version (char *version)
 
u_int32_t pfring_ft_api_version ()
 
int pfring_ft_license (char *system_id, time_t *license_expiration, time_t *maintenance_expiration)
 
int pfring_ft_set_license (const char *license_key)
 
void pfring_ft_debug (void)
 

Detailed Description

PF_RING FT library header file.

Macro Definition Documentation

◆ PF_RING_FT_FLOW_FLAGS_L7_GUESS

#define PF_RING_FT_FLOW_FLAGS_L7_GUESS   (1 << 0)

pfring_ft_flow_value.flags: detected L7 protocol is a guess.

◆ PFRING_FT_ACTION_DISCARD

#define PFRING_FT_ACTION_DISCARD   2

Discard packet due to filter or shunt

◆ PFRING_FT_ACTION_SLICE

#define PFRING_FT_ACTION_SLICE   5

Slice packet headers

◆ PFRING_FT_DECODE_TUNNELS

#define PFRING_FT_DECODE_TUNNELS   (1 << 2)

pfring_ft_create_table() flag: decode tunnels (GTP, L2TP, CAPWAP)

◆ PFRING_FT_IGNORE_HW_HASH

#define PFRING_FT_IGNORE_HW_HASH   (1 << 3)

pfring_ft_create_table() flag: ignore hw packet hash (e.g. when it's asymmetric leading to one flow per direction)

◆ PFRING_FT_IGNORE_VLAN

#define PFRING_FT_IGNORE_VLAN   (1 << 4)

pfring_ft_create_table() flag: do not include vlan in flow key

◆ PFRING_FT_TABLE_FLAGS_DPI

#define PFRING_FT_TABLE_FLAGS_DPI   (1 << 0)

pfring_ft_create_table() flag: enable nDPI support for L7 protocol detection

◆ PFRING_FT_TABLE_FLAGS_DPI_EXTRA

#define PFRING_FT_TABLE_FLAGS_DPI_EXTRA   (1 << 1)

pfring_ft_create_table() flag: enable nDPI extra dissection (more flow metadata)

◆ PFRING_FT_TABLE_FLAGS_NO_GUESS

#define PFRING_FT_TABLE_FLAGS_NO_GUESS   (1 << 5)

pfring_ft_create_table() flag: do not guess the protocol when not detected with DPI

Enumeration Type Documentation

◆ pfring_ft_direction

enum pfring_ft_direction
Enumerator
s2d_direction 

Source to destination

d2s_direction 

Destination to source

◆ pfring_ft_flow_status

enum pfring_ft_flow_status
Enumerator
PFRING_FT_FLOW_STATUS_ACTIVE 

Active flow

PFRING_FT_FLOW_STATUS_IDLE_TIMEOUT 

Idle timeout

PFRING_FT_FLOW_STATUS_ACTIVE_TIMEOUT 

Terminated after the maximum lifetime

PFRING_FT_FLOW_STATUS_END_DETECTED 

Terminated for end of flow (e.g. FIN)

PFRING_FT_FLOW_STATUS_FORCED_END 

Terminated for external event (shutdown)

PFRING_FT_FLOW_STATUS_SLICE_TIMEOUT 

Flow slice timeout

PFRING_FT_FLOW_STATUS_OVERFLOW 

Exported from those with higher inactivity to make room

Function Documentation

◆ pfring_ft_api_version()

u_int32_t pfring_ft_api_version ( )

Get the PF_RING FT API version.

Returns
The version number as unsigne inte.

◆ pfring_ft_create_table()

pfring_ft_table * pfring_ft_create_table ( u_int32_t  flags,
u_int32_t  max_flows,
u_int32_t  flow_idle_timeout,
u_int32_t  flow_lifetime_timeout,
u_int32_t  user_metadata_size 
)

Create a new flow table.

Parameters
flagsFlags to enable selected flow table features.
max_flowsMaximum number of concurrent flows the table should be able to handle (use 0 if not sure to use default settings).
flow_idle_timeoutMaximum flow idle time (seconds) before expiration (use 0 if not sure to use default: 30s).
flow_lifetime_timeoutMaximum flow duration (seconds) before expiration (use 0 if not sure to use default: 2m).
user_metadata_sizeSize of the user metadata in pfring_ft_flow_value->user
Returns
The flow table on success, NULL on failure.

◆ pfring_ft_debug()

void pfring_ft_debug ( void  )

Enable debug mode

◆ pfring_ft_destroy_table()

void pfring_ft_destroy_table ( pfring_ft_table *  table)

Destroy a flow table.

Parameters
tableThe flow table handle.

◆ pfring_ft_flow_free()

void pfring_ft_flow_free ( pfring_ft_flow *  flow)

Release a flow.

Parameters
flowThe flow handle.

◆ pfring_ft_flow_get_action()

pfring_ft_action pfring_ft_flow_get_action ( pfring_ft_flow *  flow)

Get the computed/actual flow action, the same returned by pfring_ft_process() for this flow.

Parameters
flowThe flow handle.
Returns
The action.

◆ pfring_ft_flow_get_id()

u_int64_t pfring_ft_flow_get_id ( pfring_ft_flow *  flow)

Get the flow ID.

Parameters
flowThe flow handle.
Returns
The flow ID.

◆ pfring_ft_flow_get_key()

pfring_ft_flow_key * pfring_ft_flow_get_key ( pfring_ft_flow *  flow)

Get the flow key.

Parameters
flowThe flow handle.
Returns
The flow key.

◆ pfring_ft_flow_get_ndpi_handle()

struct ndpi_flow_struct * pfring_ft_flow_get_ndpi_handle ( pfring_ft_flow *  flow)

Get the nDPI flow handle.

Parameters
flowThe flow handle.
Returns
The flow value.

◆ pfring_ft_flow_get_users()

int pfring_ft_flow_get_users ( pfring_ft_flow *  flow)

Return the number of users for the flow (value of the reference counter). This is usually 1, unless slicing is enabled (+1 for each slice not yet released). Calling this on the slice, returns the reference counter of the master flow.

Parameters
flowThe flow handle.

◆ pfring_ft_flow_get_value()

pfring_ft_flow_value * pfring_ft_flow_get_value ( pfring_ft_flow *  flow)

Get the flow value.

Parameters
flowThe flow handle.
Returns
The flow value.

◆ pfring_ft_flow_set_action()

void pfring_ft_flow_set_action ( pfring_ft_flow *  flow,
pfring_ft_action  action 
)

Set the flow action, to be returned by pfring_ft_process() for all packets for this flow.

Parameters
flowThe flow handle.
actionThe action.

◆ pfring_ft_flow_set_flow_slicing()

void pfring_ft_flow_set_flow_slicing ( pfring_ft_table *  table,
u_int32_t  flow_slice_timeout 
)

Enable flow slicing to peridiocally export flow updates, even when the configured flow_lifetime_timeout is not reached.

Parameters
tableThe flow table handle.
flow_slice_timeoutMaximum flow slice duration (seconds). This should be lower then flow_lifetime_timeout

◆ pfring_ft_flush()

void pfring_ft_flush ( pfring_ft_table *  table)

Flush all flows (usually called on program termination, before destroying the flow table).

Parameters
tableThe flow table handle.

◆ pfring_ft_get_ndpi_handle()

struct ndpi_detection_module_struct * pfring_ft_get_ndpi_handle ( pfring_ft_table *  table)

Return the nDPI handle.

Parameters
tableThe flow table handle.
Returns
The nDPI handle, NULL if there is no handle.

◆ pfring_ft_get_stats()

pfring_ft_stats * pfring_ft_get_stats ( pfring_ft_table *  table)

Get flow processing statistics.

Parameters
tableThe flow table handle.
Returns
The stats struct.

◆ pfring_ft_housekeeping()

int pfring_ft_housekeeping ( pfring_ft_table *  table,
u_int32_t  epoch 
)

This should be called when there is no packet to be processed and the main loop is idle, for running housekeeping activities in the flow table.

Parameters
tableThe flow table handle.
epochThe current epoch (sec).
Returns
1 if there is more work to do, 0 if the caller can sleep a bit.

◆ pfring_ft_is_ndpi_available()

int pfring_ft_is_ndpi_available ( )

Check if nDPI is available.

Returns
1 if nDPI is available, 0 otherwise.

◆ pfring_ft_l7_protocol_id()

u_int16_t pfring_ft_l7_protocol_id ( pfring_ft_table *  table,
const char *  name 
)

Return the nDPI L7 protocol ID providing the L7 protocol name.

Parameters
tableThe flow table handle.
nameThe L7 protocol name.
Returns
The nDPI protocol ID.

◆ pfring_ft_l7_protocol_name()

char * pfring_ft_l7_protocol_name ( pfring_ft_table *  table,
pfring_ft_ndpi_protocol protocol,
char *  buffer,
int  buffer_len 
)

Return the L7 protocol name providing the nDPI protocol ID.

Parameters
tableThe flow table handle.
protocolThe nDPI protocol ID.
bufferThe output buffer.
buffer_lenThe output buffer length.
Returns
The buffer.

◆ pfring_ft_license()

int pfring_ft_license ( char *  system_id,
time_t *  license_expiration,
time_t *  maintenance_expiration 
)

Get license info.

Parameters
system_idA buffer (48 bytes long) where system id is returned. (out)
license_expirationA pointer to a time_t where license expiration is returned. (out)
maintenance_expirationA pointer to a time_t where maintenance expiration is returned. (out)
Returns
1 if a valid license is installed, 0 otherwise.

◆ pfring_ft_list_get_next()

pfring_ft_flow * pfring_ft_list_get_next ( pfring_ft_list *  list)

Pop the next from a flow list.

Parameters
listThe flow list.
Returns
The flow if the list is not empty, NULL otherwise.

◆ pfring_ft_load_configuration()

int pfring_ft_load_configuration ( pfring_ft_table *  table,
const char *  path 
)

Load filtering/shunting rules from a configuration file. Please refer to the documentation for the file format.

Parameters
tableThe flow table handle.
pathThe configuration file path.
Returns
0 on success, a negative number on failures.

◆ pfring_ft_load_configuration_ext()

int pfring_ft_load_configuration_ext ( pfring_ft_table *  table,
const char *  path,
pfring_ft_flow_filter filter 
)

Load filtering/shunting rules from a configuration file to an external pfring_ft_flow_filter handle. Please refer to the documentation for the file format.

Parameters
tableThe flow table handle.
pathThe configuration file path.
filterThe destination pfring_ft_flow_filter handle.
Returns
0 on success, a negative number on failures.

◆ pfring_ft_load_ndpi_categories()

int pfring_ft_load_ndpi_categories ( pfring_ft_table *  table,
const char *  path 
)

Load nDPI categories (defined by hostname) from a configuration file. Please refer to the nDPI documentation for the file format. Example: https://github.com/ntop/nDPI/blob/dev/example/mining_hosts.txt

Parameters
tableThe flow table handle.
pathThe configuration file path.
Returns
0 on success, a negative number on failures.

◆ pfring_ft_load_ndpi_protocols()

int pfring_ft_load_ndpi_protocols ( pfring_ft_table *  table,
const char *  path 
)

Load custom nDPI protocols from a configuration file. Please refer to the nDPI documentation for the file format. Example: https://github.com/ntop/nDPI/blob/dev/example/protos.txt

Parameters
tableThe flow table handle.
pathThe configuration file path.
Returns
0 on success, a negative number on failures.

◆ pfring_ft_process()

pfring_ft_action pfring_ft_process ( pfring_ft_table *  table,
const u_char *  packet,
const pfring_ft_pcap_pkthdr header,
const pfring_ft_ext_pkthdr ext_header 
)

Provide a raw packet to the flow table for processing. Usually the main capture loop provides all the packets to the hash table calling this function.

Parameters
tableThe flow table handle.
packetThe raw packet.
headerThe packet metadata (including length and timestamp).
ext_headerAdditional packet metadata not available in the pcap header (including hash).
Returns
The action for the packet, in case filtering rules have been specified.

◆ pfring_ft_set_default_action()

void pfring_ft_set_default_action ( pfring_ft_table *  table,
pfring_ft_action  action 
)

Set the default action for detected L7 protocols with no filtering rule. This can be used to 'drop all' traffic, exception made for specific protocols setting the default to PFRING_FT_ACTION_DISCARD and filter actions to PFRING_FT_ACTION_FORWARD Default: PFRING_FT_ACTION_DEFAULT

Parameters
tableThe flow table handle.
actionThe action returned by pfring_ft_process() by default.

◆ pfring_ft_set_filter_all_protocols()

void pfring_ft_set_filter_all_protocols ( pfring_ft_table *  table,
pfring_ft_action  action 
)

Set a default action for all L7 protocols. This is usually used to reset all filtering rules by passing PFRING_FT_ACTION_DEFAULT as action.

Parameters
tableThe flow table handle.
actionThe action to set for all protocols.

◆ pfring_ft_set_filter_protocol_by_name()

void pfring_ft_set_filter_protocol_by_name ( pfring_ft_table *  table,
const char *  protocol_name,
pfring_ft_action  action 
)

Set a filtering rule for a L7 protocol.

Parameters
tableThe flow table handle.
protocol_nameThe nDPI protocol name.
actionThe action returned by pfring_ft_process() for all packets matching the protocol.

◆ pfring_ft_set_flow_export_callback()

void pfring_ft_set_flow_export_callback ( pfring_ft_table *  table,
pfring_ft_export_flow_func  callback,
void *  user 
)

Set the function to be called when a flow expires and needs to be exported. The callback should release the flow calling pfring_ft_flow_free(flow).

Parameters
tableThe flow table handle.
callbackThe callback.
userThe user data provided to the callback.

◆ pfring_ft_set_flow_list_export_callback()

void pfring_ft_set_flow_list_export_callback ( pfring_ft_table *  table,
pfring_ft_export_list_func  callback,
void *  user 
)

Set the function to be called when a some flow expires and need to be exported. This can be used as an optimised alternative to pfring_ft_set_flow_export_callback(). The callback should release all flows in the list calling pfring_ft_flow_free(flow) for each flow. It is possible to iterate all the flows in the list using pfring_ft_list_get_next().

Parameters
tableThe flow table handle.
callbackThe callback.
userThe user data provided to the callback.

◆ pfring_ft_set_flow_packet_callback()

void pfring_ft_set_flow_packet_callback ( pfring_ft_table *  table,
pfring_ft_flow_packet_func  callback,
void *  user 
)

Set the function to be called when a packet and its flow have been processed, for each packet.

Parameters
tableThe flow table handle.
callbackThe callback.
userThe user data provided to the callback.

◆ pfring_ft_set_l7_detected_callback()

void pfring_ft_set_l7_detected_callback ( pfring_ft_table *  table,
pfring_ft_flow_packet_func  callback,
void *  user 
)

Set the function to be called when a packet and its flow have been processed and the l7 protocol has been just detected.

Parameters
tableThe flow table handle.
callbackThe callback (Note: packet/metadata may be NULL).
userThe user data provided to the callback.

◆ pfring_ft_set_license()

int pfring_ft_set_license ( const char *  license_key)

Install a PF_RING FT license key.

Parameters
license_keyThe license key.
Returns
1 if the license has been successfully installed, 0 otherwise (e.g. no permissions).

◆ pfring_ft_set_ndpi_handle()

int pfring_ft_set_ndpi_handle ( pfring_ft_table *  table,
struct ndpi_detection_module_struct *  ndpi 
)

Set the nDPI handle. This is meant to be used for custom nDPI settings only, as FT already creates a nDPI instance internally when using PFRING_FT_TABLE_FLAGS_DPI. FT takes care of releasing the nDPI instance on pfring_ft_destroy_table.

Parameters
tableThe flow table handle.
ndpiThe nDPI handle.
Returns
0 on success, a negative number on failures.

◆ pfring_ft_set_new_flow_callback()

void pfring_ft_set_new_flow_callback ( pfring_ft_table *  table,
pfring_ft_export_flow_func  callback,
void *  user 
)

Set the function to be called when a new flow has been created.

Parameters
tableThe flow table handle.
callbackThe callback.
userThe user data provided to the callback.

◆ pfring_ft_set_shunt_protocol_by_name()

void pfring_ft_set_shunt_protocol_by_name ( pfring_ft_table *  table,
const char *  protocol_name,
u_int8_t  packets 
)

Set a shunt rule for a L7 protocol.

Parameters
tableThe flow table handle.
protocol_nameThe nDPI protocol name.
packetsThe number of packets before shunting the flow returning a discard action from pfring_ft_process().

◆ pfring_ft_version()

void pfring_ft_version ( char *  version)

Get the PF_RING FT version.

Parameters
versionA buffer (32 bytes long) where version is returned. (out)

◆ pfring_ft_zmq_export_configure()

void pfring_ft_zmq_export_configure ( pfring_ft_table *  table,
const char *  endpoint,
const char *  server_public_key,
u_int8_t  probe_mode,
u_int8_t  disable_compression,
u_int8_t  use_json 
)

Configure ZMQ flow export (see pfring_ft_zmq_export_flow)

Parameters
tableThe flow table handle.
endpointThe ZMQ endpoint.
server_public_keyThe ZMQ Public encryption key (NULL for clear).
probe_modeProbe mode (connect to the ZMQ collector).
disable_compressionDisable message compression.
use_jsonUse JSON format (Default: TLV).

◆ pfring_ft_zmq_export_flow()

void pfring_ft_zmq_export_flow ( pfring_ft_flow *  flow,
void *  user 
)

Built-in callback to be provided to pfring_ft_set_flow_export_callback for exporting flows in JSON or TLV format to ZMQ. This implements pfring_ft_export_flow_func. The ZMQ endpoint should be configure with pfring_ft_zmq_export_configure(). The callback also releases the flow calling pfring_ft_flow_free(flow). Usage: pfring_ft_set_flow_export_callback(table, pfring_ft_zmq_export_flow, table);

Parameters
flowThe flow to be exported.
userThe flow table handle.

◆ pfring_ft_zmq_export_stats()

void pfring_ft_zmq_export_stats ( pfring_ft_table *  table,
const char *  if_name,
u_int16_t  if_speed,
const char *  if_ip,
const char *  management_ip 
)

Export stats via ZMQ

Parameters
tableThe flow table handle.
if_nameInterface name.
if_speedInterface speed (Mbps).
if_ipInterface IP.
management_ipManagement Interface IP.

◆ pfring_ft_zmq_get_stats()

void pfring_ft_zmq_get_stats ( pfring_ft_table *  table,
pfring_ft_export_stats stats 
)

Get ZMQ export stats

Parameters
tableThe flow table handle.
statsThe ZMQ stats (out).