pfring_ft_flow_value Struct Reference

Public Attributes
pfring_ft_flow_dir_value	direction [PF_RING_FT_FLOW_NUM_DIRECTIONS]
pfring_ft_ndpi_protocol	l7_protocol
u_int32_t	tunnel_type
u_int32_t	tunnel_id
union {
struct {
char *   query
u_int16_t   queryType
u_int16_t   replyCode
}   dns
struct {
char *   serverName
u_int8_t *   sha1_certificate_fingerprint
}   tls
struct {
char *   serverName
char *   url
u_int16_t   responseCode
}   http
struct {
u_int8_t   type
u_int8_t   code
}   icmp
}	l7_metadata
pfring_ft_flow_status	status
u_int32_t	flags
u_char *	user

Member Data Documentation

code

u_int8_t pfring_ft_flow_value::code

ICMP Code

direction

pfring_ft_flow_dir_value pfring_ft_flow_value::direction[PF_RING_FT_FLOW_NUM_DIRECTIONS]

Metadata per flow direction

flags

u_int32_t pfring_ft_flow_value::flags

See PFRING_FT_FLOW_STATUS_*

l7_protocol

pfring_ft_ndpi_protocol pfring_ft_flow_value::l7_protocol

nDPI protocol

query

char* pfring_ft_flow_value::query

DNS query

queryType

u_int16_t pfring_ft_flow_value::queryType

DNS query type

replyCode

u_int16_t pfring_ft_flow_value::replyCode

DNS reply code

responseCode

u_int16_t pfring_ft_flow_value::responseCode

HTTP response code

serverName

char* pfring_ft_flow_value::serverName

TLS Server Name

HTTP Server Name

sha1_certificate_fingerprint

u_int8_t* pfring_ft_flow_value::sha1_certificate_fingerprint

SHA-1 Certificate Fingerprint (20-bytes)

tunnel_id

u_int32_t pfring_ft_flow_value::tunnel_id

Tunnel ID (if any)

tunnel_type

u_int32_t pfring_ft_flow_value::tunnel_type

nDPI tunnel type (ndpi_packet_tunnel)

type

u_int8_t pfring_ft_flow_value::type

ICMP Type

url

char* pfring_ft_flow_value::url

HTTP URL

user

u_char* pfring_ft_flow_value::user

User metadata: this points to the end of the same struct usually. In case of flow slice this points to the original flow's user data.

---

The documentation for this struct was generated from the following file:

• /builddir/build/BUILD/PF_RING-9.2.0/userland/lib/pfring_ft.h