-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
We are currently looking to give interested third parties access to a stream of netflow data. In the interests of privacy for our users, we obviously wish to mask certain bits of information starting with the source/destination IP pairs.
Currently, the plan is to have the netflow data exported to a flow-fanout process here, sanitised and then re-exported straight to the researcher who has requested it.
Ideally, I would like to mask the addresses by the routing prefix. Using
flow-xlate that is pretty trivial
(ip-{destination,source}-address-to-network), but I cannot find a way to
effectively pipe the flow-fanout stream through flow-xlate before
re-exporting it. I am aware of the -m flag to flow-fanout, but I feel
using this will result in data that is too coarsely grained for some
applications.Is there any way of doing something like flow-capture --stdout | flow-xlate | flow-fanout --from-stdin 1/2/destination ?
If there isn't currently, what sort of effort would it take to implement such functionality? Lastly, is there version control repository somewhere I can sync against, so I can make sure any patches I make can be contributed back to flow-tools?
Thanks in advance, Ras
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAtbACX41Xn0Vv9DcRAqv2AJ999h7X37ZT3Laq6J4i2COU1mOhJQCeIq5j 8+cGi7Dx60wOcygaotB3R+0= =QLLn -----END PGP SIGNATURE----- _______________________________________________ Flow-tools mailing list [EMAIL PROTECTED] http://mailman.splintered.net/mailman/listinfo/flow-tools
