DragonFly On-Line Manual Pages

Search: Section:  


nfexpire(1)                                                        nfexpire(1)

NAME

nfanon - netflow anonymisation

SYNOPSIS

nfanon [options]

DESCRIPTION

nfanon is used to anonymise all IP addresses ( src, dst, next hop, router IP etc. ) in the netflow records using the CryptoPAn (Cryptography-based Prefix-preserving Anonymization) module. The key -K is used to initialize the Rijndael cipher. The key is either a 32 character string, or a 64 hex digit string starting with 0x. See http://www.cc.gatech.edu/computing/Telecomm/cryptopan/ for more information about CryptoPAn. nfanon has several modes of operation. o nfanon reads a sequence of input files, specified by -r, -R and -M and anonymises the flows in the given files. The input file arguments have the same syntax and meaning as nfdump(1). o nfanon reads a sequence of input files, specified by -r, -R and -M. All anonymised flows are written to a single file specified by -w. o nfanon works as filter and reads flows from stding and writes the anonymised flows to stdout.

OPTIONS

-r inputfile Read input data from inputfile. Default is read from stdin. -R expr Read input from a sequence of files in the same directory. expr may be one of: /any/dir Read recursively all files in directory dir. /dir/file Read all files beginning with file. /dir/file1:file2 Read all files from file1 to file2. Note: files are read in alphabetical sequence. -M expr Read input from multiple directories. expr looks like: /any/path/to/dir1:dir2:dir3 etc. and will be expanded to the directories: /any/path/to/dir1, /any/path/to/dir2 and /any/path/to/dir3 Any number of colon separated directories may be given. The files to read are specified by -r or -R and are expected to exist in all the given directories. The options -r and -R must not contain any directory part when used in conjunction with -M. -w outputfile If specified writes anonymised netflow records to outputfile. -K key The key is used to initialize the Rijndael cipher. key is either a 32 character string, or a 64 hex digit string starting with 0x.

RETURN VALUE

Returns 0 No error. 255 Initialization failed. 250 Internal error.

NOTES

None.

SEE ALSO

nfdump(1)

BUGS

2009-09-09 nfexpire(1)

Search: Section: