Vflow 1.0.3

data/README

@@ -0,0 +1,95 @@
+$Id: README,v 1.5 2004/12/13 11:13:18 jeffm Exp $
+
+vflow is an attempt at a ruby replacement for the perl Cflow or python pyflowtool
+modules. This is beta and should be safe for limited use it passes testing by the
+vftest.rb script.
+
+Installation
+============
+To install do the following, when installing from gem,
+
+gem install vflow
+
+If installing manually from tar.gz file,
+
+cd ext
+ruby extconf.rb
+make
+make install
+
+If your flow-tools headers and libraries are not in a common path you can use
+
+--with-ft-include-dir=<include file directory>
+and
+--with-ft-lib-dir=<library directory>
+
+as arguments to extconf.rb to specify the paths.
+
+vftest.rb    prints flow data from testdata/dummy_flow file
+vfprofile.rb profiles vflow processing the dummy_flow file
+
+The following methods are defined as part of vflow
+new()
+ Creates and returns a vflow object	
+open(filename)
+ Open file of filename which has been created by flow-tools for reading.
+ If a block is given, the file will be automatically closed at the end of the block
+close()
+ Close the current file
+currentfile()
+ return the name of the current file being read from.
+next()
+ Returns a vflowrec object containing the values of the next entry in the file.
+each()
+ This loops over all entries from the current position calling the associated
+ block. See the example below.
+
+Example 1
+=========
+require 'Vflow'
+vf = Vflow.new()
+vf.open('aflowfile')
+vf.each() { |r|
+	# do something
+}
+vf.close()
+
+Example 2 
+=========
+require 'Vflow'
+vf = Vflow.new()
+vf.open('aflowfile') {
+  vf.each { |r|
+         #do something
+  }
+}
+
+To Do
+=====
+modify open() to take an array of filenames and automatically interate from
+the end of one to the start of annother.
+modify open() to take directory names and iterate over each file in the given
+a directory.
+add method to extract header info
+add method to get flow version
+
+
+Changes
+=======
+0.3a
+Patched Vflow.c so #open will take blocks (jeffw@globaldial.com)
+Altered extconf.rb to use arbitrary paths for ft-lib (jeffw@globaldial.com)
+Altered extconf.rb to give errors on missing libraries (jeffw@globaldial.com)
+Altered extconf.rb to use flow-tools from path /usr/local/netflow automatically.
+Created vflow.gemspec and gem file.
+
+Thanks
+======
+Thanks go to the following people,
+
+jpietsch@amazon.com for complaining about it not working. So I know at least one other person is using 
+this library ;-).
+
+jeffw@globaldial.com for his patch so #open could use blocks and altering extconf.rb to give error
+messages and work with the flow-tools library and includes not being in the library path. 
+

data/Rakefile

@@ -0,0 +1,72 @@
+require 'rake/gempackagetask'
+#require 'rake/contrib/rubyforgepublisher'
+require 'rake/clean'
+require 'rake/rdoctask'
+require "benchmark"
+
+PKG_NAME = "Vflow"
+PKG_VERSION   = "1.0.3"
+PKG_FILE_NAME = "#{PKG_NAME}-#{PKG_VERSION}"
+PKG_FILES = FileList[
+  '[A-Z]*',
+  'lib/**/*.rb', 
+  'spec/**/*.rb',
+  'tests/*.rb',
+  'ext/*.c',
+  'ext/*.h',
+  'ext/*.rb'
+]
+CLEAN.include(
+  "ext/*.o",
+  "ext/*.bundle",
+  "ext/*.so"  
+)
+CLOBBER.include(
+  "doc/coverage"
+)
+
+task :default => [:compile]
+
+desc 'Generate RDoc'
+rd = Rake::RDocTask.new do |rdoc|
+  rdoc.rdoc_dir = 'doc/rdoc'
+  rdoc.options << '--title' << 'bcrypt-ruby' << '--line-numbers' << '--inline-source' << '--main' << 'README'
+  rdoc.template = ENV['TEMPLATE'] if ENV['TEMPLATE']
+  rdoc.rdoc_files.include('README')
+end
+
+spec = Gem::Specification.new do |s|
+  s.name = PKG_NAME
+  s.version = PKG_VERSION
+  s.summary = "Flowtools binding"
+  s.description = <<-EOF
+    Ruby bindings for VFlow
+  EOF
+
+  s.files = PKG_FILES.to_a
+  s.require_path = 'lib'
+
+  s.has_rdoc = true
+  s.rdoc_options = rd.options
+  s.extra_rdoc_files = rd.rdoc_files.to_a
+  
+  s.extensions = FileList["ext/extconf.rb"].to_a
+  
+  s.authors = ["HZ, gem packed by Antti"]
+  s.email = "hz@hz.com"
+  s.homepage = "http://rubyforge.org"
+end
+
+Rake::GemPackageTask.new(spec) do |pkg|
+  pkg.need_zip = true
+  pkg.need_tar = true
+end
+
+desc "Clean, then compile the extension."
+task :compile => [:clean] do
+  Dir.chdir('./ext')
+  sh "ruby extconf.rb"
+  sh "make"
+  Dir.chdir('..')
+end
+

data/ext/Vflow.c

@@ -0,0 +1,522 @@
+/*
+ * $Id: Vflow.c,v 1.5 2004/12/13 11:13:18 jeffm Exp $
+ *
+ * Example script,
+ *    vf = vflow.new()
+ *    vf.open(afile)
+ *    vf.find() { |r|
+ *      # do something with entry.
+ *    }
+ *    vf.close()
+ *
+ *
+ */
+#include "ruby.h"
+#include <sys/types.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <ftconfig.h>
+#include <ftlib.h>
+#include <strings.h>
+
+typedef struct vf_data_struct {
+  char *current_file;
+  int fd;
+  struct ftio ftio_data;
+  struct ftver ftv;
+  struct fts3rec_offsets ftoffsets;
+} vf_type;
+
+static VALUE vf_info_free(void *p) {
+  xfree(((vf_type *)p)->current_file);
+  xfree(p);
+}
+
+/* Mapping acsii string to values.
+ * Should have been able to use
+ *   struct ftxfield_table ftxfield_table[]
+ * from flow-tools lib/ftxfield.c but this is not
+ * in the same order as
+ *    struct fts3rec_offsets
+ * in flow-tool's ftlib.h which make calculation
+ * for converstions difficult see
+ * vfr_init() and vfr_fts3rec_to_vfrec below
+ */
+struct vfr_mapfields {
+  char *name;
+  u_int64 val;
+  VALUE (*getter)();
+  VALUE (*setter)();
+};
+
+// needed by libft.a
+int debug = 0;
+
+// Are these type identifiers?
+VALUE vflow;
+VALUE vflowrec;
+
+/********* vflowrec ************
+ * vflowrec is a pure ruby object to hold
+ * the infomation normally held by
+ * struct fts3rec_all in flow-tools
+ */
+
+/* private function to create a vfrec
+ * input:
+ *  struct ftio
+ *  struct fts3rec_offsets
+ *
+ * returns:
+ *  ruby object vfrec
+ */
+
+/*********** vflowrec ******/
+typedef struct vfr_data_struct {
+  char *rec;
+  struct ftio ftio_data;
+  struct fts3rec_offsets offsets;
+} vfr_type;
+
+void vfr_copy_data(VALUE vfr_obj, char *r, struct ftio *fdata, struct fts3rec_offsets *o) {
+  vfr_type  *info;
+  Data_Get_Struct(vfr_obj, vfr_type, info);
+  info->rec = xmalloc(fdata->rec_size);
+  memcpy(info->rec,r, fdata->rec_size);
+  memcpy(&info->ftio_data,fdata,sizeof(struct ftio));
+  memcpy(&info->offsets, o, sizeof(struct fts3rec_offsets));
+}
+
+static VALUE vfr_info_free(void *p) {
+  xfree(((vfr_type *)p)->rec);
+  xfree(p);
+}
+
+//initialize()
+static VALUE vfr_init(VALUE rbself) {
+  return rbself;
+}
+
+static VALUE vfr_alloc(VALUE klass) {
+  vfr_type *info = xmalloc(sizeof(vfr_type));
+  VALUE vfr_info = Data_Wrap_Struct(klass, NULL, vfr_info_free, info);
+  return vfr_info;
+}
+
+// new()
+static VALUE vfr_new(VALUE klass) {
+  VALUE obj = rb_funcall2(klass, rb_intern("allocate"), 0, 0);
+  rb_obj_call_init(obj, 0, NULL);
+  return obj;
+}
+
+#define VFR_EXTRACT8(INFO,XFIELD,NAME)   Data_Get_Struct(rbself, vfr_type, INFO);\
+  if (!ftio_check_xfield(&INFO->ftio_data, XFIELD)) {\
+    return INT2NUM(*(u_int8*)(INFO->rec + (INFO->offsets).NAME));\
+  }\
+  return Qnil;\
+
+#define VFR_EXTRACT16(INFO,XFIELD,NAME)   Data_Get_Struct(rbself, vfr_type, INFO);\
+  if (!ftio_check_xfield(&INFO->ftio_data, XFIELD))\
+    return INT2NUM(*(u_int16*)(INFO->rec + (INFO->offsets).NAME));\
+  return Qnil;\
+
+#define VFR_EXTRACT32(INFO,XFIELD,NAME)   Data_Get_Struct(rbself, vfr_type, INFO);\
+  if (!ftio_check_xfield(&INFO->ftio_data, XFIELD)) {\
+    u_int64 tmp64 = *(u_int32*)(INFO->rec + (INFO->offsets).NAME);\
+    return INT2NUM(tmp64);\
+  }\
+  return Qnil;\
+
+#define VFR_EXTRACTADDR(INFO,XFIELD,NAME)   Data_Get_Struct(rbself, vfr_type, INFO);\
+  if (!ftio_check_xfield(&INFO->ftio_data, XFIELD)) {\
+    return INT2NUM(*(u_int32*)(INFO->rec + (INFO->offsets).NAME));\
+  }\
+  return Qnil;\
+
+
+// vfr_unix_secs
+static VALUE vfr_unix_secs(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info,FT_XFIELD_UNIX_SECS,unix_secs)
+}
+
+// vfr_unix_nsecs
+static VALUE vfr_unix_nsecs(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info,FT_XFIELD_UNIX_NSECS,unix_nsecs);
+}
+
+// vfr_sysuptime
+static VALUE vfr_sysuptime(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info,FT_XFIELD_SYSUPTIME,sysUpTime);
+}
+
+static VALUE vfr_exaddr(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACTADDR(info,FT_XFIELD_EXADDR,exaddr)
+}
+
+static VALUE vfr_srcaddr(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACTADDR(info,FT_XFIELD_SRCADDR,srcaddr)
+}
+
+static VALUE vfr_dstaddr(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACTADDR(info,FT_XFIELD_DSTADDR,dstaddr)
+}
+static VALUE vfr_nexthop(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACTADDR(info,FT_XFIELD_NEXTHOP,nexthop)
+}
+
+static VALUE vfr_input(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT16(info, FT_XFIELD_INPUT,input)
+}
+
+static VALUE vfr_output(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT16(info, FT_XFIELD_OUTPUT,output)
+}
+
+static VALUE vfr_dflows(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_DFLOWS, dFlows)
+}
+
+static VALUE vfr_dpkts(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_DPKTS, dPkts);
+}
+
+static VALUE vfr_doctets(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_DPKTS, dOctets);
+}
+
+static VALUE vfr_first(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_FIRST, First);
+}
+
+static VALUE vfr_last(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_LAST, Last);
+}
+
+static VALUE vfr_srcport(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT16(info, FT_XFIELD_SRCPORT, srcport);
+}
+
+static VALUE vfr_dstport(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT16(info, FT_XFIELD_DSTPORT, dstport);
+}
+
+static VALUE vfr_prot(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_PROT, prot);
+}
+
+static VALUE vfr_tos(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_TOS, tos);
+}
+
+static VALUE vfr_tcp_flags(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_TCP_FLAGS, tcp_flags);
+}
+
+static VALUE vfr_engine_type(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_ENGINE_TYPE, engine_type);
+}
+
+static VALUE vfr_engine_id(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_ENGINE_ID, engine_id);
+}
+
+static VALUE vfr_src_mask(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_SRC_MASK, src_mask);
+}
+
+static VALUE vfr_dst_mask(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_DST_MASK, dst_mask);
+}
+
+static VALUE vfr_src_as(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT16(info, FT_XFIELD_SRC_AS, src_as);
+}
+
+static VALUE vfr_dst_as(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT16(info, FT_XFIELD_DST_AS, dst_as);
+}
+
+static VALUE vfr_in_encaps(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_IN_ENCAPS, in_encaps);
+}
+
+static VALUE vfr_out_encaps(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_OUT_ENCAPS, out_encaps);
+}
+
+static VALUE vfr_peer_nexthop(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACTADDR(info, FT_XFIELD_PEER_NEXTHOP, peer_nexthop);
+}
+
+static VALUE vfr_router_sc(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_ROUTER_SC, router_sc);
+}
+
+static VALUE vfr_src_tag(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_SRC_TAG, src_tag);
+}
+
+static VALUE vfr_dst_tag(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_DST_TAG, dst_tag);
+}
+
+static VALUE vfr_extra_pkts(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT32(info, FT_XFIELD_EXTRA_PKTS, extra_pkts);
+}
+
+static VALUE vfr_marked_tos(VALUE rbself) {
+  vfr_type *info;
+  VFR_EXTRACT8(info, FT_XFIELD_MARKED_TOS, marked_tos);
+}
+
+static VALUE vfr_start_time(VALUE rbself) {
+  vfr_type *info;
+
+  Data_Get_Struct(rbself, vfr_type, info);
+  
+  if (!ftio_check_xfield(&info->ftio_data,
+			 FT_XFIELD_SYSUPTIME |
+			 FT_XFIELD_UNIX_SECS)) {
+    struct fttime ftt = ftltime(*(u_int32*)(info->rec + (info->offsets).sysUpTime),
+				*(u_int32*)(info->rec + (info->offsets).unix_secs),
+				*(u_int32*)(info->rec + (info->offsets).unix_nsecs),
+				*(u_int32*)(info->rec + (info->offsets).First));
+    return INT2NUM(ftt.secs);
+  }
+  return Qnil;
+}
+
+static VALUE vfr_end_time(VALUE rbself) {
+  vfr_type *info;
+
+  Data_Get_Struct(rbself, vfr_type, info);
+  
+  if (!ftio_check_xfield(&info->ftio_data,
+			 FT_XFIELD_SYSUPTIME |
+			 FT_XFIELD_UNIX_SECS)) {
+    struct fttime ftt = ftltime(*(u_int32*)(info->rec + (info->offsets).sysUpTime),
+				*(u_int32*)(info->rec + (info->offsets).unix_secs),
+				*(u_int32*)(info->rec + (info->offsets).unix_nsecs),
+				*(u_int32*)(info->rec + (info->offsets).First));
+    return INT2NUM(ftt.secs);
+  }
+  return Qnil;
+}
+
+
+// declare methods to ruby
+void Init_Vflowrec() {
+  vflowrec = rb_define_class("Vflowrec", rb_cObject);
+#if HAVE_RB_DEFINE_ALLOC_FUNC
+  rb_define_alloc_func(vflowrec, vfr_alloc);
+#else
+  rb_define_singleton_method(vflowrec, "allocate", vfr_alloc, 0);
+#endif
+  rb_define_singleton_method(vflowrec, "new", vfr_new, 0);
+  rb_define_method(vflowrec, "initialize", vfr_init, 0);
+  rb_define_method(vflowrec, "unix_secs", vfr_unix_secs, 0);
+  rb_define_method(vflowrec, "unix_nsecs", vfr_unix_nsecs, 0);
+  rb_define_method(vflowrec, "sysuptime", vfr_sysuptime, 0);
+  rb_define_method(vflowrec, "exaddr", vfr_exaddr, 0);
+  rb_define_method(vflowrec, "srcaddr", vfr_srcaddr, 0);
+  rb_define_method(vflowrec, "dstaddr", vfr_dstaddr,  0);
+  rb_define_method(vflowrec, "nexthop", vfr_nexthop, 0);
+  rb_define_method(vflowrec, "input", vfr_input, 0);
+  rb_define_method(vflowrec, "output", vfr_output, 0);
+  rb_define_method(vflowrec, "dflows", vfr_dflows, 0);
+  rb_define_method(vflowrec, "dpkts", vfr_dpkts, 0);
+  rb_define_method(vflowrec, "doctets", vfr_doctets, 0);
+  rb_define_method(vflowrec, "first", vfr_first, 0);
+  rb_define_method(vflowrec, "last", vfr_last, 0);
+  rb_define_method(vflowrec, "srcport", vfr_srcport, 0);
+  rb_define_method(vflowrec, "dstport", vfr_dstport, 0);
+  rb_define_method(vflowrec, "prot", vfr_prot, 0);
+  rb_define_method(vflowrec, "tos", vfr_tos, 0);
+  rb_define_method(vflowrec, "tcp_flags", vfr_tcp_flags, 0);
+  rb_define_method(vflowrec, "engine_type", vfr_engine_type, 0);
+  rb_define_method(vflowrec, "engine_id", vfr_engine_id, 0);
+  rb_define_method(vflowrec, "src_mask", vfr_src_mask, 0);
+  rb_define_method(vflowrec, "dst_mask", vfr_dst_mask, 0);
+  rb_define_method(vflowrec, "src_as", vfr_src_as, 0);
+  rb_define_method(vflowrec, "dst_as", vfr_dst_as, 0);
+  rb_define_method(vflowrec, "in_encaps", vfr_in_encaps, 0);
+  rb_define_method(vflowrec, "out_encaps", vfr_out_encaps, 0);
+  rb_define_method(vflowrec, "peer_nexthop", vfr_peer_nexthop, 0);
+  rb_define_method(vflowrec, "router_sc", vfr_router_sc, 0);
+  rb_define_method(vflowrec, "src_tag", vfr_src_tag, 0);
+  rb_define_method(vflowrec, "dst_tag", vfr_dst_tag, 0);
+  rb_define_method(vflowrec, "extra_pkts", vfr_extra_pkts, 0);
+  rb_define_method(vflowrec, "marked_tos", vfr_marked_tos, 0);
+  rb_define_method(vflowrec, "start_time", vfr_start_time, 0);
+  rb_define_method(vflowrec, "end_time", vfr_end_time, 0);
+
+}
+
+/*********** vflow ********/
+// initialize()
+static VALUE vf_init(VALUE rbself) {
+  return rbself;
+}
+
+static VALUE vf_alloc(VALUE klass) {
+  VALUE vf_info;
+  vf_type *info = xmalloc(sizeof(vf_type));
+  info->current_file = NULL;    /* set to sensible defaults */
+  vf_info = Data_Wrap_Struct(klass, NULL, vf_info_free, info);
+  return vf_info;
+}
+
+// new()
+static VALUE vf_new(VALUE klass) {
+  VALUE obj = rb_funcall2(klass, rb_intern("allocate"), 0, 0);
+  rb_obj_call_init(obj, 0, NULL);
+  return obj;
+}
+
+// header() - return header of current file
+static VALUE vf_header(VALUE rbself) {
+
+}
+
+// currentfile() 
+static VALUE vf_currentfile(VALUE rbself) {
+  vf_type *info;
+  Data_Get_Struct(rbself, vf_type, info);
+  return rb_str_new2(info->current_file);
+}
+
+// close one file
+static VALUE vf_close(VALUE rbself) {
+  vf_type *info;
+
+  Data_Get_Struct(rbself, vf_type, info);
+  ftio_close(&info->ftio_data);  // FIXME: should check return code
+  close(info->fd);
+  free(info->current_file);
+  info->fd = 0;
+}
+
+/* open(string)
+ * opens a single file for reading
+ */
+static VALUE vf_open(VALUE rbself, VALUE file) {
+  struct stat statdata;
+  int fd;
+  vf_type *info;
+
+  Data_Get_Struct(rbself, vf_type, info);
+  if (rb_type(file) == T_STRING) {
+    info->current_file = STR2CSTR(file);
+
+    /* determine file type */
+    if ((fd = open(info->current_file, O_RDONLY, 0)) < 0)
+      rb_raise(rb_eIOError, "Cannot open file: %s", info->current_file);
+    info->fd = fd;
+    if (fstat(fd, & statdata) < 0)
+      rb_raise(rb_eIOError, "Cannot stat file: %s", info->current_file);
+
+    if (!S_ISREG(statdata.st_mode)) {
+      rb_raise(rb_eIOError, "File Type (0x%x) not handled for file %s",
+	       statdata.st_mode, info->current_file);
+    }
+
+    if (ftio_init(&info->ftio_data, fd, FT_IO_FLAG_READ) < 0)
+      rb_raise(rb_eIOError, "ftio_init() error");
+
+    // store values needed to make calls to ftio_read and alike
+    ftio_get_ver(&info->ftio_data, &info->ftv);
+    fts3rec_compute_offsets(&info->ftoffsets, &info->ftv);
+
+    /* If we have a block, yield and close after */
+    if (rb_block_given_p())
+      return rb_ensure(rb_yield, rbself, vf_close, rbself);
+    else
+      return rbself;
+  }
+  rb_raise(rb_eTypeError,"Not a string");
+}
+
+// next() - return next entry in file
+static VALUE vf_next(VALUE rbself) {
+  char *ent;
+  struct fts3rec_all cur;
+  vf_type *info;
+  VALUE vfr;
+
+  Data_Get_Struct(rbself, vf_type, info);
+  
+  if ((ent = ftio_read(&info->ftio_data)) == NULL) 
+    return Qnil;
+  // create flow record object
+  //  return vfr_fts3rec_to_vfrec(ent, &info->ftio_data, &info->ftoffsets);
+  vfr = rb_funcall2(vflowrec,rb_intern("new"),0,0);
+  vfr_copy_data(vfr, ent, &info->ftio_data, &info->ftoffsets);
+  return vfr;
+}
+
+
+/* for each recoard call block
+ * Examples,
+ *    each() {|flowrec| ....}
+ */
+static VALUE vf_each(VALUE rbself) {
+  VALUE vfr_rec;
+
+  // debugging
+  //ftio_header_print(&info->ftio_data, stdout, 'f');
+  while ((vfr_rec = vf_next(rbself)) != Qnil) {
+    rb_yield(vfr_rec);     // call block
+  }
+  return Qnil;
+}
+
+
+void Init_Vflow() {
+  Init_Vflowrec();
+  vflow = rb_define_class("Vflow", rb_cObject);
+#if HAVE_RB_DEFINE_ALLOC_FUNC
+  rb_define_alloc_func(vflow, vf_alloc);
+#else
+  rb_define_singleton_method(vflow, "allocate", vf_alloc, 0);
+#endif
+  rb_define_singleton_method(vflow, "new", vf_new, 0);
+  rb_define_method(vflow, "initialize", vf_init, 0);
+  rb_define_method(vflow, "currentfile", vf_currentfile, 0);
+  rb_define_method(vflow, "open", vf_open, 1);
+  rb_define_method(vflow, "close", vf_close, 0);
+  rb_define_method(vflow, "next", vf_next, 0);
+  rb_define_method(vflow, "each", vf_each, 0);
+}

data/ext/extconf.rb

@@ -0,0 +1,38 @@
+require 'mkmf'
+
+$CFLAGS="-O3 -pipe"
+
+#default location for netflow flowtools library and includes
+NETFLOW_DIR='/usr/local'
+
+if File.directory?(NETFLOW_DIR)
+  dir_config("ft", "#{NETFLOW_DIR}/include/", "#{NETFLOW_DIR}/lib/")
+  $CFLAGS += " -I#{NETFLOW_DIR}/include/"
+  $LDFLAGS += " -L#{NETFLOW_DIR}/lib/"
+end
+
+# check for special include and lib dirs
+incdir = with_config("ft-include-dir")
+if incdir
+	$CFLAGS += " -I#{incdir}"
+	puts "Using include dir: #{incdir}"
+end
+
+libdir = with_config("ft-lib-dir")
+if libdir
+	$LDFLAGS += " -L#{libdir}"
+	puts "Using lib dir: #{libdir}"
+end
+
+# check for our libraries
+unless have_library("z")
+	puts "You must have libz!"
+	exit 1
+end
+unless have_library("ft")
+	puts "You must have libft!"
+	exit 1
+end
+
+# make the Makefile
+create_makefile('Vflow')

data/tests/vfprofile.rb

@@ -0,0 +1,32 @@
+#!/usr/bin/ruby 
+#
+# $Id: vfprofile.rb,v 1.1 2004/12/13 11:13:18 jeffm Exp $
+#
+$LOAD_PATH.unshift File.join(File.dirname(__FILE__), "..","ext")
+require 'Vflow'
+require 'socket'
+require 'profile'
+
+TESTFILE='testdata/dummy_flow'
+
+puts "+++ get new()"
+x = Vflow.new()
+
+puts "+++ open a file"
+x.open(TESTFILE) do
+
+  puts "+++ each"
+  count = 0
+  total_pkts, total_flows, total_octets = 0,0,0
+  x.each() {|r|
+    count += 1
+    # do some realistic-ish calculations
+    r.dpkts and total_pkts += r.dpkts
+    r.dflows and total_flows += r.dflows
+    r.doctets and total_octets += r.doctets
+  }
+
+  puts "pkts: #{total_pkts} flows: #{total_flows} octets: #{total_octets}"
+end
+
+puts "=== End of Tests ===";

data/tests/vftest.rb

@@ -0,0 +1,73 @@
+#!/usr/bin/ruby 
+#
+# $Id: vftest.rb,v 1.6 2004/12/13 11:13:18 jeffm Exp $
+#
+$LOAD_PATH.unshift File.join(File.dirname(__FILE__), "..","ext")
+require 'Vflow'
+require 'socket'
+
+TESTFILE='testdata/dummy_flow'
+
+def dumpvflowrec(r)
+  puts "=============="
+  puts "have #{r.class}"
+  puts "start_time:  #{Time.at(r.start_time)} end_time: #{Time.at(r.end_time)}"
+  puts "unix_secs #{Time.at(r.unix_secs)} unix_nsecs #{r.unix_nsecs}"
+  puts "sysuptime #{r.sysuptime}"
+  puts "exaddr    #{IPSocket.getaddress(r.exaddr)}"
+  print "srcaddr  #{IPSocket.getaddress(r.srcaddr)} -> "
+  puts  "dstaddr  #{IPSocket.getaddress(r.dstaddr)}"
+  puts "nexthop   #{IPSocket.getaddress(r.nexthop)}"
+  puts "input     #{r.input} output #{r.output}"
+  puts "dflows    #{r.dflows}"
+  puts "dpkts #{r.dpkts} doctets #{r.doctets}"
+  puts "first     #{r.first}  last  #{r.last}"
+  puts "srcport   #{r.srcport} dstport #{r.dstport}"
+  puts "prot      #{r.prot}    tos #{r.tos}"
+  puts "engine_type #{r.engine_type} engine_id #{r.engine_id}"
+  puts "src_mask  #{r.src_mask} dst_mask #{r.dst_mask}"
+  puts "src_as    #{r.src_as}   dst_as #{r.dst_as}"
+  puts "in_encaps #{r.in_encaps}"
+  puts "out_encaps #{r.out_encaps}"
+  if r.peer_nexthop then
+    puts "peer_nexthop #{IPSocket.getaddress(r.peer_nexthop)}"
+  else
+    puts "peer_nexthop nil"
+  end
+  puts "router_sc #{r.router_sc}"
+  puts "src_tag   #{r.src_tag} dst_tag #{r.dst_tag}"
+  puts "extra_pkts #{r.extra_pkts} marked_tos #{r.marked_tos}"
+end
+
+puts "+++ get new()"
+x = Vflow.new()
+
+puts "+++ open a file"
+x.open(TESTFILE)
+
+puts "+++ currentfile"
+puts x.currentfile()
+
+puts "+++ next"
+dumpvflowrec(x.next)
+puts "+++ next (again)"
+dumpvflowrec(x.next)
+
+puts "+++ each"
+count = 0
+x.each() {|r|
+  dumpvflowrec(r)
+  count += 1
+  puts count
+}
+
+puts "+++ close a file"
+x.close()
+
+print "---- bad call to open "
+begin
+  x.open(1)
+rescue TypeError => detail
+  puts "received expected error(TypeError) good"
+end
+puts "=== End of Tests ===";

metadata

@@ -0,0 +1,63 @@
+--- !ruby/object:Gem::Specification 
+name: Vflow
+version: !ruby/object:Gem::Version 
+  version: 1.0.3
+platform: ruby
+authors: 
+- HZ, gem packed by Antti
+autorequire: 
+bindir: bin
+cert_chain: []
+
+date: 2009-02-11 00:00:00 +02:00
+default_executable: 
+dependencies: []
+
+description: Ruby bindings for VFlow
+email: hz@hz.com
+executables: []
+
+extensions: 
+- ext/extconf.rb
+extra_rdoc_files: 
+- README
+files: 
+- Rakefile
+- README
+- tests/vftest.rb
+- tests/vfprofile.rb
+- ext/Vflow.c
+- ext/extconf.rb
+has_rdoc: true
+homepage: http://rubyforge.org
+post_install_message: 
+rdoc_options: 
+- --title
+- bcrypt-ruby
+- --line-numbers
+- --inline-source
+- --main
+- README
+require_paths: 
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+required_rubygems_version: !ruby/object:Gem::Requirement 
+  requirements: 
+  - - ">="
+    - !ruby/object:Gem::Version 
+      version: "0"
+  version: 
+requirements: []
+
+rubyforge_project: 
+rubygems_version: 1.3.1
+signing_key: 
+specification_version: 2
+summary: Flowtools binding
+test_files: []
+