flow-split
flow-split-non
flow-as-if
flow-cidr

----------------------------------------------

Miguel A.L. Paraz <map@internet.org.ph>
Mandaluyong City, Metro Manila, Philippines
March 6, 2001

William Emmanuel S. Yu <william.s.yu@ieee.org>
Pasay City, Metro Manila, Philippines
April 5, 2001

NOTE: the scripts folder contains some miscellaneous scripts
that are potentially useful for monitoring traffic and 
manipulating data files.

----------------------------------------------
flow-split

While the rest of the flow-tools follow a "pipeline" philosophy, I found it
necessary to to be able to split flow data into many files matching certain
criteria.  My immediate need was to split it according to destination IP 
network, so that I could analyze the new files separately.

flow-split description-file < flow-file

or

flow-cat flow-file ... | flow-split description-file

Where description-file is currently a plain text file with:

file1 prefix1 prefix2 prefix3 ...
file2 prefix1 prefix2 prefix3 ...
...

For example:

lan1 192.168.0.0/24 192.168.2.0/24
lan2 192.168.1.0/24 192.168.3.0/24


Right now everything there must be separated by a single space, no multiple
spaces nor tabs.  (I appreciate it if someone could clean that up.)

This was built and tested on Red Hat Linux 7.  It depends on the C code Dave 
Plonka's Net::Patricia perl module, available at CPAN, which packages up a 
Patricia radix trie function that is used by flow-split to easily identify 
flows.  

----------------------------------------------
flow-split-non

Functions similarly to flow-split, however, it does not use the Patricia trie 
code due to some problems with it. flow-split-non uses a sequential/linear 
search that is potentially very compute intensive as compared to the tree
search of the patricia trie. The description file format is the same as that
of the flow-split code.

Usage:

flow-split -f description-file < flow-file

or

flow-cat flow-file ... | flow-split -f description-file


----------------------------------------------
flow-as-if

This tool generates a report based on the interfaces defined and will
order them according to ASN and source interfaces. The tool will
also group the results into clients based on a description file which
has the same format as the definition file above.

Usage:

flow-cat flow-file ... | flow-as-if -f description-file -i int1,.. [-e] [-c]

----------------------------------------------
flow-cidr

This tools is to function as a part of flow-filter if need. flow-cidr
accepts various options for it to function. This is another filter tool.

Usage:

flow-cidr -f description-file -D name-in-description-file
flow-cidr -i ip-address-block/prefix-lenght

This code is intend to be part of flow-filter.

