IDS: cicflowmeter.py: Difference between revisions
From OnnoCenterWiki
Jump to navigationJump to search
No edit summary |
No edit summary |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Installation | Installation | ||
git clone https://github.com/datthinh1801/cicflowmeter.git | |||
git clone https:// | |||
cd cicflowmeter | cd cicflowmeter | ||
python3 setup.py install | |||
Usage | Usage | ||
| Line 23: | Line 18: | ||
-f INPUT_FILE capture offline data from INPUT_FILE | -f INPUT_FILE capture offline data from INPUT_FILE | ||
-c, --csv, --flow output flows as csv | -c, --csv, --flow output flows as csv | ||
Sniff packets real-time from interface to flow csv: (need root permission) | Sniff packets real-time from interface to flow csv: (need root permission) | ||
| Line 31: | Line 24: | ||
cicflowmeter -i enp0s3 -c flows.csv | cicflowmeter -i enp0s3 -c flows.csv | ||
Convert pcap file to flow csv: | |||
tcpdump -i enp0s3 -s 65535 -w hasil-capture.pcap | |||
cicflowmeter -f hasil-capture.pcap -c flows.csv | |||
Latest revision as of 04:42, 21 April 2022
Installation
git clone https://github.com/datthinh1801/cicflowmeter.git cd cicflowmeter python3 setup.py install
Usage
usage: cicflowmeter [-h] (-i INPUT_INTERFACE | -f INPUT_FILE) [-c] [-u URL_MODEL] output
positional arguments:
output output file name (in flow mode) or directory (in sequence mode)
optional arguments:
-h, --help show this help message and exit -i INPUT_INTERFACE capture online data from INPUT_INTERFACE -f INPUT_FILE capture offline data from INPUT_FILE -c, --csv, --flow output flows as csv
Sniff packets real-time from interface to flow csv: (need root permission)
cicflowmeter -i enp0s3 -c flows.csv
Convert pcap file to flow csv:
tcpdump -i enp0s3 -s 65535 -w hasil-capture.pcap cicflowmeter -f hasil-capture.pcap -c flows.csv
