Difference between revisions of "IDS: cicflowmeter.py"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (Created page with "Installation git clone https://gitlab.com/hieulw/cicflowmeter cd cicflowmeter python setup.py install or pip install cicflowmeter Usage usage: cicflowmeter [-h] (-i...") |
Onnowpurbo (talk | contribs) |
||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
Installation | Installation | ||
− | git clone https:// | + | git clone https://github.com/datthinh1801/cicflowmeter.git |
cd cicflowmeter | cd cicflowmeter | ||
− | + | python3 setup.py install | |
− | |||
− | |||
− | |||
Usage | Usage | ||
Line 21: | Line 18: | ||
-f INPUT_FILE capture offline data from INPUT_FILE | -f INPUT_FILE capture offline data from INPUT_FILE | ||
-c, --csv, --flow output flows as csv | -c, --csv, --flow output flows as csv | ||
− | |||
− | |||
Sniff packets real-time from interface to flow csv: (need root permission) | Sniff packets real-time from interface to flow csv: (need root permission) | ||
− | cicflowmeter -i | + | cicflowmeter -i enp0s3 -c flows.csv |
+ | |||
+ | |||
+ | Convert pcap file to flow csv: | ||
+ | tcpdump -i enp0s3 -s 65535 -w hasil-capture.pcap | ||
+ | cicflowmeter -f hasil-capture.pcap -c flows.csv | ||
Latest revision as of 11:42, 21 April 2022
Installation
git clone https://github.com/datthinh1801/cicflowmeter.git cd cicflowmeter python3 setup.py install
Usage
usage: cicflowmeter [-h] (-i INPUT_INTERFACE | -f INPUT_FILE) [-c] [-u URL_MODEL] output
positional arguments:
output output file name (in flow mode) or directory (in sequence mode)
optional arguments:
-h, --help show this help message and exit -i INPUT_INTERFACE capture online data from INPUT_INTERFACE -f INPUT_FILE capture offline data from INPUT_FILE -c, --csv, --flow output flows as csv
Sniff packets real-time from interface to flow csv: (need root permission)
cicflowmeter -i enp0s3 -c flows.csv
Convert pcap file to flow csv:
tcpdump -i enp0s3 -s 65535 -w hasil-capture.pcap cicflowmeter -f hasil-capture.pcap -c flows.csv