bitkeks
commented
3 years ago Hi! Thank you for the MR! I'll have to test this.
Could you please add the new options class to __all__?
Closed j-licht closed 3 years ago
bitkeks
commented
3 years ago Hi! Thank you for the MR! I'll have to test this.
Could you please add the new options class to __all__?
bitkeks
commented
3 years ago Thanks for the contribution! Good patch :+1:, missing handling of template ID 1 might have had some side effects.
j-licht
commented
3 years ago Hm this was not the intention of my PR. My problem is: I get a ExportPacket with Data and OptionDataFlowRecords and the packet is not parsed because the template is not know. Without parsing Option Template Flow Sets these templates IDs never get known. I can send you a tcpdump, if you want. The data is simply created by ipt-NETFLOW Kernel Module.
Or did I missed something?
bitkeks
commented
3 years ago Ah I see, sorry for that!
So we had two problems before the patch:
You wanted to fix problem 2, and I fixed problem 1 :smile: I'll re-add your fix! Could you please send me your dump? My mail address is in the README
Implement a simple parsing of OptionTemplates of Netflow v9 to get know which Template ID is associated with OptionData. But just ignore DataSets with Options for now.