update SPLT external API to handle flows with all zero length packets

cisco / joy

A package for capturing and analyzing network flow data and intraflow data, for network research, forensics, and security monitoring.

Other

1.3k stars 329 forks source link

update SPLT external API to handle flows with all zero length packets #276

Closed bhudson33 closed 5 years ago

bhudson33 commented 5 years ago

update SPLT external API to handle flows with all zero length packets. Need to send back proper indication in the NetFlow V9 case so that a flow record with all zero length packets doesn't generate an NFv9 record with bogus SPLT data.

Update the test program to verify these changes.