DragonFly On-Line Manual Pages

Search: Section:  

nfexpire(1)                                                        nfexpire(1)


NAME

       nfanon - netflow anonymisation


SYNOPSIS

       nfanon [options]


DESCRIPTION

       nfanon is used to anonymise all IP addresses ( src, dst, next hop,
       router IP etc. ) in the netflow records using the CryptoPAn
       (Cryptography-based  Prefix-preserving Anonymization) module. The key
       -K is used to initialize the Rijndael cipher.  The key is either a 32
       character string, or a 64 hex digit string starting with 0x.

          See http://www.cc.gatech.edu/computing/Telecomm/cryptopan/ for more
          information about CryptoPAn.

       nfanon has several modes of operation.

       o nfanon reads a sequence of input files, specified by -r, -R and -M
       and anonymises the flows in the given files. The input file arguments
       have the same syntax and meaning as nfdump(1).

       o nfanon reads a sequence of input files, specified by -r, -R and -M.
       All anonymised flows are written to a single file specified by -w.

       o nfanon works as filter and reads flows from stding and writes the
       anonymised flows to stdout.


OPTIONS

       -r inputfile
          Read input data from inputfile. Default is read from stdin.

       -R expr
          Read input from a sequence of files in the same directory. expr may
          be one of:
           /any/dir          Read recursively all files in directory dir.
           /dir/file         Read all files beginning with file.
           /dir/file1:file2  Read all files from file1 to file2.

           Note: files are read in alphabetical sequence.

       -M expr
          Read input from multiple directories. expr looks like:
          /any/path/to/dir1:dir2:dir3 etc. and will be expanded to the
          directories: /any/path/to/dir1, /any/path/to/dir2 and
          /any/path/to/dir3 Any number of colon separated directories may be
          given. The files to read are specified by -r or -R and are expected
          to exist in all the given directories.  The options -r and -R must
          not contain any directory part when used in conjunction with -M.

       -w outputfile
          If specified writes anonymised netflow records to outputfile.

       -K key
          The key is used to initialize the Rijndael cipher. key is either a
          32 character string, or a 64 hex digit string starting with 0x.


RETURN VALUE

       Returns
           0   No error.
           255 Initialization failed.
           250 Internal error.


NOTES

       None.


SEE ALSO

       nfdump(1)


BUGS


                                  2009-09-09                       nfexpire(1)

Search: Section: