Represents the eight important fields in the ip header that we will use to 'uniquely' identify a packet. More...
Data Fields | |
| uint32_t | src_ip |
| The source IP. More... | |
| uint32_t | dst_ip |
| A Structure which represents the 3 useful bytes of the destination ip. More... | |
| uint16_t | src_port |
| The source port (or ICMP type) More... | |
| uint16_t | dst_port |
| The destination port (or ICMP code) More... | |
| uint8_t | protocol |
| The protocol. More... | |
| uint8_t | ttl |
| The TTL. More... | |
| uint8_t | tcp_flags |
| TCP Flags (excluding NS) More... | |
| uint16_t | ip_len |
| Length of the IP packet (from the IP header) More... | |
| uint32_t | packet_cnt |
| The number of packets that comprise this flowtuple This is populated immediately before the tuple is written out. More... | |
Represents the eight important fields in the ip header that we will use to 'uniquely' identify a packet.
Alberto and i think that most other analysis can be derived from this distribution
This struct will be used as the key for the hash.
Values are stored in network byte order to allow easy (de)serialization Note that since we have a /8, only 3 bytes of the destination IP address are kept (if configured/built with –with-slash-eight)
The 'PACKED' attribute instructs GCC to not do any byte alignment. This allows us to directly write the structure to disk
Definition at line 70 of file corsaro_flowtuple.h.
| uint32_t corsaro_flowtuple::dst_ip |
A Structure which represents the 3 useful bytes of the destination ip.
Definition at line 87 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
| uint16_t corsaro_flowtuple::dst_port |
The destination port (or ICMP code)
Definition at line 94 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
| uint16_t corsaro_flowtuple::ip_len |
Length of the IP packet (from the IP header)
Definition at line 106 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
| uint32_t corsaro_flowtuple::packet_cnt |
The number of packets that comprise this flowtuple This is populated immediately before the tuple is written out.
Definition at line 110 of file corsaro_flowtuple.h.
| uint8_t corsaro_flowtuple::protocol |
The protocol.
Definition at line 97 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
| uint32_t corsaro_flowtuple::src_ip |
The source IP.
Definition at line 73 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
| uint16_t corsaro_flowtuple::src_port |
The source port (or ICMP type)
Definition at line 91 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
| uint8_t corsaro_flowtuple::tcp_flags |
TCP Flags (excluding NS)
Definition at line 103 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
| uint8_t corsaro_flowtuple::ttl |
The TTL.
Definition at line 100 of file corsaro_flowtuple.h.
Referenced by corsaro_flowtuple_hash_func().
![[CAIDA - Center for Applied Internet Data Analysis logo]](https://www.caida.org/images/caida_globe_faded.png)
![[CAIDA]](https://www.caida.org/images/caida_whitewords.png "Go to CAIDA home page"){kind=small}