Merge branch 'master' of https://github.com/CESNET/ipfixprobe into rpm-dpdk

Author: SiskaPavel

ChangeLog

@@ -1,3 +1,14 @@
+2024-10-17 ipfixprobe-4.13.0
+	* usability: introduce docker/podman container to convert PCAP files to CSV
+	* IPFIX: fix order of TCP options flags
+	* basicplus: update TCP options mask across flow packets
+	* utils: introduce memcpy_le32toh() for ipfix representation
+	* wg: fix parsing and exporting byte order (IPFIX)
+	* DPDK-ring: optimization: prefetch; read timestamp from HW metadata if available
+	* cache: optimization - prefetch
+	* IPv6: fix header parsing
+	* DPDK&DPDK-ring: fix use of parse_packet(), skip invalid packets causing crash
+
 2024-08-28 ipfixprobe-4.12.0
 	* ipfix plugin: support lz4 compression
 	* ipfixprobe: possibility to set workers affinity

Doxyfile

@@ -283,7 +283,8 @@ EXTRA_DIST=README.md \
 	pcaps/quic_initial-sample.pcap \
 	debian/control debian/changelog debian/watch debian/copyright debian/patches debian/patches/series \
 	debian/source debian/source/format debian/source/local-options debian/source/include-binaries \
-	debian/rules debian/README.Debian debian/compat
+	debian/rules debian/README.Debian debian/compat \
+	docker/Dockerfile docker/ipfixprobe_wrapper.sh docker/process_script.sh docker/README.md
 
 bashcompl_DATA=ipfixprobe.bash
 
@@ -362,3 +363,7 @@ deb:
 else
 endif
 
+.PHONY: doc
+doc:
+	doxygen
+

Makefile.am

@@ -1,3 +1,23 @@
+2024-10-17 (Tomas Cejka): doc: include generated Doxyfile to create documentation
+2024-10-17 (Tomas Cejka): doc: add doxygen comment for parse_packet()
+2024-10-16 (Jan Sobol): dpdk-ring - fix checking if any packet has actually been parsed
+2024-10-16 (Jan Sobol): dpdk - fix checking if any packet has actually been parsed
+2024-10-02 (Damir Zainullin): Fix IPv6 header parsing
+2024-09-30 (Pavel Šiška): Merge pull request #220 from CESNET/prefetch-optimizations
+2024-09-30 (Pavel Šiška): Merge pull request #219 from CESNET/dpdk-ring-metadata-timestamp
+2024-09-30 (Pavel Šiška): Merge pull request #215 from CESNET/new-version
+2024-09-26 (Jan Sobol): cache - prefetch flow records before checking their expiration
+2024-09-26 (Jan Sobol): dpdk-ring - prefetch dequeued packets before processing
+2024-09-25 (Jan Sobol): dpdk-ring - read timestamp from hw metadata if available
+2024-09-20 (Tomas Cejka): Merge pull request #216 from CESNET/ipfixprobe-docker-wrapper
+2024-09-19 (Tomas Cejka): dist: include docker/ files into distribution archive
+2024-09-19 (Jan Sobol): wg - fix parsing and exporting byte order
+2024-09-19 (Jan Sobol): utils - introduce memcpy_le32toh function
+2024-09-18 (Jan Sobol): basicplus test - fix reference values of tcp options
+2024-09-18 (Jan Sobol): basicplus - update tcp options mask across flow packets
+2024-09-18 (Jan Sobol): parser - fix order of tcp options flags according to ipfix standard https://www.iana.org/assignments/ipfix/ipfix.xhtml, entity 209 - tcpOptions
+2024-09-17 (Jaroslav Pesek): process container - introduce docker/podman container wrapper for processing pcaps to csvs
+
 2024-08-28 (Pavel Siska): ipfixprobed - add new option LZ4_COMPRESSION to init script and config example
 2024-08-28 (Pavel Siska): README.md - add LZ4 compression info
 2024-08-28 (Jakub Antonín Štigler): ipfix plugin: add lz4 compression

NEWS

@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ([2.69])
-AC_INIT([ipfixprobe], [4.12.0], [[email protected]])
+AC_INIT([ipfixprobe], [4.13.0], [[email protected]])
 
 AC_CONFIG_SRCDIR([main.cpp])
 AC_CONFIG_HEADERS([config.h])

configure.ac

@@ -0,0 +1,13 @@
+FROM rockylinux:9
+
+RUN dnf install -y dnf-plugins-core && \
+    dnf copr -y enable @CESNET/NEMEA && \
+    dnf install -y epel-release && \
+    dnf install -y ipfixprobe nemea && \
+    dnf clean all
+
+RUN mkdir -p /output
+WORKDIR /output
+ENTRYPOINT ["/bin/bash", "-c"]
+
+VOLUME ["/output"]

docker/Dockerfile

@@ -18,3 +18,49 @@ To push rpmbuilder image to repository:
 podman push rpmbuilder:latest gitlab.liberouter.org:5050/monitoring/ipfixprobe
 ```
 
+=======
+# ipfixprobe Docker wrapper 
+
+This repository contains a Docker container that processes network traffic from a pcap file using `ipfixprobe`. It accepts a pcap file and a processing script, runs it inside the container, and outputs the results in CSV format.
+
+## Requirements
+ * Docker or Podman
+ * bash
+ * which, mktemp
+
+## Usage
+This container performs the following tasks:
+ 1. Copies a pcap file and processing script into the container.
+ 2.	Runs the ipfixprobe tool to export flows.
+ 3.	Logs the results in CSV format.
+
+### Build
+
+The script builds the image automatically, but be sure that Dockerfile is in the same directory.
+
+To build the manually image, navigate to the directory containing the Dockerfile and run:
+
+```bash
+docker build -t docker_ipfixprobe .
+```
+
+### Run
+To run, use
+    
+```bash
+bash ./ipfixprobe_wrapper.sh <process_script.sh> <input_file.pcap> <output_file.csv>
+```
+
+To process a file `../pcaps/mixed.pcap` using a processing script `process_script.sh` and output the results to `output.csv`, use the following wrapper script:
+
+```bash
+bash ./ipfixprobe_wrapper.sh ./process_script.sh ../pcaps/mixed.pcap ./output.csv
+```
+
+* `process_script.sh` Script for processing the pcap file inside the container.
+* `input_file.pcap` Path to the input pcap file
+* `output_file.csv` Path to the output CSV file
+
+### Volumes
+
+The container uses `/output` as a volume to share files between your host system temporary dir (with `mktemp`) and the container.

docker/README.md

@@ -0,0 +1,62 @@
+#!/bin/bash
+IMAGE_NAME="docker_ipfixprobe"
+
+# Run the ipfixprobe on the input pcap file with defined script, and save the output CSV file to the output path.
+PROCESS_SCRIPT_PATH=$1
+INPUT_FILE_PATH=$2
+OUTPUT_CSV_PATH=$3
+
+if [ -z "$PROCESS_SCRIPT_PATH" ] || [ -z "$INPUT_FILE_PATH" ] || [ -z "$OUTPUT_CSV_PATH" ] ; then
+    echo "Usage: $0 <process_script> <input_file_path> <output_csv_path>"
+    exit 1
+fi
+
+CONT_BIN="$(which podman 2>/dev/null)"
+if [ -z "$CONT_BIN" ]; then
+   CONT_BIN="$(which docker 2>/dev/null)"
+fi
+if [ -z "$CONT_BIN" ]; then
+   echo "Missing podman or docker."
+   exit 2
+fi
+
+# Check if the Docker image exists
+if ! $CONT_BIN image inspect "$IMAGE_NAME" >/dev/null 2>&1; then
+    echo "Docker image '$IMAGE_NAME' not found. Attempting to build it..."
+
+    # Determine the script directory
+    SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+    DOCKERFILE_PATH="$SCRIPT_DIR/Dockerfile"
+
+    if [ ! -f "$DOCKERFILE_PATH" ]; then
+        echo "Dockerfile not found at $DOCKERFILE_PATH"
+        exit 3
+    fi
+
+    # Build the Docker image
+    echo "Building Docker image '$IMAGE_NAME'..."
+    $CONT_BIN build -t "$IMAGE_NAME" -f "$DOCKERFILE_PATH" "$SCRIPT_DIR"
+
+    if [ $? -ne 0 ]; then
+        echo "Failed to build Docker image."
+        exit 4
+    fi
+fi
+
+
+INPUT_FILE=$(basename "$INPUT_FILE_PATH")
+PROCESS_SCRIPT=$(basename "$PROCESS_SCRIPT_PATH")
+TMP_FOLDER="$(mktemp -d)"
+
+cp "$INPUT_FILE_PATH" "$TMP_FOLDER/$INPUT_FILE"
+cp "$PROCESS_SCRIPT_PATH" "$TMP_FOLDER/$PROCESS_SCRIPT"
+chmod +x "$TMP_FOLDER/$PROCESS_SCRIPT"
+
+"$CONT_BIN" run --privileged --rm -v $TMP_FOLDER:/output "$IMAGE_NAME"  "/output/$PROCESS_SCRIPT \"$INPUT_FILE\""
+[ -f "$TMP_FOLDER/$INPUT_FILE.csv" ] && cp "$TMP_FOLDER/$INPUT_FILE.csv" "$OUTPUT_CSV_PATH" || echo "No output CSV file found."
+
+# Clean up
+rm "$TMP_FOLDER/$INPUT_FILE"
+rm "$TMP_FOLDER/$PROCESS_SCRIPT"
+[ -f "$TMP_FOLDER/$INPUT_FILE.csv" ] && rm "$TMP_FOLDER/$INPUT_FILE.csv"
+rm -rf "$TMP_FOLDER"

docker/ipfixprobe_wrapper.sh

@@ -0,0 +1,9 @@
+#!/bin/bash
+
+FILE=$1 # input file
+cd /output # workdir
+
+
+ipfixprobe -i "pcap;file=$FILE" -p "pstats" -p "nettisa" -o "unirec;i=f:$FILE.trapcap:timeout=WAIT;p=(pstats,nettisa)"
+/usr/bin/nemea/logger -t -i "f:$FILE.trapcap"  -w "$FILE.csv"
+rm $FILE.trapcap

docker/process_script.sh

@@ -171,6 +171,11 @@ std::string vec2str(const std::vector<T> &vec) {
    return ss.str();
 }
 
+/**
+ * @brief Copy uint32 in little endian byte order to destination in host byte order
+ */
+void memcpy_le32toh(uint32_t* dest, const uint32_t* src);
+
 }
 
 #endif /* IPXP_UTILS_HPP */