NetFlow Traffic Generator
100K+
This program generates mock netflow (v5) data that can be used to test netflow collector programs. The program simulates a router that is exporting flow records to the collector. It is useful for determining whether the netflow collector is operating and/or receiving netflow datagrams.
nflow-generator generates several netflow datagrams per second, each with 8 or 16 records for varying kinds of traffic (HTTP, SSH, SNMP, DNS, MySQL, and many others.)
The source code and project can be found at nerdalert/nflow-generator
Simply run in a container and pass any arguments at runtime. Below is an example passing the --help flag:
docker run -it --rm networkstatic/nflow-generator --help
To generate mock flow data simply add the target IP and port:
docker run -it --rm networkstatic/nflow-generator -t <ip> -p <port>
Install Go, then:
git clone https://github.com/nerdalert/nflow-generator.git -or -
git clone https://github.com/richb-hanover/nflow-generator.git
cd <dir>
go build
Go build will leave a binary in the root directory that can be run.
Feed it the target collector and port, and optional "false-index" flag:
./nflow-generator -t <ip> -p <port> [ -f | --false-index ]
The original mock netflow generator placed random values in several fields which confused certain netflow collectors that complained about inaccurate time stamps, and were confused by the random values sent in the input and output interface fields. This update:
SysUptime, unix_secs, and unix_nsecs fields of the Netflow datagrams to sensible (UTC) valuesflow_sequence value for each netflow datagramdocker pull networkstatic/nflow-generator