fluere
| Crates.io | fluere |
| lib.rs | fluere |
| version | 0.7.0 |
| created_at | 2023-05-30 12:28:32.938034+00 |
| updated_at | 2024-04-24 00:35:54.92208+00 |
| description | Cross Platform Packet Capture, pcap to Netflow Conversion, Live Netflow Capture Tool |
| homepage | |
| repository | https://github.com/SkuldNorniern/fluere |
| max_upload_size | |
| id | 877856 |
| size | 497,647 |
Eira (SkuldNorniern)
documentation
README
Fluere
Your Comprehensive Network Monitoring and Analysis Tool
Fluere is a robust tool designed for comprehensive network monitoring and analysis. It facilitates the capture of network packets in pcap format and their conversion into NetFlow data, offering a detailed view of network traffic dynamics. With support for both live and offline data capture, Fluere stands as a versatile solution suitable for a myriad of use cases.
- AWS flow logging using AWS Traffic Mirroring
- Local Server's Active firewall implementation using a plugin
- Logging your Server's Flows
Key Features:
- Cross-platform support (Windows, macOS, Linux)
- Live and offline NetFlow data capture and conversion
- Packet capture in pcap format
- Terminal User Interface (TUI) for real-time feedback during live capture
Windows, MacOS, and Linux are All Supported! YAY!
Public IPs are masked to prevent privacy issues (except for DNS & Local broadcast)
Technical Overview
Fluere is built with Rust and leverages the libpcap library for packet capture. The core functionalities are encapsulated within the main.rs file, which defines the command-line interface and handles various commands and options.
Command Line Arguments
Customize your Fluere experience using the following command-line arguments:
| Argument | Description | Usage Example |
|---|---|---|
csv |
Title of the exported CSV file | -c or --csv |
list |
List available network interfaces | -l or --list |
interface |
Select network interface to use | -i or --interface |
duration |
Set capture duration (in ms) | -d or --duration |
timeout |
Set flow timeout (in ms) | -t or --timeout |
useMACaddress |
Use MAC address as key value | -M or --useMAC |
interval |
Set export interval (in ms) | -I or --interval |
sleep_windows |
Set thread pause interval for Windows | -s or --sleep |
verbose |
Set verbosity level | -v or --verbose |
Getting Started
Prerequisites
Before installing Fluere, ensure to install libpcap (Linux/macOS) or npcap (Windows) in winpcap compatible mode.
Installation
Install Fluere using the following command:
cargo install fluere
Usage Examples
Explore the diverse functionalities of Fluere with the following examples:
-
Live NetFlow Capture and Conversion
fluere online -i eth0 -d 1000 -t 600000 -I 1800000 -v 1 -
Offline pcap to NetFlow Conversion
fluere offline -f input.pcap -c output -
Packet Capture in pcap Format
fluere pcap -i eth0 -d 1000 -
Live Fluereflow Capture and Conversion
fluere live -i eth0 -d 1000 -t 600000 -I 1800000 -v 1
For more detailed information and guidance, refer to the Fluere Wiki.