PcapFileEx.Flows.UDP.Collector (pcap_file_ex v0.5.5)
View SourceCollects UDP datagrams into flows grouped by destination.
UDP flows are grouped by server (destination) endpoint only,
using from: :any pattern since datagrams may come from any source.
Example
{:ok, flows} = UDP.Collector.collect(packets)
Enum.each(flows, fn flow ->
IO.puts("UDP to #{flow.flow.server}: #{length(flow.datagrams)} datagrams")
end)Summary
Functions
Collects UDP packets into flows grouped by destination.
Extracts UDP packets from PCAP file.
Types
@type packet() :: %{ src_ip: tuple(), src_port: non_neg_integer(), dst_ip: tuple(), dst_port: non_neg_integer(), payload: binary(), timestamp: DateTime.t() }
Functions
@spec collect( [packet()], keyword() ) :: {:ok, [PcapFileEx.Flows.UDP.Flow.t()]}
Collects UDP packets into flows grouped by destination.
Parameters
packets- List of UDP packet mapsopts- Options::hosts_map- Map of IP strings to hostnames:decoders- List of custom decoder specs (seePcapFileEx.Flows.Decoder):keep_binary- Whentrue, preserve original binary inpayload_binarywhen custom decoders are invoked (default:false)
Returns
{:ok, flows} where flows is a list of UDP.Flow.t()
Example
packets = [
%{src_ip: {10,0,0,1}, src_port: 54321, dst_ip: {10,0,0,2}, dst_port: 5005,
payload: <<1,2,3>>, timestamp: ~U[2024-01-01 00:00:00Z]},
...
]
{:ok, flows} = UDP.Collector.collect(packets, hosts_map: %{"10.0.0.2" => "metrics"})@spec extract( Path.t(), keyword() ) :: {:ok, [PcapFileEx.Flows.UDP.Flow.t()]} | {:error, term()}
Extracts UDP packets from PCAP file.
Parameters
pcap_path- Path to PCAP/PCAPNG fileopts- Options::port- Filter to specific UDP port:hosts_map- Map of IP strings to hostnames:decoders- List of custom decoder specs (seePcapFileEx.Flows.Decoder):keep_binary- Whentrue, preserve original binary inpayload_binarywhen custom decoders are invoked (default:false)
Returns
{:ok, flows} where flows is a list of UDP.Flow.t()