Struct netflow_parser::variable_versions::v9::Header

pub struct Header {
    pub version: u16,
    pub count: u16,
    pub sys_up_time: u32,
    pub unix_secs: u32,
    pub sequence_number: u32,
    pub source_id: u32,
}

Fields

version: u16

The version of NetFlow records exported in this packet; for Version 9, this value is 9

count: u16

Number of FlowSet records (both template and data) contained within this packet

sys_up_time: u32

Time in milliseconds since this device was first booted

unix_secs: u32

Seconds since 0000 Coordinated Universal Time (UTC) 1970

sequence_number: u32

Incremental sequence counter of all export packets sent by this export device; this value is cumulative, and it can be used to identify whether any export packets have been missed. Note: This is a change from the NetFlow Version 5 and Version 8 headers, where this number represented “total flows.”

source_id: u32

The Source ID field is a 32-bit value that is used to guarantee uniqueness for all flows exported from a particular device. (The Source ID field is the equivalent of the engine type and engine ID fields found in the NetFlow Version 5 and Version 8 headers). The format of this field is vendor specific. In the Cisco implementation, the first two bytes are reserved for future expansion, and will always be zero. Byte 3 provides uniqueness with respect to the routing engine on the exporting device. Byte 4 provides uniqueness with respect to the particular line card or Versatile Interface Processor on the exporting device. Collector devices should use the combination of the source IP address plus the Source ID field to associate an incoming NetFlow export packet with a unique instance of NetFlow on a particular device.

Trait Implementations

impl Clone for Header

fn clone(&self) -> Header

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Header

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'nom> Parse<&'nom [u8]> for Header

fn parse_be(orig_i: &'nom [u8]) -> IResult<&'nom [u8], Self>

Parse input as Big-Endian

fn parse_le(orig_i: &'nom [u8]) -> IResult<&'nom [u8], Self>

Parse input as Little-Endian

fn parse(orig_i: &'nom [u8]) -> IResult<&'nom [u8], Self>

Parse input, not knowing the endianness

impl PartialEq for Header

fn eq(&self, other: &Header) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for Header

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Copy for Header

impl StructuralPartialEq for Header