1nfexpire(1)                                                        nfexpire(1)
2
3
4

NAME

6       nfanon - netflow anonymisation
7

SYNOPSIS

9       nfanon [options]
10

DESCRIPTION

12       nfanon  is  used  to  anonymise  all IP addresses ( src, dst, next hop,
13       router IP etc. ) in the netflow records using the CryptoPAn (Cryptogra‐
14       phy-based   Prefix-preserving Anonymization) module. The key -K is used
15       to initialize the Rijndael cipher.  The key is either  a  32  character
16       string, or a 64 hex digit string starting with 0x.
17
18          See  http://www.cc.gatech.edu/computing/Telecomm/cryptopan/ for more
19          information about CryptoPAn.
20
21       nfanon has several modes of operation.
22
23       o nfanon reads a sequence of input files, specified by -r,  -R  and  -M
24       and  anonymises  the flows in the given files. The input file arguments
25       have the same syntax and meaning as nfdump(1).
26
27       o nfanon reads a sequence of input files, specified by -r, -R  and  -M.
28       All anonymised flows are written to a single file specified by -w.
29
30       o  nfanon  works  as  filter and reads flows from stding and writes the
31       anonymised flows to stdout.
32
33

OPTIONS

35       -r inputfile
36          Read input data from inputfile. Default is read from stdin.
37
38       -R expr
39          Read input from a sequence of files in the same directory. expr  may
40          be one of:
41           /any/dir          Read recursively all files in directory dir.
42           /dir/file         Read all files beginning with file.
43           /dir/file1:file2  Read all files from file1 to file2.
44
45           Note: files are read in alphabetical sequence.
46
47       -M expr
48          Read   input   from   multiple   directories.   expr   looks   like:
49          /any/path/to/dir1:dir2:dir3 etc. and will be expanded to the  direc‐
50          tories:  /any/path/to/dir1,  /any/path/to/dir2 and /any/path/to/dir3
51          Any number of colon separated directories may be given. The files to
52          read  are specified by -r or -R and are expected to exist in all the
53          given directories.  The options -r  and  -R  must  not  contain  any
54          directory part when used in conjunction with -M.
55
56       -w outputfile
57          If specified writes anonymised netflow records to outputfile.
58
59       -K key
60          The  key  is used to initialize the Rijndael cipher. key is either a
61          32 character string, or a 64 hex digit string starting with 0x.
62

RETURN VALUE

64       Returns
65           0   No error.
66           255 Initialization failed.
67           250 Internal error.
68

NOTES

70       None.
71

SEE ALSO

73       nfdump(1)
74

BUGS

76                                  2009-09-09                       nfexpire(1)
Impressum