Supported Platforms
Windows, MacOS, and Linux are All Supported! YAY!
public ips are masked cause of the privacy issue (except of the DNS & Local broadcast)
Fluere is a powerful and versatile tool designed for network monitoring and analysis. It is capable of capturing network packets in pcap format and converting them into NetFlow data, providing a comprehensive view of network traffic. Fluere supports both live capture and offline conversion of NetFlow data, making it suitable for a wide range of use cases. Additionally, Fluere offers a terminal user interface for live feedback during online capture. Fluere is cross-platform compatible, running on Windows, macOS, and Linux operating systems.
The project is implemented in Rust and uses the libpcap library for packet capture and the clap library for command line argument parsing. The main functionality of the project is defined in the main.rs file, which includes the definition of the command line interface and the handling of the different commands and options.
The following table provides detailed information about each argument:
| Argument | Purpose | Usage |
| --- | --- | --- |
| csv | Title of the exported csv file | -c or --csv |
| list | List of network interfaces | -l or --list |
| interface | Select network interface to use | -i or --interface |
| duration | Set capture duration, in milliseconds | -d or --duration |
| timeout | Set flow timeout, in milliseconds | -t or --timeout |
| useMACaddress | Set use MAC address on Key value | -M or --useMAC |
| interval | Set export interval, in milliseconds | -I or --interval |
| sleep_windows | Set interval of thread pause for (only)MS Windows per n packet | -s or --sleep |
| verbose | Set verbosity level | -v or --verbose |
Ensure that you have installed libpcap on Linux and macOS or npcap on Windows.
- you need to install npcap in winpcap compatible mode
sh
cargo install fluere
online subcommand. For example:sh
fluere online -i eth0 -d 1000 -t 600000 -I 1800000 -v 1
This command captures NetFlow data from the eth0 interface for a duration of 1000 milliseconds, with a flow timeout of 600000 milliseconds and an export interval of 1800000 milliseconds. The verbosity level is set to 1.
offline subcommand. For example:sh
fluere offline -f input.pcap -c output
This command converts the input.pcap file into NetFlow data and exports the data to a CSV file named output.csv.
pcap subcommand. For example:sh
fluere pcap -i eth0 -d 1000
This command captures packets from the eth0 interface for a duration of 1000 milliseconds and saves the packets in a pcap file.
live subcommand. For example:sh
fluere live -i eth0 -d 1000 -t 600000 -I 1800000 -v 1
This command captures Fluereflow data from the eth0 interface for a duration of 1000 milliseconds, with a flow timeout of 600000 milliseconds and an export interval of 1800000 milliseconds. The verbosity level is set to 1.