Fluere is a robust tool designed for comprehensive network monitoring and analysis. It facilitates the capture of network packets in pcap format and their conversion into NetFlow data, offering a detailed view of network traffic dynamics. With support for both live and offline data capture, Fluere stands as a versatile solution suitable for a myriad of use cases.
Fluere is built with Rust and leverages the libpcap library for packet capture. The core functionalities are encapsulated within the main.rs file, which defines the command-line interface and handles various commands and options.
Customize your Fluere experience using the following command-line arguments:
| Argument | Description | Usage Example |
|----------------|--------------------------------------|------------------------|
| csv | Title of the exported CSV file | -c or --csv |
| list | List available network interfaces | -l or --list |
| interface | Select network interface to use | -i or --interface |
| duration | Set capture duration (in ms) | -d or --duration |
| timeout | Set flow timeout (in ms) | -t or --timeout |
| useMACaddress| Use MAC address as key value | -M or --useMAC |
| interval | Set export interval (in ms) | -I or --interval |
| sleep_windows| Set thread pause interval for Windows| -s or --sleep |
| verbose | Set verbosity level | -v or --verbose |
Before installing Fluere, ensure to install libpcap (Linux/macOS) or npcap (Windows) in winpcap compatible mode.
Install Fluere using the following command:
sh
cargo install fluere
Explore the diverse functionalities of Fluere with the following examples:
Live NetFlow Capture and Conversion
sh
fluere online -i eth0 -d 1000 -t 600000 -I 1800000 -v 1
Offline pcap to NetFlow Conversion
sh
fluere offline -f input.pcap -c output
Packet Capture in pcap Format
sh
fluere pcap -i eth0 -d 1000
Live Fluereflow Capture and Conversion
sh
fluere live -i eth0 -d 1000 -t 600000 -I 1800000 -v 1
For more detailed information and guidance, refer to the Fluere Wiki.