IPFIX数据通过UDP C＃ - 我可以对数据进行解码？ [英] IPFIX data over UDP to C# - can I decode the data?

问题描述

我已经从MSDN网站上的代码示例创建为我试图从防火墙收到IPFIX / NetFlow数据，然后与我接收数据工作UDP监听/客户端。
的代码不工作，并开始reveive数据，但它的专业术语（见下文），所以我想我不能正确解码它。

I have a code sample from the MSDN website to create a UDP listener/client as I am trying to receive IPFIX/Netflow data from a firewall and then work with the data I receive. The code does work and starts to reveive data but its jargon (see below) so I guess I am not decoding it correctly.

有没有人有任何想法？我需要做的是能够得到正确格式的数据。

Does anyone have any ideas what I need to do to be able to get the data in the correct format?

我使用的代码是：

using System;
using System.Net;
using System.Net.Sockets;
using System.Text;

public class ConsoleApplication2
{
    private const int listenPort = 2055;

    private static void StartListener()
    {
        bool done = false;

        UdpClient listener = new UdpClient(listenPort);
        IPEndPoint groupEP = new IPEndPoint(IPAddress.Any, listenPort);

        try
        {
            while (!done)
            {
                Console.WriteLine("Waiting for broadcast");
                byte[] bytes = listener.Receive(ref groupEP);

                Console.WriteLine("Received broadcast from {0} :\n {1}\n",
                    groupEP.ToString(),
                    Encoding.ASCII.GetString(bytes, 0, bytes.Length));
            }

        }
        catch (Exception e)
        {
            Console.WriteLine(e.ToString());
        }
        finally
        {
            listener.Close();
        }
    }

    public static int Main()
    {
        StartListener();

        return 0;
    }
}

和数据我得到的回复是：

And the data I get back is:

？m？▼？ '$▬+？ ？☺☺中号▼??? k`
和;？？？？?? _ 07 ???? Q 20êüĴ♥☻结果
♠P♣点¯x♣►♥ →♦
☼？m？▼ - M +▼？ 1♠►？结果
？ ☺

?M?▼? '$▬+? ☺☺ ?M?▼???k` &??_?07????Q??E?U?j ♥ ☻
♠ P ♣ x ♣ ► ♥ → ♦ ☼?M?▼?M?▼? 1♠ ►?
? ☺

由于提前，

詹姆斯

推荐答案

您是假定接收到的数据是ASCII格式的时候，其实它正是如此结构：的看到这里。这些消息有头和数据集等，你需要评估依据的数据在标准，而不是仅仅一个直的文本转换

You're assuming that the data being received is in ASCII format when in fact it's structured thusly: See here. The messages have a header and data sets etc. You need to evaluate the data based on the standard, not just a straight text conversion.

在此，例如是邮件标题的格式。文本转换，根本不会做这样的事情：

Here, for example is the message header format. A text conversion simply won't do anything with this:

3.1。邮件标题格式

   The format of the IPFIX Message Header is shown in Figure F.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |       Version Number          |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                           Export Time                         |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                       Sequence Number                         |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                    Observation Domain ID                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

这篇关于IPFIX数据通过UDP C＃ - 我可以对数据进行解码？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！