{"id":17234821,"url":"https://github.com/caesar0301/pkt2flow","last_synced_at":"2025-04-13T09:51:00.619Z","repository":{"id":6033709,"uuid":"7257937","full_name":"caesar0301/pkt2flow","owner":"caesar0301","description":"A simple utility to classify packets into flows. It's so simple that only one task is aimed to finish.  For Deep Packet Inspection or flow classification, it's so common to analyze the feature of one specific flow. I have make the attempt to use made-ready tools like tcpflows, tcpslice, tcpsplit, but all these tools try to either decrease the trace volume (under requirement) or resemble the packets into flow payloads (over requirement). I have not found a simple tool to classify the packets into flows without further processing. This is why this program is born.","archived":false,"fork":false,"pushed_at":"2023-06-29T12:49:45.000Z","size":61,"stargazers_count":168,"open_issues_count":10,"forks_count":48,"subscribers_count":13,"default_branch":"master","last_synced_at":"2025-03-27T01:12:17.182Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/caesar0301.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":"CODEOWNERS","security":null,"support":null,"governance":null}},"created_at":"2012-12-20T13:17:11.000Z","updated_at":"2025-02-16T11:58:37.000Z","dependencies_parsed_at":"2022-09-05T02:20:47.126Z","dependency_job_id":"43d2f4d0-bd4e-4b87-a284-378fc8bf23c1","html_url":"https://github.com/caesar0301/pkt2flow","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fpkt2flow","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fpkt2flow/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fpkt2flow/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/caesar0301%2Fpkt2flow/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/caesar0301","download_url":"https://codeload.github.com/caesar0301/pkt2flow/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248695300,"owners_count":21146952,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-15T05:30:45.100Z","updated_at":"2025-04-13T09:51:00.600Z","avatar_url":"https://github.com/caesar0301.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"pkt2flow\n========\n\n[![Build Status](https://travis-ci.org/caesar0301/pkt2flow.svg?branch=master)](https://travis-ci.org/caesar0301/pkt2flow)\n\nby chenxm, Shanghai Jiao Tong Univ.\nchenxm35@gmail.com\n\n2012-2019\n\n**©MIT LICENSED**\n\nA simple utility to classify packets into flows. It's so simple that only one task\nis aimed to finish.\n\nFor Deep Packet Inspection or flow classification, it's so common to analyze the\nfeature of one specific flow. I have make the attempt to use made-ready tools like\n`tcpflows`, `tcpslice`, `tcpsplit`, but all these tools try to either decrease the\ntrace volume (under requirement) or resemble the packets into flow payloads (over\nrequirement). I have not found a simple tool to classify the packets into flows without\nfurther processing. This is why this program is born.\n\nThe inner function of this program behaves using the 4-tuple (src_ip, dst_ip, src_port, dst_port)\nto seperate the packets into TCP or UDP flows. Each flow will be saved into a pcap \nfile named with 4-tuple and the timestamp of the first packet of the flow. The packets are \nsaved in the order as read from the source. Any further processing like TCP resembling is\nnot performed. The flow timeout is considered as 30 minutes which can be changed in pkt2flow.h.\n\n\nHow to compile\n----------\n\n\nThis program is structured and compiled with a tool called SCons (http://www.scons.org/).\nYou can follow simple steps to make a compile (e.g. Ubuntu):\n\n1. Make sure you have library `libpcap` in your system.\n```bash\nsudo apt install -y libpcap-dev\n```\n\n2. Install \"Scons\" that can be downloaded from its official website given above.\n```bash\nsudo apt install -y scons\n```\n\n3. Get source code and run `scons` under the project folder: \n```bash\ngit clone https://github.com/caesar0301/pkt2flow.git\ncd pkt2flow\nscons # You got binary pkt2flow\n````\n\nHow to install (optional)\n----------\n\nYou can optionally let scons automatically handle the installation for you by\nproviding an installation prefix, e.g.:\n\n    $ PREFIX=/usr/local\n    $ scons --prefix=$PREFIX install\n\nThis will build pkt2flow and install the binary to /usr/local/bin/pkt2flow.\nDepending on where you want to install it, you might need to use sudo or\nbecome the appropriate user.\n\nUsage\n--------\n```bash\nUsage: ./pkt2flow [-huvx] [-o outdir] pcapfile\n\n\tOptions:\n\t\t-h\tprint this help and exit\n\t\t-u\talso dump (U)DP flows\n\t\t-v\talso dump the in(v)alid TCP flows without the SYN option\n\t\t-x\talso dump non-UDP/non-TCP IP flows\n\t\t-o\t(o)utput directory\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaesar0301%2Fpkt2flow","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcaesar0301%2Fpkt2flow","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcaesar0301%2Fpkt2flow/lists"}