NetFlow模板

模板介绍

NetFlow使用模板来捕获和分类收集到的数据流,FortiOS支持以下NetFlow模板ID(7.2.5 GA):

模板名称 模板ID 模板描述
STAT_OPTIONS 256 发送方的统计信息
APP_ID_OPTIONS 257 应用信息
IPV4 258 非NAT IPv4流量
IPV6 259 非NAT IPv6流量
ICMP4 260 非NAT ICMPv4流量
ICMP6 261 非NAT ICMPv6流量
IPV4_NAT 262 源/目NAT IPv4流量
IPV4_AF_NAT 263 NAT46的IPv4流量
IPV6_NAT 264 源/目NAT IPv6流量
IPV6_AF_NAT 265 NAT64的IPv6流量
ICMP4_NAT 266 源/目NAT ICMPv4流量
ICMP4_AF_NAT 267 NAT46的ICMPv4流量
ICMP6_NAT 268 源/目NAT ICMPv6流量
ICMPv6_AF_NAT 269 NAT64的ICMPv6流量

模板支持参数

STAT_OPTIONS模板

Description Statistics information about exporter
Scope Field Count 1
Data Field Count 7
Option Scope Length 4
Option Length 28
Padding 0000

Scope字段

Field # Field Type Length
1 System System (1) 2

Data字段

Field # Field Type Length
1 TOTAL_BYTES_EXP TOTAL_BYTES_EXP (40) 8
2 TOTAL_PKTS_EXP TOTAL_PKTS_EXP (41) 8
3 TOTAL_FLOWS_EXP TOTAL_FLOWS_EXP (42) 8
4 FLOW_ACTIVE_TIMEOUT FLOW_ACTIVE_TIMEOUT (36) 2
5 FLOW_INACTIVE_TIMEOUT FLOW_INACTIVE_TIMEOUT (37) 2
6 SAMPLING_INTERVAL SAMPLING_INTERVAL (34) 4
7 SAMPLING_ALGORITHM SAMPLING_ALGORITHM (35) 1

APP_ID_OPTIONS模板

Description Application information
Scope Field Count 1
Data Field Count 4
Option Scope Length 4
Option Length 16
Padding 0000

Scope字段

Field # Field Type Length
1 System System (1) 2

Data字段

Field # Field Type Length
1 APPLICATION_ID APPLICATION_ID (95) 9
2 APPLICATION_NAME APPLICATION_NAME (96) 64
3 APPLICATION_DESC APPLICATION_DESC (94) 64
4 applicationCategoryName applicationCategoryName (372) 32

IPV4模板

Description Application information
Data Field Count 17

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 L4_SRC_PORT L4_SRC_PORT (7) 2
8 L4_DST_PORT L4_DST_PORT (11) 2
9 INPUT_SNMP INPUT_SNMP (10) 2
10 OUTPUT_SNMP OUTPUT_SNMP (14) 2
11 PROTOCOL PROTOCOL (4) 1
12 APPLICATION_ID APPLICATION_ID (95) 9
13 FLOW_FLAGS FLOW_FLAGS (65) 2
14 FORWARDING_STATUS FORWARDING_STATUS (89) 1
15 flowEndReason flowEndReason (136) 1
16 IP_SRC_ADDR IP_SRC_ADDR (8) 4
17 IP_DST_ADDR IP_DST_ADDR (12) 4

IPV6模板

Description No NAT IPv6 traffic
Data Field Count 17

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 L4_SRC_PORT L4_SRC_PORT (7) 2
8 L4_DST_PORT L4_DST_PORT (11) 2
9 INPUT_SNMP INPUT_SNMP (10) 2
10 OUTPUT_SNMP OUTPUT_SNMP (14) 2
11 PROTOCOL PROTOCOL (4) 1
12 APPLICATION_ID APPLICATION_ID (95) 9
13 FLOW_FLAGS FLOW_FLAGS (65) 2
14 FORWARDING_STATUS FORWARDING_STATUS (89) 1
15 flowEndReason flowEndReason (136) 1
16 IPV6_SRC_ADDR IPV6_SRC_ADDR (27) 16
17 IPV6_DST_ADDR IPV6_DST_ADDR (28) 16

ICMP4模板

Description No NAT IPv4 traffic
Data Field Count 16

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 INPUT_SNMP INPUT_SNMP (10) 2
8 OUTPUT_SNMP OUTPUT_SNMP (14) 2
9 ICMP_TYPE ICMP_TYPE (32) 2
10 PROTOCOL PROTOCOL (4) 1
11 APPLICATION_ID APPLICATION_ID (95) 9
12 FLOW_FLAGS FLOW_FLAGS (65) 2
13 FORWARDING_STATUS FORWARDING_STATUS (89) 1
14 flowEndReason flowEndReason (136) 1
15 IP_SRC_ADDR IP_SRC_ADDR (8) 4
16 IP_DST_ADDR IP_DST_ADDR(12) 4

ICMP6模板

Description No NAT ICMPv6 traffic
Data Field Count 16

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 INPUT_SNMP INPUT_SNMP (10) 2
8 OUTPUT_SNMP OUTPUT_SNMP (14) 2
9 ICMP_TYPE ICMP_TYPE (32) 2
10 PROTOCOL PROTOCOL (4) 1
11 APPLICATION_ID APPLICATION_ID (95) 9
12 FLOW_FLAGS FLOW_FLAGS (65) 2
13 FORWARDING_STATUS FORWARDING_STATUS (89) 1
14 flowEndReason flowEndReason (136) 1
15 IPV6_SRC_ADDR IPV6_SRC_ADDR (27) 16
16 IPV6_DST_ADDR IPV6_DST_ADDR (28) 16

IPv4_NAT模板

Description Source/Destination NAT IPv4 traffic
Data Field Count 25

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 L4_SRC_PORT L4_SRC_PORT (7) 2
8 L4_DST_PORT L4_DST_PORT (11) 2
9 INPUT_SNMP INPUT_SNMP (10) 2
10 OUTPUT_SNMP OUTPUT_SNMP (14) 2
11 PROTOCOL PROTOCOL (4) 1
12 postIpDiffServCodePoint postIpDiffServCodePoint (98) 1
13 IP_TOS ipClassofService (5) 1
14 DST_DOS postIpClassOfService (55) 1
15 APPLICATION_ID APPLICATION_ID (95) 9
16 INTERNET_APPLICATION_ID INTERNET_APPLICATION_ID(66) 4
17 FLOW_FLAGS FLOW_FLAGS (65) 2
18 FORWARDING_STATUS FORWARDING_STATUS (89) 1
19 flowEndReason flowEndReason (136) 1
20 IP_SRC_ADDR IP_SRC_ADDR (8) 4
21 IP_DST_ADDR IP_DST_ADDR (12) 4
22 postNATSourceIPv4Address postNATSourceIPv4Address (225) 4
23 postNATDestinationIPv4Address postNATDestinationIPv4Address (226) 4
24 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
25 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

IPV4_AF_NAT模板

Description AF NAT IPv4 traffic (4->6)
Data Field Count 21

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 L4_SRC_PORT L4_SRC_PORT (7) 2
8 L4_DST_PORT L4_DST_PORT (11) 2
9 INPUT_SNMP INPUT_SNMP (10) 2
10 OUTPUT_SNMP OUTPUT_SNMP (14) 2
11 PROTOCOL PROTOCOL (4) 1
12 APPLICATION_ID APPLICATION_ID (95) 9
13 FLOW_FLAGS FLOW_FLAGS (65) 2
14 FORWARDING_STATUS FORWARDING_STATUS (89) 1
15 flowEndReason flowEndReason (136) 1
16 IPV6_SRC_ADDR IPV6_SRC_ADDR (27) 16
17 IPV6_DST_ADDR IPV6_DST_ADDR (28) 16
18 postNATSourceIPv6Address postNATSourceIPv6Address (281) 16
19 postNATDestinationIPv6Address postNATDestinationIPv6Address (282) 16
20 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
21 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

IPV6_NAT模板

Description Source/Destination NAT IPv6 traffic
Data Field Count 21

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 L4_SRC_PORT L4_SRC_PORT (7) 2
8 L4_DST_PORT L4_DST_PORT (11) 2
9 INPUT_SNMP INPUT_SNMP (10) 2
10 OUTPUT_SNMP OUTPUT_SNMP (14) 2
11 PROTOCOL PROTOCOL (4) 1
12 APPLICATION_ID APPLICATION_ID (95) 9
13 FLOW_FLAGS FLOW_FLAGS (65) 2
14 FORWARDING_STATUS FORWARDING_STATUS (89) 1
15 flowEndReason flowEndReason (136) 1
16 IP_SRC_ADDR IP_SRC_ADDR (8) 4
17 IP_DST_ADDR IP_DST_ADDR (12) 4
18 postNATSourceIPv6Address postNATSourceIPv6Address (281) 16
19 postNATDestinationIPv6Address postNATDestinationIPv6Address (282) 16
20 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
21 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

IPV6_AF_NAT模板

Description AF NAT IPv6 traffic (6->4)
Data Field Count 21

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 L4_SRC_PORT L4_SRC_PORT (7) 2
8 L4_DST_PORT L4_DST_PORT (11) 2
9 INPUT_SNMP INPUT_SNMP (10) 2
10 OUTPUT_SNMP OUTPUT_SNMP (14) 2
11 PROTOCOL PROTOCOL (4) 1
12 APPLICATION_ID APPLICATION_ID (95) 9
13 FLOW_FLAGS FLOW_FLAGS (65) 2
14 FORWARDING_STATUS FORWARDING_STATUS (89) 1
15 flowEndReason flowEndReason (136) 1
16 IPV6_SRC_ADDR IPV6_SRC_ADDR (27) 16
17 IPV6_DST_ADDR IPV6_DST_ADDR (28) 16
18 postNATSourceIPv4Address postNATSourceIPv4Address (225) 4
19 postNATDestinationIPv4Address postNATDestinationIPv4Address (226) 4
20 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
21 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

ICMPV4_NAT模板

Description Source/Destination NAT ICMPv4 traffic
Data Field Count 20

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 INPUT_SNMP INPUT_SNMP (10) 2
8 OUTPUT_SNMP OUTPUT_SNMP (14) 2
9 ICMP_TYPE ICMP_TYPE (32) 2
10 PROTOCOL PROTOCOL (4) 1
11 APPLICATION_ID APPLICATION_ID (95) 9
12 FLOW_FLAGS FLOW_FLAGS (65) 2
13 FORWARDING_STATUS FORWARDING_STATUS (89) 1
14 flowEndReason flowEndReason (136) 1
15 IP_SRC_ADDR IP_SRC_ADDR (8) 4
16 IP_DST_ADDR IP_DST_ADDR (12) 4
17 postNATSourceIPv4Address postNATSourceIPv4Address (225) 4
18 postNATDestinationIPv4Address postNATDestinationIPv4Address (226) 4
19 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
20 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

ICMPV4_AF_NAT模板

Description AF NAT ICMPv4 traffic (4->6)
Data Field Count 20

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 INPUT_SNMP INPUT_SNMP (10) 2
8 OUTPUT_SNMP OUTPUT_SNMP (14) 2
9 ICMP_TYPE ICMP_TYPE (32) 2
10 PROTOCOL PROTOCOL (4) 1
11 APPLICATION_ID APPLICATION_ID (95) 9
12 FLOW_FLAGS FLOW_FLAGS (65) 2
13 FORWARDING_STATUS FORWARDING_STATUS (89) 1
14 flowEndReason flowEndReason (136) 1
15 IPV6_SRC_ADDR IPV6_SRC_ADDR (27) 16
16 IPV6_DST_ADDR IPV6_DST_ADDR (28) 16
17 postNATSourceIPv6Address postNATSourceIPv6Address (281) 16
18 postNATDestinationIPv6Address postNATDestinationIPv6Address (282) 16
19 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
20 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

ICMPV6_NAT模板

Description Source/Destination NAT ICMPv6 traffic
Data Field Count 20

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 INPUT_SNMP INPUT_SNMP (10) 2
8 OUTPUT_SNMP OUTPUT_SNMP (14) 2
9 ICMP_TYPE ICMP_TYPE (32) 2
10 PROTOCOL PROTOCOL (4) 1
11 APPLICATION_ID APPLICATION_ID (95) 9
12 FLOW_FLAGS FLOW_FLAGS (65) 2
13 FORWARDING_STATUS FORWARDING_STATUS (89) 1
14 flowEndReason flowEndReason (136) 1
15 IP_SRC_ADDR IP_SRC_ADDR (8) 4
16 IP_DST_ADDR IP_DST_ADDR (12) 4
17 postNATSourceIPv6Address postNATSourceIPv6Address (281) 16
18 postNATDestinationIPv6Address postNATDestinationIPv6Address (282) 16
19 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
20 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

ICMPV6_AF_NAT模板

Description AF NAT ICMPv6 traffic (6->4)
Data Field Count 20

Data字段

Field # Field Type Length
1 BYTES BYTES (1) 8
2 OUT_BYTES OUT_BYTES (23) 8
3 PKTS PKTS (2) 4
4 OUT_PKTS OUT_PKTS (24) 4
5 FIRST_SWITCHED FIRST_SWITCHED (22) 4
6 LAST_SWITCHED LAST_SWITCHED (21) 4
7 INPUT_SNMP INPUT_SNMP (10) 2
8 OUTPUT_SNMP OUTPUT_SNMP (14) 2
9 ICMP_TYPE ICMP_TYPE (32) 2
10 PROTOCOL PROTOCOL (4) 1
11 APPLICATION_ID APPLICATION_ID (95) 9
12 FLOW_FLAGS FLOW_FLAGS (65) 2
13 FORWARDING_STATUS FORWARDING_STATUS (89) 1
14 flowEndReason flowEndReason (136) 1
15 IPV6_SRC_ADDR IPV6_SRC_ADDR (27) 16
16 IPV6_DST_ADDR IPV6_DST_ADDR (28) 16
17 postNATSourceIPv4Address postNATSourceIPv4Address (225) 4
18 postNATDestinationIPv4Address postNATDestinationIPv4Address (226) 4
19 postNAPTSourceTransportPort postNAPTSourceTransportPort (227) 2
20 postNAPTDestinationTransportPort postNAPTDestinationTransportPort (228) 2

Copyright © 2024 Fortinet Inc. All rights reserved. Powered by Fortinet TAC Team.
📲扫描下方二维码分享此页面👇
该页面修订于: 2023-09-12 15:24:08

results matching ""

    No results matching ""