Cleanup sflow code - uncomment unnecessary code

AUTHORS

@@ -1 +1 @@
-Peter Haag	phaag@users.sourceforge.net
+Peter Haag	peter@people.ops-trust.net

ChangeLog

@@ -1,6 +1,7 @@
 2017-12-27
 - Add ipfix delta timestamp elements 158/159. 
 - Update sflow code to commit 7322984 of https://github.com/sflow/sflowtool
+- Cleanup sflow code - uncomment unnecessary code
 
 2017-12-22
 - Fix potential memory leaks in nfpcapd

bin/Makefile.am

@@ -111,7 +111,7 @@ nfpcapd_LDADD += -lpcap
 nfpcapd_LDFLAGS = -pthread
 endif
 
-sfcapd_SOURCES = sfcapd.c sflow_nfdump.c sflow_nfdump.h sflow.h sflow_v2v4.h \
+sfcapd_SOURCES = sfcapd.c sflow_nfdump.c sflow_nfdump.h sflow.h sflow_v2v4.h sflow_process.c  sflow_process.h\
 	$(nfstatfile) $(launch) \
 	$(nfnet) $(collector) $(bookkeeper) $(expire)
 sfcapd_LDADD = -lnfdump 

bin/bookkeeper.h

@@ -1,4 +1,5 @@
 /*
+ *  Copyright (c) 2017, Peter Haag
  *  Copyright (c) 2014, Peter Haag
  *  Copyright (c) 2009, Peter Haag
  *  Copyright (c) 2004-2008, SWITCH - Teleinformatikdienste fuer Lehre und Forschung
@@ -28,18 +29,20 @@
  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
  *  POSSIBILITY OF SUCH DAMAGE.
  *  
- *  $Author: haag $
- *
- *  $Id: bookkeeper.h 39 2009-11-25 08:11:15Z haag $
- *
- *  $LastChangedRevision: 39 $
- *	
- *
  */
 
 #ifndef _BOOKKEEPER_H
 #define _BOOKKEEPER_H 1
 
+#include "config.h"
+
+#include <sys/types.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#include <time.h>
+#include <unistd.h>
+
 enum { BOOKKEEPER_OK = 0, ERR_FAILED, ERR_NOTEXISTS, ERR_PATHACCESS, ERR_EXISTS };
 
 #define DETACH_ONLY	0

bin/collector.h

@@ -34,6 +34,17 @@
 #ifndef _COLLECTOR_H
 #define _COLLECTOR_H 1
 
+#include "config.h"
+
+#include <sys/types.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#include <sys/socket.h>
+
+#include "bookkeeper.h"
+#include "nffile.h"
+
 #define FNAME_SIZE  256
 #define IDENT_SIZE  32
 

bin/ipfix.c

@@ -1203,14 +1203,14 @@ ipfix_template_record_t *ipfix_template_record;
 
 	// a template flowset can contain multiple records ( templates )
 	while ( size_left ) {
-		uint32_t id, count;
+		uint32_t id;
 
 		// map next record.
 		ipfix_template_record = (ipfix_template_record_t *)DataPtr;
 		size_left 		-= 4;
 
 		id 	  = ntohs(ipfix_template_record->TemplateID);
-		count = ntohs(ipfix_template_record->FieldCount);
+		// count = ntohs(ipfix_template_record->FieldCount);
 
 		if ( id == IPFIX_TEMPLATE_FLOWSET_ID ) {
 			// withdraw all templates
@@ -1234,8 +1234,7 @@ static inline void Process_ipfix_option_templates(exporter_ipfix_domain_t *expor
 uint8_t		*DataPtr;
 uint32_t	size_left, size_required, i;
 // uint32_t nr_scopes, nr_options;
-uint16_t	id, field_count, scope_field_count, offset, sampler_id_length;
+uint16_t	id, field_count, scope_field_count, offset;
-uint16_t	offset_sampler_id, offset_sampler_mode, offset_sampler_interval, found_sampler;
 uint16_t	offset_std_sampler_interval, offset_std_sampler_algorithm, found_std_sampling;
 
 	i = 0;	// keep compiler happy
@@ -1279,18 +1278,12 @@ uint16_t	offset_std_sampler_interval, offset_std_sampler_algorithm, found_std_sa
 		return;
 	}
 
-	sampler_id_length			 = 0;
-	offset_sampler_id 			 = 0;
-	offset_sampler_mode 		 = 0;
-	offset_sampler_interval 	 = 0;
 	offset_std_sampler_interval  = 0;
 	offset_std_sampler_algorithm = 0;
-	found_sampler				 = 0;
 	found_std_sampling			 = 0;
 	offset = 0;
 
 	for ( i=0; i<scope_field_count; i++ ) {
-		uint32_t enterprise_value;
 		uint16_t id, length;
 		int Enterprise;
 
@@ -1313,11 +1306,10 @@ uint16_t	offset_std_sampler_interval, offset_std_sampler_algorithm, found_std_sa
 					size_left, field_count);
 				return;
 			}
-			enterprise_value = Get_val32(DataPtr);
 			DataPtr += 4;
 			size_left -= 4;
 			dbg_printf(" [%i] Enterprise: 1, scope id: %u, scope length %u enterprise value: %u\n", 
-				i, id, length, enterprise_value);
+				i, id, length, Get_val32(DataPtr));
 		} else {
 			dbg_printf(" [%i] Enterprise: 0, scope id: %u, scope length %u\n", i, id, length);
 		}
@@ -1785,15 +1777,15 @@ uint8_t	 *in;
 void Process_IPFIX(void *in_buff, ssize_t in_buff_cnt, FlowSource_t *fs) {
 exporter_ipfix_domain_t	*exporter;
 ssize_t				size_left;
-uint32_t			ExportTime, ObservationDomain, Sequence, flowset_length;
+uint32_t			ExportTime, Sequence, flowset_length;
 ipfix_header_t		*ipfix_header;
 void				*flowset_header;
+
 #ifdef DEVEL
 static uint32_t		packet_cntr = 0;
-
+uint32_t 			ObservationDomain;
-	packet_cntr++;
-	dbg_printf("Next packet: %u\n", packet_cntr);
 #endif
+
 	size_left 	 = in_buff_cnt;
 	if ( size_left < IPFIX_HEADER_LENGTH ) {
 		LogError("Process_ipfix: Too little data for ipfix packet: '%lli'", (long long)size_left);
@@ -1801,10 +1793,15 @@ static uint32_t		packet_cntr = 0;
 	}
 
 	ipfix_header = (ipfix_header_t *)in_buff;
-	ObservationDomain 	 = ntohl(ipfix_header->ObservationDomain);
 	ExportTime 			 = ntohl(ipfix_header->ExportTime);
 	Sequence 			 = ntohl(ipfix_header->LastSequence);
 
+#ifdef DEVEL
+	ObservationDomain 	 = ntohl(ipfix_header->ObservationDomain);
+	packet_cntr++;
+	printf("Next packet: %u\n", packet_cntr);
+#endif
+
 	exporter	= GetExporter(fs, ipfix_header);
 	if ( !exporter ) {
 		LogError("Process_ipfix: Exporter NULL: Abort ipfix record processing");

bin/nfdump.h

@@ -1,4 +1,5 @@
 /*
+ *  Copyright (c) 2017, Peter Haag
  *  Copyright (c) 2014, Peter Haag
  *  Copyright (c) 2009, Peter Haag
  *  Copyright (c) 2004-2008, SWITCH - Teleinformatikdienste fuer Lehre und Forschung
@@ -28,17 +29,20 @@
  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
  *  POSSIBILITY OF SUCH DAMAGE.
  *  
- *  $Author: haag $
- *
- *  $Id: nfdump.h 39 2009-11-25 08:11:15Z haag $
- *
- *  $LastChangedRevision: 39 $
- *	
  */
 
 #ifndef _NFDUMP_H
 #define _NFDUMP_H 1
 
+#include "config.h"
+
+#include <sys/types.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+
+#include "rbtree.h"
+
 #define BuffNumRecords	1024
 
 /* 

bin/nfexpire.c

@@ -1,4 +1,5 @@
 /*
+ *  Copyright (c) 2017, Peter Haag
  *  Copyright (c) 2014, Peter Haag
  *  Copyright (c) 2009, Peter Haag
  *  Copyright (c) 2004-2008, SWITCH - Teleinformatikdienste fuer Lehre und Forschung
@@ -28,12 +29,6 @@
  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
  *  POSSIBILITY OF SUCH DAMAGE.
  *  
- *  $Author: haag $
- *
- *  $Id: nfexpire.c 51 2010-01-29 09:01:54Z haag $
- *
- *  $LastChangedRevision: 51 $
- *  
  */
 
 #include "config.h"
@@ -210,14 +205,13 @@ int i;
 
 int main( int argc, char **argv ) {
 struct stat fstat;
-int 		c, err, maxsize_set, maxlife_set;
+int 		c, maxsize_set, maxlife_set;
 int			do_rescan, do_expire, do_list, print_stat, do_update_param, print_books, is_profile, nfsen_format;
-char		*lifetime_string, *datadir;
+char		*datadir;
 uint64_t	maxsize, lifetime, low_water;
 uint32_t	runtime;
 channel_t	*channel, *current_channel;
 
-	lifetime_string = NULL;
 	datadir = NULL;
 	maxsize = lifetime = 0;
 	do_rescan  		= 0;
@@ -315,7 +309,7 @@ channel_t	*channel, *current_channel;
 		exit(250);
 	}
 
-	err  = stat(datadir, &fstat);
+	stat(datadir, &fstat);
 	if ( !(fstat.st_mode & S_IFDIR) ) {
 		fprintf(stderr, "No such directory: %s\n", datadir);
 		exit(250);

bin/pcap_reader.c

@@ -1,4 +1,5 @@
 /*
+ *  Copyright (c) 2017, Peter Haag
  *  Copyright (c) 2014, Peter Haag
  *  Copyright (c) 2009, Peter Haag
  *  All rights reserved.
@@ -27,13 +28,6 @@
  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
  *  POSSIBILITY OF SUCH DAMAGE.
  *  
- *  $Author: haag $
- *
- *  $Id: pcap_reader.c 39 2009-11-25 08:11:15Z haag $
- *
- *  $LastChangedRevision: 39 $
- *  
- *
  */
 
 #include <config.h>
@@ -130,7 +124,6 @@ static ssize_t decode_packet(struct pcap_pkthdr *hdr, u_char *pkt, void *buffer,
 struct ip	 	*ip;
 struct udphdr 	*udp;
 struct tcphdr 	*tcp;
-struct icmp	  	*icmp;
 u_char		  	*payload;
 int 			len, i;
 u_int 			hlen,version;
@@ -245,10 +238,13 @@ struct sockaddr_in *in_sock = (struct sockaddr_in *)sock;
 			printf("\n");
 
 			break;
-		case IPPROTO_ICMP:
+/*
+		case IPPROTO_ICMP: {
+			struct icmp	  	*icmp;
 			icmp_count++;
 			icmp = (struct icmp *)((void *)ip + (ip->ip_hl << 0x02));
-			break;
+			} break;
+*/
 		default:
 			/* no default */
 			break;

bin/sfcapd.c

@@ -653,7 +653,7 @@ srecord_t	*commbuff;
 
 int main(int argc, char **argv) {
  
-char	*bindhost, *filter, *datadir, pidstr[32], *launch_process;
+char	*bindhost, *datadir, pidstr[32], *launch_process;
 char	*userid, *groupid, *checkptr, *listenport, *mcastgroup, *extension_tags;
 char	*Ident, *pcap_file, *time_extension, pidfile[MAXPATHLEN];
 struct stat fstat;
@@ -664,7 +664,7 @@ FlowSource_t *fs;
 struct sigaction act;
 int		family, bufflen;
 time_t 	twin, t_start;
-int		sock, err, synctime, do_daemonize, expire, spec_time_extension, report_sequence;
+int		sock, synctime, do_daemonize, expire, spec_time_extension, report_sequence;
 int		subdir_index, compress;
 int	c;
 
@@ -679,7 +679,6 @@ int	c;
 	bindhost 		= NULL;
 	mcastgroup		= NULL;
 	pidfile[0]		= 0;
-	filter   		= NULL;
 	launch_process	= NULL;
 	userid 			= groupid = NULL;
 	twin	 		= TIME_WINDOW;
@@ -815,7 +814,7 @@ int	c;
 					fprintf(stderr, "ERROR: Path too long!\n");
 					exit(255);
 				}
-				err  = stat(datadir, &fstat);
+				stat(datadir, &fstat);
 				if ( !(fstat.st_mode & S_IFDIR) ) {
 					fprintf(stderr, "No such directory: %s\n", datadir);
 					break;
@@ -975,7 +974,7 @@ int	c;
 		exit(255);
 	} else {
 		/* user specified a pcap filter */
-		filter = argv[optind];
+		// not used: filter = argv[optind];
 	}
 
 	t_start = time(NULL);

bin/sflow.h

@@ -10,6 +10,13 @@
 #ifndef SFLOW_H
 #define SFLOW_H 1
 
+#include "config.h"
+
+#include <sys/types.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+
 #if defined(__cplusplus)
 extern "C" {
 #endif

bin/sflow_nfdump.h

@@ -31,10 +31,21 @@
 #ifndef _SFLOW_NFDUMP_H
 #define _SFLOW_NFDUMP_H 1
 
+#include <sys/types.h>
+
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+
+#include "collector.h"
+#include "sflow_process.h"
+
 void Init_sflow(void);
 
 void Process_sflow(void *in_buff, ssize_t in_buff_cnt, FlowSource_t *fs);
 
+void StoreSflowRecord(SFSample *sample, FlowSource_t *fs);
+
 /*
  * Extension map for sflow ( compatibility for now )
  *
@@ -52,4 +63,5 @@ void Process_sflow(void *in_buff, ssize_t in_buff_cnt, FlowSource_t *fs);
  * 6	: 2 byte src/dst as
  */
 
+
 #endif // _SFLOW_NFDUMP_H

bin/sflow_process.h

@@ -0,0 +1,269 @@
+/*
+ *  Copyright (c) 2017, Peter Haag
+ *  All rights reserved.
+ *  
+ *  Redistribution and use in source and binary forms, with or without 
+ *  modification, are permitted provided that the following conditions are met:
+ *  
+ *   * Redistributions of source code must retain the above copyright notice, 
+ *     this list of conditions and the following disclaimer.
+ *   * Redistributions in binary form must reproduce the above copyright notice, 
+ *     this list of conditions and the following disclaimer in the documentation 
+ *     and/or other materials provided with the distribution.
+ *   * Neither the name of the author nor the names of its contributors may be 
+ *     used to endorse or promote products derived from this software without 
+ *     specific prior written permission.
+ *  
+ *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 
+ *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
+ *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 
+ *  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 
+ *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
+ *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 
+ *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 
+ *  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 
+ *  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 
+ *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 
+ *  POSSIBILITY OF SUCH DAMAGE.
+ *  
+ */
+
+/* Copyright (c) 2002-2011 InMon Corp. Licensed under the terms of the InMon sFlow licence: */
+/* http://www.inmon.com/technology/sflowlicense.txt */
+
+#ifndef _SFLOW_PROCESS_H
+#define _SFLOW_PROCESS_H 1
+
+#include <sys/types.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+#include <setjmp.h>
+#include <netinet/in.h>
+
+#include "collector.h"
+#include "sflow.h"
+
+// sflow definition
+
+#define YES 1
+#define NO 0
+
+/* define my own IP header struct - to ease portability */
+struct myiphdr {
+		uint8_t version_and_headerLen;
+		uint8_t tos;
+		uint16_t tot_len;
+		uint16_t id;
+		uint16_t frag_off;
+		uint8_t ttl;
+		uint8_t protocol;
+		uint16_t check;
+		uint32_t saddr;
+		uint32_t daddr;
+};
+
+/* ip6 header if no option headers */
+struct myip6hdr {
+  uint8_t version_and_priority;
+  uint8_t label1;
+  uint8_t label2;
+  uint8_t label3;
+  uint16_t payloadLength;
+  uint8_t nextHeader;
+  uint8_t ttl;
+  struct in6_addr saddr;
+  struct in6_addr daddr;
+};
+
+/* same for tcp */
+struct mytcphdr {
+		uint16_t th_sport;		/* source port */
+		uint16_t th_dport;		/* destination port */
+		uint32_t th_seq;		/* sequence number */
+		uint32_t th_ack;		/* acknowledgement number */
+		uint8_t th_off_and_unused;
+		uint8_t th_flags;
+		uint16_t th_win;		/* window */
+		uint16_t th_sum;		/* checksum */
+		uint16_t th_urp;		/* urgent pointer */
+};
+
+/* and UDP */
+struct myudphdr {
+	uint16_t uh_sport;           /* source port */
+	uint16_t uh_dport;           /* destination port */
+	uint16_t uh_ulen;            /* udp length */
+	uint16_t uh_sum;             /* udp checksum */
+};
+
+/* and ICMP */
+struct myicmphdr {
+	uint8_t type;		/* message type */
+	uint8_t code;		/* type sub-code */
+	/* ignore the rest */
+};
+
+typedef struct _SFSample {
+	/* exception handler context */
+	jmp_buf env;
+
+	struct in_addr sourceIP;		// EX_ROUTER_IP_v4
+
+	SFLAddress agent_addr;
+	uint32_t agentSubId;
+
+	/* the raw pdu */
+	uint8_t *rawSample;
+	uint32_t rawSampleLen;
+	uint8_t *endp;
+	time_t readTimestamp;
+
+	/* decode cursor */
+	uint32_t *datap;
+
+	uint32_t datagramVersion;
+	uint32_t sampleType;
+	uint32_t elementType;
+	uint32_t ds_class;
+	uint32_t ds_index;
+
+	/* generic interface counter sample */
+	SFLIf_counters ifCounters;
+
+	/* sample stream info */
+	uint32_t sysUpTime;
+	uint32_t sequenceNo;
+	uint32_t sampledPacketSize;
+	uint32_t samplesGenerated;
+	uint32_t meanSkipCount;
+	uint32_t samplePool;
+	uint32_t dropEvents;
+
+	/* the sampled header */
+	uint32_t packet_data_tag;
+	uint32_t headerProtocol;
+	uint8_t *header;
+	uint32_t headerLen;
+	uint32_t stripped;
+
+	/* header decode */
+	int gotIPV4;
+	int gotIPV4Struct;
+	int offsetToIPV4;
+	int gotIPV6;				// v6 flag
+	int gotIPV6Struct;
+	int offsetToIPV6;
+	int offsetToPayload;
+	SFLAddress ipsrc;			// Common (v6)
+	SFLAddress ipdst;			// Common (v6)
+// XXX
+	struct in_addr dcd_srcIP;	// Common (v4)
+	struct in_addr dcd_dstIP;	// Common (v4)
+	uint32_t dcd_ipProtocol;	// Common
+	uint32_t dcd_ipTos;			// EX_MULIPLE
+	uint32_t dcd_ipTTL;
+	uint32_t dcd_sport;			// Common
+	uint32_t dcd_dport;			// Common
+	uint32_t dcd_tcpFlags;		// Common
+	uint32_t ip_fragmentOffset;
+	uint32_t udp_pduLen;
+
+	/* ports */
+	uint32_t inputPortFormat;
+	uint32_t outputPortFormat;
+	uint32_t inputPort;			// EX_IO_SNMP_4
+	uint32_t outputPort;		// EX_IO_SNMP_4
+
+	/* ethernet */
+	uint32_t eth_type;
+	uint32_t eth_len;
+	u_char eth_src[8];			// EX_MAC_1
+	u_char eth_dst[8];			// EX_MAC_1
+
+	/* vlan */
+	uint32_t in_vlan;			// EX_VLAN
+	uint32_t in_priority;
+	uint32_t internalPriority;
+	uint32_t out_vlan;			// EX_VLAN
+	uint32_t out_priority;
+	int vlanFilterReject;
+
+	/* extended data fields */
+	uint32_t num_extended;
+	uint32_t extended_data_tag;
+#define SASAMPLE_EXTENDED_DATA_SWITCH 1
+#define SASAMPLE_EXTENDED_DATA_ROUTER 4
+#define SASAMPLE_EXTENDED_DATA_GATEWAY 8
+#define SASAMPLE_EXTENDED_DATA_USER 16
+#define SASAMPLE_EXTENDED_DATA_URL 32
+#define SASAMPLE_EXTENDED_DATA_MPLS 64
+#define SASAMPLE_EXTENDED_DATA_NAT 128
+#define SASAMPLE_EXTENDED_DATA_MPLS_TUNNEL 256
+#define SASAMPLE_EXTENDED_DATA_MPLS_VC 512
+#define SASAMPLE_EXTENDED_DATA_MPLS_FTN 1024
+#define SASAMPLE_EXTENDED_DATA_MPLS_LDP_FEC 2048
+#define SASAMPLE_EXTENDED_DATA_VLAN_TUNNEL 4096
+#define SASAMPLE_EXTENDED_DATA_NAT_PORT 8192
+
+	/* IP forwarding info */
+	SFLAddress nextHop;			// EX_NEXT_HOP_v4, EX_NEXT_HOP_v6
+	uint32_t srcMask;			// EX_MULIPLE
+	uint32_t dstMask;			// EX_MULIPLE
+
+	/* BGP info */
+	SFLAddress bgp_nextHop;		// EX_NEXT_HOP_BGP_v4, EX_NEXT_HOP_BGP_v6
+	uint32_t my_as;
+	uint32_t src_as;			// EX_AS_4
+	uint32_t src_peer_as;
+	uint32_t dst_as_path_len;
+	uint32_t *dst_as_path;
+	/* note: version 4 dst as path segments just get printed, not stored here, however
+	 * the dst_peer and dst_as are filled in, since those are used for netflow encoding
+	 */
+	uint32_t dst_peer_as;
+	uint32_t dst_as;			// EX_AS_4
+	
+	uint32_t communities_len;
+	uint32_t *communities;
+	uint32_t localpref;
+
+	/* user id */
+#define SA_MAX_EXTENDED_USER_LEN 200
+	uint32_t src_user_charset;
+	uint32_t src_user_len;
+	char src_user[SA_MAX_EXTENDED_USER_LEN+1];
+	uint32_t dst_user_charset;
+	uint32_t dst_user_len;
+	char dst_user[SA_MAX_EXTENDED_USER_LEN+1];
+
+	/* url */
+#define SA_MAX_EXTENDED_URL_LEN 200
+#define SA_MAX_EXTENDED_HOST_LEN 200
+	uint32_t url_direction;
+	uint32_t url_len;
+	char url[SA_MAX_EXTENDED_URL_LEN+1];
+	uint32_t host_len;
+	char host[SA_MAX_EXTENDED_HOST_LEN+1];
+
+	/* mpls */
+	SFLAddress mpls_nextHop;
+
+	/* nat */
+	SFLAddress nat_src;
+	SFLAddress nat_dst;
+
+	/* counter blocks */
+	uint32_t statsSamplingInterval;
+	uint32_t counterBlockVersion;
+
+#define SFABORT(s, r) longjmp((s)->env, (r))
+#define SF_ABORT_EOS 1
+#define SF_ABORT_DECODE_ERROR 2
+#define SF_ABORT_LENGTH_ERROR 3
+
+} SFSample;
+
+void readSFlowDatagram(SFSample *sample, FlowSource_t *fs, int verbose);
+
+#endif // _SFLOW_PROCESS_H

bin/sflow_v2v4.h

@@ -4,6 +4,15 @@
 #ifndef SFLOW_V2V4_H
 #define SFLOW_V2V4_H 1
 
+#include "config.h"
+
+#include <sys/types.h>
+#ifdef HAVE_STDINT_H
+#include <stdint.h>
+#endif
+
+#include <sflow.h>
+
 #if defined(__cplusplus)
 extern "C" {
 #endif