2.2. Flows API

The Flows API exposes functions to query and manage active ntopng flows.

Functions

function getFlowsInfo(string host_ip = nil, table pag_options = nil)

Get active flows information.

Parameters

  • host_ip – filter by host/host@vlan.

  • pag_options – options for the paginator.

Returns

table (num_flows, flows) on success (see Flow::lua), nil otherwise.

function getFlowsStatus()

Get active flows status statistics.

Returns

a table (status -> num_flows) for every status (RST, SYN, Established, FIN) on success, nil otherwise.

function getGroupedFlows(string group_col, table pag_options = nil)

Group active flows by a specified criteria.

Parameters

  • group_col – the grouping column

  • pag_options – options for the paginator.

Returns

table with grouped flows information on success, nil otherwise.

function getFlowsStats()

Get active flows nDPI bytes count.

Returns

table (num_flows, protos, breeds) which map (protocol_name->bytes_count) on success, nil otherwise.

function getnDPIFlowsCount()

Get the number of active flows by nDPI protocol.

Returns

a table (protocol_name -> num_flows) on success, nil otherwise.

function getFlowKey(string cli_ip, int cli_port, string srv_ip, int srv_port, int l4_proto)

Computes the unique flow identifier.

Parameters

  • cli_ip – host/host@vlan.

  • cli_port – the client port.

  • srv_ip – host/host@vlan.

  • srv_port – the server port.

  • l4_proto – l4 protocol id

Returns

the numeric flow key on success, nil otherwise.

function findFlowByTuple(string cli_ip, string srv_ip, int vlan, int cli_port, int srv_port, int l4_proto)

Get flow information by specifying the 5-tuple.

Parameters

  • cli_ip – host.

  • srv_ip – host.

  • vlan – the VLAN.

  • cli_port – the client port.

  • srv_port – the server port.

  • l4_proto – l4 protocol id

Returns

a table with the flow information (see Flow::lua) on success, nil otherwise.

function findFlowByKeyAndHashId(int key, int hashid)

Returns a single active flow information.

Parameters

  • key – the flow key.

  • hashid – the flow hash ID.

Returns

the flow information on success, nil otherwise.

function dropFlowTraffic(int key, int hashid)

Drops an active flow traffic.

Note

this is only effective when using nEdge.

Parameters

  • key – the flow key.

  • hashid – the flow hash ID.

Returns

true on success, false otherwise