2.2. Flows API

The Flows API exposes functions to query and manage active ntopng flows.

Functions

function getFlowsInfo(string host_ip = nil, table pag_options = nil)

Get active flows information.

Return
table (num_flows, flows) on success (see Flow::lua), nil otherwise.
Parameters
  • host_ip: filter by host/host@vlan.
  • pag_options: options for the paginator.

function getFlowsStatus()

Get active flows status statistics.

Return
a table (status -> num_flows) for every status (RST, SYN, Established, FIN) on success, nil otherwise.

function getGroupedFlows(string group_col, table pag_options = nil)

Group active flows by a specified criteria.

Return
table with grouped flows information on success, nil otherwise.
Parameters
  • group_col: the grouping column
  • pag_options: options for the paginator.

function getFlowsStats()

Get active flows nDPI bytes count.

Return
table (num_flows, protos, breeds) which map (protocol_name->bytes_count) on success, nil otherwise.

function getnDPIFlowsCount()

Get the number of active flows by nDPI protocol.

Return
a table (protocol_name -> num_flows) on success, nil otherwise.

function getFlowKey(string cli_ip, int cli_port, string srv_ip, int srv_port, int l4_proto)

Computes the unique flow identifier.

Return
the numeric flow key on success, nil otherwise.
Parameters
  • cli_ip: host/host@vlan.
  • cli_port: the client port.
  • srv_ip: host/host@vlan.
  • srv_port: the server port.
  • l4_proto: l4 protocol id

function findFlowByTuple(string cli_ip, string srv_ip, int vlan, int cli_port, int srv_port, int l4_proto)

Get flow information by specifying the 5-tuple.

Return
a table with the flow information (see Flow::lua) on success, nil otherwise.
Parameters
  • cli_ip: host.
  • srv_ip: host.
  • vlan: the VLAN.
  • cli_port: the client port.
  • srv_port: the server port.
  • l4_proto: l4 protocol id

function findFlowByKeyAndHashId(int key, int hashid)

Returns a single active flow information.

Return
the flow information on success, nil otherwise.
Parameters
  • key: the flow key.
  • hashid: the flow hash ID.

function dropFlowTraffic(int key, int hashid)

Drops an active flow traffic.

Note
this is only effective when using nEdge.
Return
true on success, false otherwise
Parameters
  • key: the flow key.
  • hashid: the flow hash ID.