Protocol Types Fix and Readme updates (#81)

* Protocol Types Fix and Readme updates --------- Co-authored-by: mikemiles-dev <[email protected]>
mikemiles-dev · Sep 17, 2024 · 3d62759 · 3d62759
1 parent 0471ad7
commit 3d62759
Show file tree

Hide file tree

Showing 6 changed files with 38 additions and 9 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "netflow_parser"
 description = "Parser for Netflow Cisco V5, V7, V9, IPFIX"
-version = "0.4.2"
+version = "0.4.3"
 edition = "2021"
 author = "[email protected]"
 license = "MIT OR Apache-2.0"

diff --git a/README.md b/README.md
@@ -1,13 +1,13 @@
 # netflow_parser
 
+## Description
+
 A Netflow Parser library for Cisco V5, V7, V9, IPFIX written in Rust.
 Supports chaining of multple versions in the same stream.  ({v5 packet}, {v7packet}, {v5packet}, {v9packet}, etc.)
 
-# References
+## References
 See: <https://en.wikipedia.org/wiki/NetFlow>
 
-# Description
-
 ## Example
 
 ### V5

diff --git a/RELEASES.md b/RELEASES.md
@@ -1,3 +1,7 @@
+# 0.4.3
+ * Fixed bug in NetflowCommon where ProtocolType was never set.
+ * Minior Readme Changes.
+
 # 0.4.2
  * Increased coverage.
  * Reworked Readme.

diff --git a/SECURITY.md b/SECURITY.md
@@ -4,6 +4,7 @@
 
 | Version | Supported          |
 | ------- | ------------------ |
+| 0.4.3   | :white_check_mark: |
 | 0.4.2   | :white_check_mark: |
 | 0.4.1   | :white_check_mark: |
 | 0.4.0   | :white_check_mark: |

diff --git a/src/lib.rs b/src/lib.rs
@@ -1,13 +1,13 @@
 //! # netflow_parser
 //!
+//! ## Description
+//!
 //! A Netflow Parser library for Cisco V5, V7, V9, IPFIX written in Rust.
 //! Supports chaining of multple versions in the same stream.  ({v5 packet}, {v7packet}, {v5packet}, {v9packet}, etc.)
 //!
-//! # References
+//! ## References
 //! See: <https://en.wikipedia.org/wiki/NetFlow>
 //!
-//! # Description
-//!
 //! ## Example
 //!
 //! ### V5

diff --git a/src/netflow_common.rs b/src/netflow_common.rs
@@ -168,7 +168,15 @@ impl From<&V9> for NetflowCommon {
                                 FieldValue::DataNumber(DataNumber::U32(seen)) => Some(*seen),
                                 _ => None,
                             }),
-                        protocol_type: None,
+                        protocol_type: values
+                            .iter()
+                            .find(|(k, _)| *k == V9Field::Protocol)
+                            .and_then(|(_, v)| match v {
+                                FieldValue::DataNumber(DataNumber::U8(proto)) => {
+                                    Some(ProtocolTypes::from(*proto))
+                                }
+                                _ => None,
+                            }),
                     });
                 }
             }
@@ -249,7 +257,15 @@ impl From<&IPFix> for NetflowCommon {
                                 FieldValue::DataNumber(DataNumber::U32(seen)) => Some(*seen),
                                 _ => None,
                             }),
-                        protocol_type: None,
+                        protocol_type: values
+                            .iter()
+                            .find(|(k, _)| *k == IPFixField::ProtocolIdentifier)
+                            .and_then(|(_, v)| match v {
+                                FieldValue::DataNumber(DataNumber::U8(proto)) => {
+                                    Some(ProtocolTypes::from(*proto))
+                                }
+                                _ => None,
+                            }),
                     });
                 }
             }
@@ -485,6 +501,10 @@ mod common_tests {
         assert_eq!(flowset.src_port.unwrap(), 1234);
         assert_eq!(flowset.dst_port.unwrap(), 80);
         assert_eq!(flowset.protocol_number.unwrap(), 6);
+        assert_eq!(
+            flowset.protocol_type.unwrap(),
+            crate::protocol::ProtocolTypes::Tcp
+        );
         assert_eq!(flowset.first_seen.unwrap(), 100);
         assert_eq!(flowset.last_seen.unwrap(), 200);
     }
@@ -582,6 +602,10 @@ mod common_tests {
         assert_eq!(flowset.src_port.unwrap(), 1234);
         assert_eq!(flowset.dst_port.unwrap(), 80);
         assert_eq!(flowset.protocol_number.unwrap(), 6);
+        assert_eq!(
+            flowset.protocol_type.unwrap(),
+            crate::protocol::ProtocolTypes::Tcp
+        );
         assert_eq!(flowset.first_seen.unwrap(), 100);
         assert_eq!(flowset.last_seen.unwrap(), 200);
     }