15.2. Customising protocol names

sFlowTrend-Pro comes with a built-in mapping from protocol numbers (eg TCP and UDP port) to names, to make charts and reports easier to understand. If you have any site-specific protocols that you would like to add, so that they show with the correct name for your network, then this can achieved by adding a protocol definitions file.

First, create a file called protocols.txt in the sFlowTrend-Pro server home directory (you can find this from the ToolsOptions menu). Make sure that you create the file on the server, if you are running sFlowTrend-Pro as a service. Then add to the file the definitions required. The format of the file must be

[Section]
number, name
number, name
rangeStart-rangeEnd, name
number, name, longName
...

[Section]
number, name
number, name
...
            

Each [Section] provides definitions for a specific type of protocol number. The sections that are currently allowed are show in Table 15.1, “Protocol definition sections”. Following the section definition, any number of definition lines can be entered. The definition lines start with the protocol number (in decimal), or optionally a range of numbers, followed by a comma then the name of the protocol. This can be optionally followed by an extended name, which is currently not used in sFlowTrend-Pro, but could be in the future.

Table 15.1, “Protocol definition sections” shows the sections than can be used, and provides an example of a definition line that might be in each section. Once you have created the file with the definitions that you require, or if you edit the file, the sFlowTrend-Pro service must be restarted for the change to take effect (or if you are running sFlowTrend-Pro as an application, just restart the application).

Table 15.1. Protocol definition sections

Section Description Example definition
[ETHERNET] Ethernet ethertype 2048, IPv4
[IEEE802] IEEE 802.2 SAP 170, SNAP
[IP] IP protocol number 17, UDP
[ICMP] ICMP type 8, Echo
[TCP] TCP port 80, http
[UDP] The total of all non-error received frames 161, snmp

For example, this is an excerpt from the standard mapping that is included with sFlowTrend-Pro:

[IEEE802]
2,Indiv LLC Sublayer Mgt
3,Group LLC Sublayer Mgt
4,SNA Path Control

[IP]
0,HOPOPT,IPv6 Hop-by-Hop Option           
1,ICMP,Internet Control Message          
2,IGMP,Internet Group Management        
3,GGP,Gateway-to-Gateway                
4,IP,IP in IP (encapsulation)         
5,ST,Stream                   
6,TCP,Transmission Control              

[TCP]
1,tcpmux,TCP Port Service Multiplexer
2,compressnet,Management Utility
3,compressnet,Compression Process
5,rje,Remote Job Entry
7,echo,Echo
9,discard,Discard
11,systat,Active Users
13,daytime,Daytime (RFC 867)
17,qotd,Quote of the Day
18,msp,Message Send Protocol
19,chargen,Character Generator
20,ftp-data,File Transfer [Default Data]
21,ftp,File Transfer [Control]
22,ssh,SSH Remote Login Protocol