Provided by: nfdump_1.6.23-1_amd64 bug

NAME
       nfanon - netflow anonymisation


SYNOPSIS
       nfanon [options]


DESCRIPTION
       nfanon is used to anonymise all IP addresses ( src, dst, next hop, router IP etc. ) in the
       netflow records using the CryptoPAn (Cryptography-based  Prefix-preserving  Anonymization)
       module.  The  key  -K  is  used to initialize the Rijndael cipher.  The key is either a 32
       character string, or a 64 hex digit string starting with 0x.

          See http://www.cc.gatech.edu/computing/Telecomm/cryptopan/ for more  information  about
          CryptoPAn.

       nfanon has several modes of operation.

       o  nfanon  reads  a sequence of input files, specified by -r, -R and -M and anonymises the
       flows in the given files. The input file arguments have the same  syntax  and  meaning  as
       nfdump(1).

       o  nfanon  reads  a  sequence  of input files, specified by -r, -R and -M.  All anonymised
       flows are written to a single file specified by -w.

       o nfanon works as filter and reads flows from stding and writes the  anonymised  flows  to
       stdout.


OPTIONS
       -r inputfile
          Read input data from inputfile. Default is read from stdin.

       -R expr
          Read input from a sequence of files in the same directory. expr may be one of:
           /any/dir          Read recursively all files in directory dir.
           /dir/file         Read all files beginning with file.
           /dir/file1:file2  Read all files from file1 to file2.

           Note: files are read in alphabetical sequence.

       -M expr
          Read input from multiple directories. expr looks like: /any/path/to/dir1:dir2:dir3 etc.
          and will be expanded  to  the  directories:  /any/path/to/dir1,  /any/path/to/dir2  and
          /any/path/to/dir3  Any number of colon separated directories may be given. The files to
          read are specified by -r or -R and are expected to exist in all the given  directories.
          The options -r and -R must not contain any directory part when used in conjunction with
          -M.

       -w outputfile
          If specified writes anonymised netflow records to outputfile.

       -K key
          The key is used to initialize the Rijndael cipher. key is either a 32 character string,
          or a 64 hex digit string starting with 0x.


RETURN VALUE
       Returns
           0   No error.
           255 Initialization failed.
           250 Internal error.


NOTES
       None.


SEE ALSO
       nfdump(1)


BUGS
                                            2009-09-09                                nfexpire(1)