Provided by: nfdump_1.7.3-1build2_amd64 
NAME
nfanon — anonymize the IP addresses
SYNOPSIS
nfanon -r path [-w nffile] -K key [-q] [-h]
DESCRIPTION
nfanon anonimizes all IP addresses ( src, dst, next hop, router IP etc. ) in the netflow records using
the CryptoPAn (Cryptography-based Prefix-preserving Anonymization) module. The key -K is used to
initialize the Rijndael cipher. The key is either a 32 character string, or a 64 hex digit string
starting with 0x. See https://en.wikipedia.org/wiki/Crypto-PAn for more information on CryptoPAn.
The source specified by argument -r path may point to a single nfdump file or to a directory containing
many nfdump files. All files in a directory are processed recursively.
If the output argument -w nffile is given, all anonimized records are written into that single file, even
if the source is a directory. If no argument -w is specified, nfanon overwrites the original source file
with the anonymized flow records. If the source is a directory, each flow file is anonymized
respectively.
The options are as follows:
-r path
Path to read flow files to anonymize. Path may point to a single file or a directory containing
many flow files.
[-w nffile]
File name to write anonymized flow records to. If this argument is missing, the source file name
is taken, which means the original file is overwritten.
-k key key is either a 32 character string, or a 64 char hex string starting with 0x. This key is used
to initialize the anonymizer.
-q nfanon prints the file name to be processed and an actifivy spinner. This option disables both.
-h Print help text to stdout and exit.
EXAMPLES
To create a random 64 character hex string you may use the following command:
% xxd -u -l 32 -p -c 64 /dev/urandom
Use the resulting output as key, prepended with 0x as -K argument.
RETURN VALUES
nfanon returns 0 on success and 255 otherwise.
SEE ALSO
nfdump(1)
Debian $Mdocdate$ NFANON(1)