+ nf_rec->src_port = nf_flow->tp_src;
+ nf_rec->dst_port = nf_flow->tp_dst;
+ }
+ nf_rec->tcp_flags = (uint8_t) nf_flow->tcp_flags;
+ nf_rec->ip_proto = nf_flow->nw_proto;
+ nf_rec->ip_tos = nf_flow->nw_tos & IP_DSCP_MASK;
+
+ /* NetFlow messages are limited to 30 records. */
+ if (ntohs(nf_hdr->count) >= 30) {
+ netflow_run__(nf);
+ }
+}
+
+void
+netflow_flow_update(struct netflow *nf, const struct flow *flow,
+ ofp_port_t output_iface,
+ const struct dpif_flow_stats *stats)
+ OVS_EXCLUDED(mutex)
+{
+ struct netflow_flow *nf_flow;
+ long long int used;
+
+ /* NetFlow only reports on IP packets. */
+ if (flow->dl_type != htons(ETH_TYPE_IP)) {
+ return;
+ }
+
+ ovs_mutex_lock(&mutex);
+ nf_flow = netflow_flow_lookup(nf, flow);
+ if (!nf_flow) {
+ nf_flow = xzalloc(sizeof *nf_flow);
+ nf_flow->in_port = flow->in_port.ofp_port;
+ nf_flow->nw_src = flow->nw_src;
+ nf_flow->nw_dst = flow->nw_dst;
+ nf_flow->nw_tos = flow->nw_tos;
+ nf_flow->nw_proto = flow->nw_proto;
+ nf_flow->tp_src = flow->tp_src;
+ nf_flow->tp_dst = flow->tp_dst;
+ nf_flow->created = stats->used;
+ nf_flow->output_iface = output_iface;
+ hmap_insert(&nf->flows, &nf_flow->hmap_node, netflow_flow_hash(flow));
+ }
+
+ if (nf_flow->output_iface != output_iface) {
+ netflow_expire__(nf, nf_flow);
+ nf_flow->created = stats->used;
+ nf_flow->output_iface = output_iface;
+ }
+
+ nf_flow->packet_count += stats->n_packets;
+ nf_flow->byte_count += stats->n_bytes;
+ nf_flow->tcp_flags |= stats->tcp_flags;
+
+ used = MAX(nf_flow->used, stats->used);
+ if (nf_flow->used != used) {
+ nf_flow->used = used;
+ if (!nf->active_timeout || !nf_flow->last_expired
+ || nf->reconfig_time > nf_flow->last_expired) {
+ /* Keep the time updated to prevent a flood of expiration in
+ * the future. */
+ nf_flow->last_expired = time_msec();
+ }
+ }
+
+ ovs_mutex_unlock(&mutex);
+}
+
+static void
+netflow_expire__(struct netflow *nf, struct netflow_flow *nf_flow)
+ OVS_REQUIRES(mutex)
+{
+ uint64_t pkts, bytes;
+
+ pkts = nf_flow->packet_count;
+ bytes = nf_flow->byte_count;
+
+ nf_flow->last_expired += nf->active_timeout;
+
+ if (pkts == 0) {
+ return;
+ }
+
+ if ((bytes >> 32) <= 175) {
+ /* NetFlow v5 records are limited to 32-bit counters. If we've wrapped
+ * a counter, send as multiple records so we don't lose track of any
+ * traffic. We try to evenly distribute the packet and byte counters,
+ * so that the bytes-per-packet lengths don't look wonky across the
+ * records. */
+ while (bytes) {
+ int n_recs = (bytes + UINT32_MAX - 1) / UINT32_MAX;
+ uint32_t pkt_count = pkts / n_recs;
+ uint32_t byte_count = bytes / n_recs;
+
+ gen_netflow_rec(nf, nf_flow, pkt_count, byte_count);
+
+ pkts -= pkt_count;
+ bytes -= byte_count;
+ }
+ } else {
+ /* In 600 seconds, a 10GbE link can theoretically transmit 75 * 10**10
+ * == 175 * 2**32 bytes. The byte counter is bigger than that, so it's
+ * probably a bug--for example, the netdev code uses UINT64_MAX to
+ * report "unknown value", and perhaps that has leaked through to here.
+ *
+ * We wouldn't want to hit the loop above in this case, because it
+ * would try to send up to UINT32_MAX netflow records, which would take
+ * a long time.
+ */
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1);
+
+ VLOG_WARN_RL(&rl, "impossible byte counter %"PRIu64, bytes);