root / plugins / other / fwbuilder_ @ 0b47dd88
Historique | Voir | Annoter | Télécharger (3 ko)
| 1 |
#!/bin/sh |
|---|---|
| 2 |
# |
| 3 |
# Wildcard-plugin to monitor IP addresses through iptables. To monitor an |
| 4 |
# IP, link fwbuilder_<ipaddress> to this file. E.g. |
| 5 |
# |
| 6 |
# ln -s /usr/share/node/node/plugins-auto/fwbuilder_ /etc/munin/node.d/fwbuilder_192.168.0.1 |
| 7 |
# |
| 8 |
# ...will monitor the IP 192.168.0.1. |
| 9 |
# |
| 10 |
# Aditionally, you need Accountingrules in fwbuilder |
| 11 |
# fwbuilder creates Chains in INPUT-, OUTPUT- and FORWARD-Chain |
| 12 |
# with Rules that "RETURN" |
| 13 |
# You will have to specify rule options with name "ACCOUNTING" for the |
| 14 |
# rules to use, otherwise no rules will be found. |
| 15 |
# try "fwbuilder_ suggest" to see if all is ok. |
| 16 |
# |
| 17 |
# |
| 18 |
# Furthermore, this plugin needs to be run as root for iptables to work |
| 19 |
# |
| 20 |
# This plugin is based on the if_ plugin. |
| 21 |
# |
| 22 |
#$Log$ |
| 23 |
#Revision 2.1 2007/05/01 08:36:32 ga |
| 24 |
# changed to use rulename ACCOUNTING set in fwbuilder |
| 25 |
# |
| 26 |
#Revision 2.0 2007/04/01 08:41:54 ga |
| 27 |
#copied ip_ to fwbuilder_ and changed to usee Rules from it |
| 28 |
#some things rewritten to speed up |
| 29 |
# |
| 30 |
#Revision 1.7 2004/12/10 10:47:49 jimmyo |
| 31 |
#Change name from ${scale} to ${graph_period}, to be more consistent.
|
| 32 |
# |
| 33 |
#Revision 1.6 2004/12/09 22:12:56 jimmyo |
| 34 |
#Added "graph_period" option, to make "graph_sums" usable. |
| 35 |
# |
| 36 |
#Revision 1.5 2004/11/21 00:17:12 jimmyo |
| 37 |
#Changed a lot of plugins so they use DERIVE instead of COUNTER. |
| 38 |
# |
| 39 |
#Revision 1.4 2004/09/10 23:06:30 jimmyo |
| 40 |
#Added accidentally deleted exit. |
| 41 |
# |
| 42 |
#Revision 1.3 2004/09/10 23:02:22 jimmyo |
| 43 |
#Plugin linux/ip_ now does more proper autoconfig/suggest. |
| 44 |
# |
| 45 |
#Revision 1.2 2004/05/20 13:57:12 jimmyo |
| 46 |
#Set categories to some of the plugins. |
| 47 |
# |
| 48 |
#Revision 1.1 2004/05/16 16:28:40 jimmyo |
| 49 |
#Linux/ip_ wildcard plugin contributed by Mathy Vanvoorden (SF#954851). |
| 50 |
# |
| 51 |
# |
| 52 |
# Magic markers (optional - used by munin-config and some installation |
| 53 |
# scripts): |
| 54 |
# |
| 55 |
#%# family=auto |
| 56 |
#%# capabilities=autoconf suggest |
| 57 |
exec 2>/dev/null |
| 58 |
|
| 59 |
IP=${0/*fwbuilder_/}
|
| 60 |
IP=${IP/-/\/}
|
| 61 |
|
| 62 |
if [ "$1" = "autoconf" ]; then |
| 63 |
if [ -r /proc/net/dev ]; then |
| 64 |
iptables -L INPUT -v -n -x >/dev/null 2>/dev/null |
| 65 |
if [ $? -gt 0 ]; then |
| 66 |
echo "no (could not run iptables as user `whoami`)" |
| 67 |
exit 1 |
| 68 |
else |
| 69 |
echo yes |
| 70 |
exit 0 |
| 71 |
fi |
| 72 |
else |
| 73 |
echo "no (/proc/net/dev not found)" |
| 74 |
exit 1 |
| 75 |
fi |
| 76 |
fi |
| 77 |
|
| 78 |
if [ "$1" = "suggest" ]; then |
| 79 |
# find Chains for Accounting |
| 80 |
iptables -L -n |grep ^ACCOUNTING |awk '{printf "%s\n%s\n",$4,$5}'| sort -u |sed 's#\/#-#'
|
| 81 |
exit 0 |
| 82 |
fi |
| 83 |
|
| 84 |
if [ "$1" = "config" ]; then |
| 85 |
|
| 86 |
echo "graph_order out in" |
| 87 |
echo "graph_title $IP traffic" |
| 88 |
echo 'graph_args --base 1024' |
| 89 |
echo 'graph_vlabel bytes per ${graph_period}'
|
| 90 |
echo 'graph_category network' |
| 91 |
echo 'out.label sent' |
| 92 |
echo 'out.type DERIVE' |
| 93 |
echo 'out.min 0' |
| 94 |
echo 'out.cdef out,8,*' |
| 95 |
echo 'in.label received' |
| 96 |
echo 'in.type DERIVE' |
| 97 |
echo 'in.min 0' |
| 98 |
echo 'in.cdef in,8,*' |
| 99 |
exit 0 |
| 100 |
fi; |
| 101 |
|
| 102 |
echo "in.value $(( $(iptables -L -n -v -x |grep "ACCOUNTING" |awk '{printf "%s %s\n",$2,$9}' |grep $IP |awk '{printf "%s + ",$1}') 0 ))"
|
| 103 |
echo "out.value $(( $(iptables -L -n -v -x |grep "ACCOUNTING" |awk '{printf "%s %s\n",$2,$8}' |grep $IP |awk '{printf "%s + ",$1}') 0 ))"
|
| 104 |
|