root / plugins / network / ip_forward_ @ 8589c6df
Historique | Voir | Annoter | Télécharger (2,02 ko)
| 1 | 51ee702d | Various | #!/bin/sh |
|---|---|---|---|
| 2 | # |
||
| 3 | 471311df | nukleus | # Wildcard-plugin to monitor forward traffic for network interfaces through iptables. To monitor an |
| 4 | 51ee702d | Various | # interface, link if_forward_<interface> to this file. E.g. |
| 5 | # |
||
| 6 | # ln -s /usr/share/node/node/plugins-auto/if_forward_ /etc/munin/node.d/if_forward_eth0 |
||
| 7 | # |
||
| 8 | # ...will monitor forwarded traffic trough eth0. |
||
| 9 | # |
||
| 10 | 8589c6df | klemens | # Additionally, you need these iptables rules as the first rules (they don't do anything, just make packet counts) |
| 11 | 51ee702d | Various | # |
| 12 | # iptables -A FORWARD -i eth0 |
||
| 13 | # iptables -A FORWARD -o eth0 |
||
| 14 | # |
||
| 15 | # Furthermore, this plugin needs to be run as root for iptables to work |
||
| 16 | # |
||
| 17 | # This plugin is based on the if_ and ip_ plugin. |
||
| 18 | # |
||
| 19 | # Magic markers (optional - used by munin-config and some installation |
||
| 20 | # scripts): |
||
| 21 | # |
||
| 22 | #%# family=auto |
||
| 23 | #%# capabilities=autoconf suggest |
||
| 24 | |||
| 25 | |||
| 26 | IF=`basename $0 | sed 's/^if_forward_//g'` |
||
| 27 | |||
| 28 | if [ "$1" = "autoconf" ]; then |
||
| 29 | if [ -r /proc/net/dev ]; then |
||
| 30 | iptables-save -c >/dev/null 2>/dev/null |
||
| 31 | if [ $? -gt 0 ]; then |
||
| 32 | echo "no (could not run iptables-save as user `whoami`)" |
||
| 33 | exit 1 |
||
| 34 | else |
||
| 35 | echo yes |
||
| 36 | exit 0 |
||
| 37 | fi |
||
| 38 | else |
||
| 39 | echo "no (/proc/net/dev not found)" |
||
| 40 | exit 1 |
||
| 41 | fi |
||
| 42 | fi |
||
| 43 | |||
| 44 | if [ "$1" = "suggest" ]; then |
||
| 45 | if [ -r /proc/net/dev ]; then |
||
| 46 | egrep '^ *(eth|wlan|ath|ra)[0-9]+:' /proc/net/dev | cut -f1 -d: | sed 's/ //g' |
||
| 47 | exit 0 |
||
| 48 | else |
||
| 49 | exit 1 |
||
| 50 | fi |
||
| 51 | fi |
||
| 52 | |||
| 53 | if [ "$1" = "config" ]; then |
||
| 54 | |||
| 55 | echo "graph_order out in" |
||
| 56 | echo "graph_title $IF forwarded traffic" |
||
| 57 | echo 'graph_args --base 1000' |
||
| 58 | echo 'graph_vlabel bits per ${graph_period}'
|
||
| 59 | echo 'graph_category network' |
||
| 60 | 471311df | nukleus | echo "graph_info This graph shows only FORWARD traffic that pass through the interface." |
| 61 | 51ee702d | Various | echo 'out.label sent' |
| 62 | echo 'out.type DERIVE' |
||
| 63 | echo 'out.min 0' |
||
| 64 | echo 'out.cdef out,8,*' |
||
| 65 | echo 'in.label received' |
||
| 66 | echo 'in.type DERIVE' |
||
| 67 | echo 'in.min 0' |
||
| 68 | echo 'in.cdef in,8,*' |
||
| 69 | exit 0 |
||
| 70 | fi; |
||
| 71 | |||
| 72 | iptables-save -c | grep $IF | grep i | cut -f2 -d':' | cut -f1 -d']' | awk "{ print \"in.value \" \$0 }"
|
||
| 73 | iptables-save -c | grep $IF | grep o | cut -f2 -d':' | cut -f1 -d']' | awk "{ print \"out.value \" \$0 }"
|