root / plugins / network / ip_forward_ @ 8589c6df
Historique | Voir | Annoter | Télécharger (2,02 ko)
| 1 |
#!/bin/sh |
|---|---|
| 2 |
# |
| 3 |
# Wildcard-plugin to monitor forward traffic for network interfaces through iptables. To monitor an |
| 4 |
# interface, link if_forward_<interface> to this file. E.g. |
| 5 |
# |
| 6 |
# ln -s /usr/share/node/node/plugins-auto/if_forward_ /etc/munin/node.d/if_forward_eth0 |
| 7 |
# |
| 8 |
# ...will monitor forwarded traffic trough eth0. |
| 9 |
# |
| 10 |
# Additionally, you need these iptables rules as the first rules (they don't do anything, just make packet counts) |
| 11 |
# |
| 12 |
# iptables -A FORWARD -i eth0 |
| 13 |
# iptables -A FORWARD -o eth0 |
| 14 |
# |
| 15 |
# Furthermore, this plugin needs to be run as root for iptables to work |
| 16 |
# |
| 17 |
# This plugin is based on the if_ and ip_ plugin. |
| 18 |
# |
| 19 |
# Magic markers (optional - used by munin-config and some installation |
| 20 |
# scripts): |
| 21 |
# |
| 22 |
#%# family=auto |
| 23 |
#%# capabilities=autoconf suggest |
| 24 |
|
| 25 |
|
| 26 |
IF=`basename $0 | sed 's/^if_forward_//g'` |
| 27 |
|
| 28 |
if [ "$1" = "autoconf" ]; then |
| 29 |
if [ -r /proc/net/dev ]; then |
| 30 |
iptables-save -c >/dev/null 2>/dev/null |
| 31 |
if [ $? -gt 0 ]; then |
| 32 |
echo "no (could not run iptables-save as user `whoami`)" |
| 33 |
exit 1 |
| 34 |
else |
| 35 |
echo yes |
| 36 |
exit 0 |
| 37 |
fi |
| 38 |
else |
| 39 |
echo "no (/proc/net/dev not found)" |
| 40 |
exit 1 |
| 41 |
fi |
| 42 |
fi |
| 43 |
|
| 44 |
if [ "$1" = "suggest" ]; then |
| 45 |
if [ -r /proc/net/dev ]; then |
| 46 |
egrep '^ *(eth|wlan|ath|ra)[0-9]+:' /proc/net/dev | cut -f1 -d: | sed 's/ //g' |
| 47 |
exit 0 |
| 48 |
else |
| 49 |
exit 1 |
| 50 |
fi |
| 51 |
fi |
| 52 |
|
| 53 |
if [ "$1" = "config" ]; then |
| 54 |
|
| 55 |
echo "graph_order out in" |
| 56 |
echo "graph_title $IF forwarded traffic" |
| 57 |
echo 'graph_args --base 1000' |
| 58 |
echo 'graph_vlabel bits per ${graph_period}'
|
| 59 |
echo 'graph_category network' |
| 60 |
echo "graph_info This graph shows only FORWARD traffic that pass through the interface." |
| 61 |
echo 'out.label sent' |
| 62 |
echo 'out.type DERIVE' |
| 63 |
echo 'out.min 0' |
| 64 |
echo 'out.cdef out,8,*' |
| 65 |
echo 'in.label received' |
| 66 |
echo 'in.type DERIVE' |
| 67 |
echo 'in.min 0' |
| 68 |
echo 'in.cdef in,8,*' |
| 69 |
exit 0 |
| 70 |
fi; |
| 71 |
|
| 72 |
iptables-save -c | grep $IF | grep i | cut -f2 -d':' | cut -f1 -d']' | awk "{ print \"in.value \" \$0 }"
|
| 73 |
iptables-save -c | grep $IF | grep o | cut -f2 -d':' | cut -f1 -d']' | awk "{ print \"out.value \" \$0 }"
|
| 74 |
|