root / plugins / network / shorewall_ @ a7139bca
Historique | Voir | Annoter | Télécharger (2,6 ko)
| 1 |
#!/usr/bin/env python |
|---|---|
| 2 |
# shorewall_ v2.0 - 30 Aug 2008 - Tanguy Pruvot <tanguy.pruvot@gmail.com> |
| 3 |
# |
| 4 |
# A munin plugin for tracking traffic as recorded by shorewall accounting rules |
| 5 |
# |
| 6 |
# ex: ln -s /usr/share/munin/plugins/shorewall_ /etc/munin/plugins/shorewall_ftp |
| 7 |
# will log ftp* rules like ftp, ftp_input, ftp_output etc... |
| 8 |
# |
| 9 |
# Basic Concept by Chris AtLee <chris@atlee.ca> Released under the GPL v2 |
| 10 |
|
| 11 |
import sys, commands, re |
| 12 |
from sys import argv |
| 13 |
from os.path import split |
| 14 |
|
| 15 |
path,script_name = split(argv[0]) |
| 16 |
FilterExp = re.compile(r"^shorewall_(.*)$") |
| 17 |
m = FilterExp.match(script_name) |
| 18 |
if m is not None: |
| 19 |
filterName = " " + m.group(1) |
| 20 |
rFilter = r"^" + m.group(1) + ".*$" |
| 21 |
else: |
| 22 |
filterName = "" |
| 23 |
rFilter = r"^.*$" |
| 24 |
|
| 25 |
FilterExp = re.compile(rFilter) |
| 26 |
|
| 27 |
# regex for "shorewall show xxxx" output lines |
| 28 |
accountingLineExp = re.compile(r"^\s*\d+[KMG]*\s+(\d+)([KMGT]*)\s+(\w+).*$") |
| 29 |
|
| 30 |
def getBytesByChain(): |
| 31 |
trafficCmd = "shorewall" |
| 32 |
status, output = commands.getstatusoutput("/sbin/shorewall show accounting 2>/dev/null")
|
| 33 |
if status != 0: |
| 34 |
raise OSError("Error running command (%s)[%i]: %s" % (trafficCmd, status, output))
|
| 35 |
chains = {}
|
| 36 |
for line in output.split("\n"):
|
| 37 |
m = accountingLineExp.match(line) |
| 38 |
if m is not None: |
| 39 |
target = m.group(3) |
| 40 |
bytes = int(m.group(1)) |
| 41 |
|
| 42 |
f = FilterExp.match(target) |
| 43 |
if f is not None: |
| 44 |
if m.group(2) == "K": |
| 45 |
bytes *= 1024 |
| 46 |
elif m.group(2) == "M": |
| 47 |
bytes *= 1024 * 1024 |
| 48 |
elif m.group(2) == "G": |
| 49 |
bytes *= 1024 * 1024 * 1024 |
| 50 |
elif m.group(2) == "T": |
| 51 |
bytes *= 1024 * 1024 * 1024 * 1024 |
| 52 |
|
| 53 |
if target in chains: |
| 54 |
chains[target] += bytes |
| 55 |
else: |
| 56 |
chains[target] = bytes |
| 57 |
|
| 58 |
retval = [] |
| 59 |
chainNames = chains.keys() |
| 60 |
chainNames.sort() |
| 61 |
for name in chainNames: |
| 62 |
retval.append((name, chains[name])) |
| 63 |
return retval |
| 64 |
|
| 65 |
if len(sys.argv) > 1: |
| 66 |
if sys.argv[1] == "autoconf": |
| 67 |
print "yes" |
| 68 |
sys.exit(0) |
| 69 |
elif sys.argv[1] == "config": |
| 70 |
print "graph_title Shorewall accounting%s" % filterName |
| 71 |
print "graph_category network" |
| 72 |
print "graph_vlabel bits per ${graph_period}"
|
| 73 |
for chain,bytes in getBytesByChain(): |
| 74 |
print "%s.min 0" % chain |
| 75 |
print "%s.type DERIVE" % chain |
| 76 |
print "%s.label %s" % (chain, chain) |
| 77 |
print "%s.cdef %s,8,*" % (chain, chain) |
| 78 |
sys.exit(0) |
| 79 |
|
| 80 |
for chain, bytes in getBytesByChain(): |
| 81 |
print "%s.value %i" % (chain, bytes) |