contrib-munin/plugins/network/shorewall_

#!/usr/bin/python
# shorewall_ v2.0 - 30 Aug 2008 - Tanguy Pruvot <tanguy.pruvot@gmail.com>
#
# A munin plugin for tracking traffic as recorded by shorewall accounting rules
#
# ex: ln -s /usr/share/munin/plugins/shorewall_ /etc/munin/plugins/shorewall_ftp
# will log ftp* rules like ftp, ftp_input, ftp_output etc...
#
# Basic Concept by Chris AtLee <chris@atlee.ca> Released under the GPL v2

import sys, commands, re
from sys import argv
from os.path import split

path,script_name = split(argv[0])
FilterExp = re.compile(r"^shorewall_(.*)$")
m = FilterExp.match(script_name)
if m is not None:
    filterName = " " + m.group(1)
    rFilter    = r"^" + m.group(1) + ".*$"
else:
    filterName = ""
    rFilter    = r"^.*$"

FilterExp = re.compile(rFilter)

# regex for "shorewall show xxxx" output lines
accountingLineExp = re.compile(r"^\s*\d+[KMG]*\s+(\d+)([KMGT]*)\s+(\w+).*$")

def getBytesByChain():
    trafficCmd = "shorewall"
    status, output = commands.getstatusoutput("/sbin/shorewall show accounting 2>/dev/null")
    if status != 0:
        raise OSError("Error running command (%s)[%i]: %s" % (trafficCmd, status, output))
    chains = {}
    for line in output.split("\n"):
        m = accountingLineExp.match(line)
        if m is not None:
            target = m.group(3)
            bytes = int(m.group(1))

            f = FilterExp.match(target)
            if f is not None:
                if m.group(2) == "K":
                    bytes *= 1024
                elif m.group(2) == "M":
                    bytes *= 1024 * 1024
                elif m.group(2) == "G":
                    bytes *= 1024 * 1024 * 1024
                elif m.group(2) == "T":
                    bytes *= 1024 * 1024 * 1024 * 1024

                if target in chains:
                    chains[target] += bytes
                else:
                    chains[target] = bytes

    retval = []
    chainNames = chains.keys()
    chainNames.sort()
    for name in chainNames:
        retval.append((name, chains[name]))
    return retval

if len(sys.argv) > 1:
    if sys.argv[1] == "autoconf":
        print "yes"
        sys.exit(0)
    elif sys.argv[1] == "config":
        print "graph_title Shorewall accounting%s" % filterName
        print "graph_category network"
        print "graph_vlabel bits per ${graph_period}"
        for chain,bytes in getBytesByChain():
            print "%s.min 0" % chain
            print "%s.type DERIVE" % chain
            print "%s.label %s" % (chain, chain)
            print "%s.cdef %s,8,*" % (chain, chain)
        sys.exit(0)

for chain, bytes in getBytesByChain():
    print "%s.value %i" % (chain, bytes)
Initial version 2008-08-30 22:03:53 +02:00			`#!/usr/bin/python`
			`# shorewall_ v2.0 - 30 Aug 2008 - Tanguy Pruvot <tanguy.pruvot@gmail.com>`
Whitespace cleanup * remove trailing whitespace * remove empty lines at the end of files 2018-08-02 02:03:42 +02:00			`#`
Initial version 2008-08-30 22:03:53 +02:00			`# A munin plugin for tracking traffic as recorded by shorewall accounting rules`
Whitespace cleanup * remove trailing whitespace * remove empty lines at the end of files 2018-08-02 02:03:42 +02:00			`#`
Initial version 2008-08-30 22:03:53 +02:00			`# ex: ln -s /usr/share/munin/plugins/shorewall_ /etc/munin/plugins/shorewall_ftp`
			`# will log ftp* rules like ftp, ftp_input, ftp_output etc...`
Whitespace cleanup * remove trailing whitespace * remove empty lines at the end of files 2018-08-02 02:03:42 +02:00			`#`
Initial version 2008-08-30 22:03:53 +02:00			`# Basic Concept by Chris AtLee <chris@atlee.ca> Released under the GPL v2`

			`import sys, commands, re`
			`from sys import argv`
			`from os.path import split`

			`path,script_name = split(argv[0])`
			`FilterExp = re.compile(r"^shorewall_(.*)$")`
			`m = FilterExp.match(script_name)`
			`if m is not None:`
			`filterName = " " + m.group(1)`
			`rFilter = r"^" + m.group(1) + ".*$"`
			`else:`
			`filterName = ""`
			`rFilter = r"^.*$"`

			`FilterExp = re.compile(rFilter)`

			`# regex for "shorewall show xxxx" output lines`
			`accountingLineExp = re.compile(r"^\s\d+[KMG]\s+(\d+)([KMGT])\s+(\w+).$")`

			`def getBytesByChain():`
			`trafficCmd = "shorewall"`
			`status, output = commands.getstatusoutput("/sbin/shorewall show accounting 2>/dev/null")`
			`if status != 0:`
			`raise OSError("Error running command (%s)[%i]: %s" % (trafficCmd, status, output))`
			`chains = {}`
			`for line in output.split("\n"):`
			`m = accountingLineExp.match(line)`
			`if m is not None:`
			`target = m.group(3)`
			`bytes = int(m.group(1))`

			`f = FilterExp.match(target)`
			`if f is not None:`
			`if m.group(2) == "K":`
			`bytes *= 1024`
			`elif m.group(2) == "M":`
			`bytes = 1024 1024`
			`elif m.group(2) == "G":`
			`bytes = 1024 1024 * 1024`
			`elif m.group(2) == "T":`
			`bytes = 1024 1024 * 1024 * 1024`

			`if target in chains:`
			`chains[target] += bytes`
			`else:`
			`chains[target] = bytes`

			`retval = []`
			`chainNames = chains.keys()`
			`chainNames.sort()`
			`for name in chainNames:`
			`retval.append((name, chains[name]))`
			`return retval`
Whitespace cleanup * remove trailing whitespace * remove empty lines at the end of files 2018-08-02 02:03:42 +02:00
Initial version 2008-08-30 22:03:53 +02:00			`if len(sys.argv) > 1:`
			`if sys.argv[1] == "autoconf":`
			`print "yes"`
			`sys.exit(0)`
			`elif sys.argv[1] == "config":`
			`print "graph_title Shorewall accounting%s" % filterName`
			`print "graph_category network"`
			`print "graph_vlabel bits per ${graph_period}"`
			`for chain,bytes in getBytesByChain():`
			`print "%s.min 0" % chain`
			`print "%s.type DERIVE" % chain`
			`print "%s.label %s" % (chain, chain)`
			`print "%s.cdef %s,8,*" % (chain, chain)`
			`sys.exit(0)`
Whitespace cleanup * remove trailing whitespace * remove empty lines at the end of files 2018-08-02 02:03:42 +02:00
Initial version 2008-08-30 22:03:53 +02:00			`for chain, bytes in getBytesByChain():`
			`print "%s.value %i" % (chain, bytes)`