contrib-munin/plugins/pf/pf_packets

#!/bin/sh
#
# OpenBSD's pf(4) monitoring for OpenBSD
# 2007, Originally by Gergely Czuczy <phoemix@harmless.hu>
# for FreeBSD systems. Ported and splitted by the
# immerda admin team admin(at)immerda.ch
# this version is adapted for openbsd and is only tested on
# openbsd systems.
#
# Needs to run as root.
# Add "user root" for the [pf] into plugins.conf.
#
#%# family=auto
#%# capabilities=autoconf

pfctl='/sbin/pfctl'

case $1 in
    config)
    cat <<EOF
graph_title OpenBSD pf label packets statistics
graph_vlabel packets per second
graph_scale no
graph_category network
graph_args -l 0
graph_info OpenBSD's pf label packets usage statistics
EOF
pfctl -sl | awk '
BEGIN {
 total=0
}
{
 l=$1;
 f_packets=l;
 gsub(/[^a-z0-9A-Z]/, "_", f_packets);
 fields[f_packets]=l;
 total=total+1
}
END {
 if ( total == 0 ) exit 0;
 for ( k in fields ) print k".label "fields[k]"\n"k".type DERIVE\n"k".min 0"
}'

    exit 0
    ;;
    autoconf)
	# FreeBSD
	ostype=`uname -s`
	if [ ${ostype} = "FreeBSD" ]; then
	    # pf(4) module loaded?
	    if [ `kldstat -v | grep pf | wc -l` -eq 0 ]; then
		echo "no (pf(4) is not loaded)"
		exit 1
	    fi
	    # enabled?
	    if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
		echo "no (pf(4) is not enabled, consult pfctl(8)"
		exit 1
	    fi
	# OpenBSD
	elif [ ${ostype} = "OpenBSD" ]; then
            # enabled?
	    if [ `pfctl -si 2>/dev/null | awk '/^Status:/{print $2}'` != "Enabled" ]; then
		echo "no (pf(4) is not enabled, consult pfctl(8)"
		exit 1
	    fi
	# Other OSes
	else
	    echo "no (this plugin is not supported on your OS)"
	    exit 1
	fi
	echo "yes"
	exit 0
	;;
    suggest)
	exit 0;
	;;
esac

pfctl -sl | awk '
BEGIN {
 total=0
}
{
 l=$1;
 f_packets=l;
 gsub(/[^a-z0-9A-Z]/, "_", f_packets);
 total=total+1;
 fields[f_packets]=fields[f_packets]+$3;
}
END {
 if ( total == 0 ) exit 0;
 for ( k in fields ) print k".value "fields[k]
}'
Initial version 2007-09-13 14:45:39 +02:00			`#!/bin/sh`
			`#`
			`# OpenBSD's pf(4) monitoring for OpenBSD`
			`# 2007, Originally by Gergely Czuczy <phoemix@harmless.hu>`
Whitespace cleanup * remove trailing whitespace * remove empty lines at the end of files 2018-08-02 02:03:42 +02:00			`# for FreeBSD systems. Ported and splitted by the`
Initial version 2007-09-13 14:45:39 +02:00			`# immerda admin team admin(at)immerda.ch`
			`# this version is adapted for openbsd and is only tested on`
			`# openbsd systems.`
			`#`
			`# Needs to run as root.`
			`# Add "user root" for the [pf] into plugins.conf.`
			`#`
			`#%# family=auto`
			`#%# capabilities=autoconf`

			`pfctl='/sbin/pfctl'`

			`case $1 in`
			`config)`
			`cat <<EOF`
			`graph_title OpenBSD pf label packets statistics`
			`graph_vlabel packets per second`
			`graph_scale no`
			`graph_category network`
			`graph_args -l 0`
			`graph_info OpenBSD's pf label packets usage statistics`
			`EOF`
			`pfctl -sl \| awk '`
			`BEGIN {`
			`total=0`
			`}`
			`{`
			`l=$1;`
			`f_packets=l;`
			`gsub(/[^a-z0-9A-Z]/, "_", f_packets);`
			`fields[f_packets]=l;`
			`total=total+1`
			`}`
			`END {`
			`if ( total == 0 ) exit 0;`
			`for ( k in fields ) print k".label "fields[k]"\n"k".type DERIVE\n"k".min 0"`
			`}'`

			`exit 0`
			`;;`
			`autoconf)`
			`# FreeBSD`
			ostype=`uname -s`
			`if [ ${ostype} = "FreeBSD" ]; then`
			`# pf(4) module loaded?`
			if [ `kldstat -v \| grep pf \| wc -l` -eq 0 ]; then
			`echo "no (pf(4) is not loaded)"`
			`exit 1`
			`fi`
			`# enabled?`
			if [ `pfctl -si 2>/dev/null \| awk '/^Status:/{print $2}'` != "Enabled" ]; then
			`echo "no (pf(4) is not enabled, consult pfctl(8)"`
			`exit 1`
			`fi`
			`# OpenBSD`
			`elif [ ${ostype} = "OpenBSD" ]; then`
			`# enabled?`
			if [ `pfctl -si 2>/dev/null \| awk '/^Status:/{print $2}'` != "Enabled" ]; then
			`echo "no (pf(4) is not enabled, consult pfctl(8)"`
			`exit 1`
			`fi`
			`# Other OSes`
			`else`
			`echo "no (this plugin is not supported on your OS)"`
			`exit 1`
			`fi`
			`echo "yes"`
			`exit 0`
			`;;`
			`suggest)`
			`exit 0;`
			`;;`
			`esac`

don't depend on sudo to run pfctl we should assume plugin is correctly configured, as munin-node can run plugins as root 2013-07-10 16:47:57 +02:00			`pfctl -sl \| awk '`
Initial version 2007-09-13 14:45:39 +02:00			`BEGIN {`
			`total=0`
			`}`
			`{`
			`l=$1;`
			`f_packets=l;`
			`gsub(/[^a-z0-9A-Z]/, "_", f_packets);`
			`total=total+1;`
			`fields[f_packets]=fields[f_packets]+$3;`
			`}`
			`END {`
			`if ( total == 0 ) exit 0;`
			`for ( k in fields ) print k".value "fields[k]`
			`}'`