From d4b97724e220e8cc1e796ae8b13d8aaa179aa99b Mon Sep 17 00:00:00 2001 From: Tomas Mudrunka Date: Fri, 29 Jul 2016 16:10:19 +0200 Subject: [PATCH 1/4] added graph for netfilter ipset --- plugins/network/ipset | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100644 plugins/network/ipset diff --git a/plugins/network/ipset b/plugins/network/ipset new file mode 100644 index 00000000..832020bb --- /dev/null +++ b/plugins/network/ipset @@ -0,0 +1,25 @@ +#!/bin/bash +#Graph number of members of netfilter ipsets +#(c) Tomas Mudrunka 2016 +# +#Add this line to sudoers: +#ALL ALL = (root) NOPASSWD: /sbin/ipset list [!-]*, /sbin/ipset list -n + + +[ "$1" = "config" ] && { + echo graph_title Netfilter IPSets + echo graph_category network + echo graph_vlabel Members + echo graph_args --base 1000 --logarithmic --units=si +} + +sudo ipset list -n | while read list; do + [ "$1" = "config" ] && { + echo "$list.label $list" + echo "$list.min 0" + } || { + echo "$list.value $(( $(sudo ipset list $list | wc -l) - 7 ))" + } +done; + +exit 0 From 717f083de7624927c15aaeb4190471e51543c2db Mon Sep 17 00:00:00 2001 From: Tomas Mudrunka Date: Mon, 1 Aug 2016 16:58:20 +0200 Subject: [PATCH 2/4] autodetect ipset --- plugins/network/ipset | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/plugins/network/ipset b/plugins/network/ipset index 832020bb..d931deed 100644 --- a/plugins/network/ipset +++ b/plugins/network/ipset @@ -4,7 +4,14 @@ # #Add this line to sudoers: #ALL ALL = (root) NOPASSWD: /sbin/ipset list [!-]*, /sbin/ipset list -n +# +#%# family=auto +#%# capabilities=autoconf +[ "$1" = "autoconf" ] && { + [ -e /sbin/ipset -o -n "$(which ipset)" ] && echo 'yes' || echo 'no (ipset binary not present)' + exit 0 +} [ "$1" = "config" ] && { echo graph_title Netfilter IPSets From ccebcb7b4fca97fc2b7cb71b2d7d71d5cfff36fe Mon Sep 17 00:00:00 2001 From: Tomas Mudrunka Date: Tue, 17 Apr 2018 01:17:57 +0200 Subject: [PATCH 3/4] Modified ipset according to #734 --- plugins/network/ipset | 61 +++++++++++++++++++++++++++++++++++-------- 1 file changed, 50 insertions(+), 11 deletions(-) mode change 100644 => 100755 plugins/network/ipset diff --git a/plugins/network/ipset b/plugins/network/ipset old mode 100644 new mode 100755 index d931deed..d9abfc81 --- a/plugins/network/ipset +++ b/plugins/network/ipset @@ -1,12 +1,50 @@ -#!/bin/bash -#Graph number of members of netfilter ipsets -#(c) Tomas Mudrunka 2016 -# -#Add this line to sudoers: -#ALL ALL = (root) NOPASSWD: /sbin/ipset list [!-]*, /sbin/ipset list -n -# -#%# family=auto -#%# capabilities=autoconf +#!/bin/sh +# -*- sh -*- + +: <<=cut + +=head1 NAME + +ipset - Graph number of members of netfilter ipsets + +=head1 APPLICABLE SYSTEMS + +Any system with a compatible ipset command. + +=head1 CONFIGURATION + +Ipset has to be run as root: + + [ipset] + user root + +=head1 INTERPRETATION + +This plugin draws number of members for each ipset present in the kernel + +=head1 MAGIC MARKERS + + #%# family=auto + #%# capabilities=autoconf + +=head1 VERSION + 0.1 first release + 0.2 added docs, munin best practices + +=head1 BUGS + +None known + +=head1 AUTHOR + +Originally: Tomas Mudrunka 2016-2018 ( github.com/harvie ) + +=head1 LICENSE + +GPLv2 + +=cut + [ "$1" = "autoconf" ] && { [ -e /sbin/ipset -o -n "$(which ipset)" ] && echo 'yes' || echo 'no (ipset binary not present)' @@ -18,14 +56,15 @@ echo graph_category network echo graph_vlabel Members echo graph_args --base 1000 --logarithmic --units=si + exit 0 } -sudo ipset list -n | while read list; do +ipset list -n | while read list; do [ "$1" = "config" ] && { echo "$list.label $list" echo "$list.min 0" } || { - echo "$list.value $(( $(sudo ipset list $list | wc -l) - 7 ))" + echo "$list.value $(( $(ipset list "$list" | wc -l) - 7 ))" } done; From 0bb9b58803356c4a804f7707cb70ba174c39a8d9 Mon Sep 17 00:00:00 2001 From: Tomas Mudrunka Date: Tue, 17 Apr 2018 12:28:59 +0200 Subject: [PATCH 4/4] removed exit --- plugins/network/ipset | 1 - 1 file changed, 1 deletion(-) diff --git a/plugins/network/ipset b/plugins/network/ipset index d9abfc81..ef6ba902 100755 --- a/plugins/network/ipset +++ b/plugins/network/ipset @@ -56,7 +56,6 @@ GPLv2 echo graph_category network echo graph_vlabel Members echo graph_args --base 1000 --logarithmic --units=si - exit 0 } ipset list -n | while read list; do