#!/bin/bash
#Graph number of members of netfilter ipsets
#(c) Tomas Mudrunka 2016
#
#Add this line to sudoers:
#ALL             ALL = (root) NOPASSWD: /sbin/ipset list [!-]*, /sbin/ipset list -n


[ "$1" = "config" ] && {
	echo graph_title Netfilter IPSets
	echo graph_category network
	echo graph_vlabel Members
	echo graph_args --base 1000 --logarithmic --units=si
}

sudo ipset list -n | while read list; do
	[ "$1" = "config" ] && {
		echo "$list.label $list"
		echo "$list.min 0"
	} || {
		echo "$list.value $(( $(sudo ipset list $list | wc -l) - 7 ))"
	}
done;

exit 0