82 lines
2.6 KiB
Python
Executable File
82 lines
2.6 KiB
Python
Executable File
#!/usr/bin/env python
|
|
# shorewall_ v2.0 - 30 Aug 2008 - Tanguy Pruvot <tanguy.pruvot@gmail.com>
|
|
#
|
|
# A munin plugin for tracking traffic as recorded by shorewall accounting rules
|
|
#
|
|
# ex: ln -s /usr/share/munin/plugins/shorewall_ /etc/munin/plugins/shorewall_ftp
|
|
# will log ftp* rules like ftp, ftp_input, ftp_output etc...
|
|
#
|
|
# Basic Concept by Chris AtLee <chris@atlee.ca> Released under the GPL v2
|
|
|
|
import sys, commands, re
|
|
from sys import argv
|
|
from os.path import split
|
|
|
|
path,script_name = split(argv[0])
|
|
FilterExp = re.compile(r"^shorewall_(.*)$")
|
|
m = FilterExp.match(script_name)
|
|
if m is not None:
|
|
filterName = " " + m.group(1)
|
|
rFilter = r"^" + m.group(1) + ".*$"
|
|
else:
|
|
filterName = ""
|
|
rFilter = r"^.*$"
|
|
|
|
FilterExp = re.compile(rFilter)
|
|
|
|
# regex for "shorewall show xxxx" output lines
|
|
accountingLineExp = re.compile(r"^\s*\d+[KMG]*\s+(\d+)([KMGT]*)\s+(\w+).*$")
|
|
|
|
def getBytesByChain():
|
|
trafficCmd = "shorewall"
|
|
status, output = commands.getstatusoutput("/sbin/shorewall show accounting 2>/dev/null")
|
|
if status != 0:
|
|
raise OSError("Error running command (%s)[%i]: %s" % (trafficCmd, status, output))
|
|
chains = {}
|
|
for line in output.split("\n"):
|
|
m = accountingLineExp.match(line)
|
|
if m is not None:
|
|
target = m.group(3)
|
|
bytes = int(m.group(1))
|
|
|
|
f = FilterExp.match(target)
|
|
if f is not None:
|
|
if m.group(2) == "K":
|
|
bytes *= 1024
|
|
elif m.group(2) == "M":
|
|
bytes *= 1024 * 1024
|
|
elif m.group(2) == "G":
|
|
bytes *= 1024 * 1024 * 1024
|
|
elif m.group(2) == "T":
|
|
bytes *= 1024 * 1024 * 1024 * 1024
|
|
|
|
if target in chains:
|
|
chains[target] += bytes
|
|
else:
|
|
chains[target] = bytes
|
|
|
|
retval = []
|
|
chainNames = chains.keys()
|
|
chainNames.sort()
|
|
for name in chainNames:
|
|
retval.append((name, chains[name]))
|
|
return retval
|
|
|
|
if len(sys.argv) > 1:
|
|
if sys.argv[1] == "autoconf":
|
|
print "yes"
|
|
sys.exit(0)
|
|
elif sys.argv[1] == "config":
|
|
print "graph_title Shorewall accounting%s" % filterName
|
|
print "graph_category network"
|
|
print "graph_vlabel bits per ${graph_period}"
|
|
for chain,bytes in getBytesByChain():
|
|
print "%s.min 0" % chain
|
|
print "%s.type DERIVE" % chain
|
|
print "%s.label %s" % (chain, chain)
|
|
print "%s.cdef %s,8,*" % (chain, chain)
|
|
sys.exit(0)
|
|
|
|
for chain, bytes in getBytesByChain():
|
|
print "%s.value %i" % (chain, bytes)
|