#!/bin/bash
-/usr/lib/FWcnt/fw2rrd
+/usr/lib/FWcnt/fw2rrd >/var/log/fwcnt/fwcnt-global.tmp
+mv /var/log/fwcnt/fwcnt-global.tmp /var/log/fwcnt/ipfm-global-`date +%Y-%m-%d`.log
+
awk 'BEGIN{
while(getline <"/proc/net/dev"){
fw2rrd: fw2rrd.c
- cc fw2rrd.c -Wall -Wshadow -Wbad-function-cast \
+ cc fw2rrd.c -std=c99 -Wall -Wshadow -Wbad-function-cast \
-pedantic -Wno-long-long -Wstrict-prototypes \
- -o fw2rrd -lrrd -O2
+ -o fw2rrd -lrrd -lm -O2
install: fw2rrd
install -d $(DESTDIR)/usr/lib/FWcnt
touch $(DESTDIR)/var/lib/FWcnt/run_conf/.placeholder
touch $(DESTDIR)/var/lib/FWcnt/etc/config
install -m 755 mrtg-rrd.wrapper.cgi $(DESTDIR)/usr/lib/cgi-bin/mrtg-rrd.wrapper.cgi
+ install -d $(DESTDIR)/var/log/fwcnt
+ touch $(DESTDIR)/var/log/.placeholder
cp /dev/null $(DESTDIR)/etc/fwcnt.conf
#chown -R FWcnt $(DESTDIR)/var/lib/FWcnt/FW_rrd_database
+ #chown -R FWcnt $(DESTDIR)/var/log/fwcnt
#chown -R www-data $(DESTDIR)/var/www/mrtg-rrd
#cp cron.d $(DESTDIR)/etc/cron.d/FWcnt
-
+ #/var/log/fwcnt/
clean:
rm -f fw2rrd
+++ /dev/null
-cnt2rrd [filename]
-
-read filename or stdin if no filename is specified. Format of input file is
-designed for iptables -L output but target must be RETURN.
-Example input file:
-
------------------------ cut ---------------------------
-Chain CNTin (1 references)
- pkts bytes target prot opt in out source destination
- 302978 50655932 RETURN all -- * * 0.0.0.0/0 62.168.101.165
-Chain CNTout (1 references)
- pkts bytes target prot opt in out source destination
- 2 211 RETURN all -- * * 62.168.101.165 0.0.0.0/0
-
------------------------ cut ---------------------------
-
-
-more chains can be concatenated in input and chains may consist of couple of
-rules for input and output. As "download" must be source set to
-0.0.0.0/0. for upload must be destination set to 0.0.0.0/0. Protocol must be
-"all", opt must be "--" and in and out must be "-".
-
-For each couple of rule (one for down and one for upload) two rrd files are
-updated. Name od rrd file is derived from IP (or ip and netmask). For IP
-62.168.101.165 for example is output rrd filename 62.168.101.165a.rrd and
-62.168.101.165b.rrd. First file is updated by bytes counters from chain and
-seconf from pakets counter.
-
-If IP if rule match subnet (etc 172.26.0.0/24) file is named
-172.26.0.0_24a.rrd (all "/" is replaced by "_").
-
-Special IP ranges etc may cause problems..
-
-WARNING ! rrd files creation is done in working directory.
-
-
-
-
-
-directory structure:
-
-$ ls -lRa /var/lib/cnt-mrtg/
-/var/lib/cnt-mrtg/:
-total 16
-drwxr-xr-x 4 root root 4096 May 11 13:56 .
-drwxr-xr-x 30 root root 4096 May 11 13:55 ..
-drwxr-xr-x 2 root root 4096 May 11 13:53 bin
-drwxr-xr-x 2 arpwatch www-data 4096 May 11 13:56 rrd-database
-
-/var/lib/cnt-mrtg/bin:
-total 16
-drwxr-xr-x 2 root root 4096 May 11 13:53 .
-drwxr-xr-x 4 root root 4096 May 11 13:56 ..
--rwxr-xr-x 1 root root 7408 May 11 13:53 cnt2rrd
-
-/var/lib/cnt-mrtg/rrd-database:
-total 8
-drwxr-xr-x 2 arpwatch www-data 4096 May 11 13:56 .
-drwxr-xr-x 4 root root 4096 May 11 13:56 ..
-
-$ ls -lRa /var/log/cnt-mrtg/
-/var/log/cnt-mrtg/:
-total 8
-drwxr-xr-x 2 arpwatch adm 4096 May 11 13:58 .
-drwxr-xr-x 12 root root 4096 May 11 13:58 ..
-
-
-
+fwcnt (0.5) unstable; urgency=low
+
+ * added ipfm like log output from counters
+
+ -- Peter Popovec <popovec@fei.tuke.sk> Mon, 5 Mar 2007 13:38:14 +0100
+
fwcnt (0.4) unstable; urgency=low
* Initial Release.
- --
root <popovec@fei.tuke.sk> Thu, 22 Feb 2007 14:34:16 +0100
+ --
Peter Popovec <popovec@fei.tuke.sk> Thu, 22 Feb 2007 14:34:16 +0100
Source: fwcnt
Section: unknown
Priority: extra
-Maintainer:
root <popovec@fei.tuke.sk>
+Maintainer:
Peter Popovec <popovec@fei.tuke.sk>
Build-Depends: debhelper (>= 5),librrd2-dev
Standards-Version: 3.7.2
var/www
usr/lib/cgi-bin
etc/
+var/log/fwcnt
adduser --system --force-badname --home /var/lib/FWcnt/FW_rrd_database/ --no-create-home --ingroup FWcnt FWcnt
fi
chown www-data /var/www/mrtg-rrd
- chown -R FWcnt /var/lib/FWcnt/FW_rrd_database
+ chown FWcnt /var/lib/FWcnt/FW_rrd_database
+ chown FWcnt /var/log/fwcnt
if [ ! -s /etc/fwcnt.conf ]; then
echo "Creating initial /etc/fwcnt.conf"
echo "# This is initial automatic generated file" >/etc/fwcnt.conf
#include <string.h>
#include <time.h>
#include <rrd.h>
+#include <math.h>
#ifdef DO_GETOPT_RESET
#include <unistd.h>
#endif
{
FILE *rrdfile;
char *r_buf, *name;
- int i;
+ unsigned long i;
char *r_update[3] = { "update", NULL, NULL };
-
+ int net = 0;
asprintf (&name, "%s-b.rrd", key);
i = strlen (name);
while (i > 0)
{
if (name[i] == '/')
- name[i] = '_';
+ {
+ net = 1;
+ name[i] = '_';
+ }
i--;
}
if (NULL == (rrdfile = fopen (name, "r")))
rrd_clear_error ();
}
free (r_buf);
+ if (!net)
+ {
+ time_t start, end, ti;
+ unsigned long step, ds_cnt;
+/* unsigned long ii;*/
+ rrd_value_t *data, *datai;
+ double inD = 0, outD = 0;
+ char **ds_namv;
+ char *r_fetch[5] = { "fetch", "--start", NULL, NULL, "AVERAGE" };
+ asprintf (&r_buf, "%ld", (unsigned long) (time (NULL) / 86400) * 86400);
+ r_fetch[2] = r_buf;
+ r_fetch[3] = name;
+ if (rrd_fetch
+ (5, r_fetch, &start, &end, &step, &ds_cnt, &ds_namv, &data) != -1)
+ {
+ datai = data;
+ if (ds_cnt == 2)
+ {
+/* printf (" ");
+ for (i = 0; i < ds_cnt; i++)
+ printf ("%20s", ds_namv[i]);
+ printf ("\n\n");
+*/
+ for (ti = start + step; ti <= end; ti += step)
+ {
+/* printf ("%10lu:", ti);
+ for (ii = 0; ii < ds_cnt; ii++)
+ printf (" %0.10e", *(datai++));
+ printf ("\n");
+*/
+ if (isfinite (*(datai)))
+ inD += *(datai) * 300; /* 300 seconds */
+ datai++;
+ if (isfinite (*(datai)))
+ outD += *(datai) * 300;
+ datai++;
+ }
+ if ((inD + outD) > 1)
+ printf ("%-35s%15lld%15lld%15lld\n", key,
+ (unsigned long long) inD, (unsigned long long) outD,
+ (unsigned long long) (inD + outD));
+ }
+ for (i = 0; i < ds_cnt; i++)
+ free (ds_namv[i]);
+ free (ds_namv);
+ free (data);
+ free (r_buf);
+ }
+ }
free (name);
asprintf (&name, "%s-p.rrd", key);
i = strlen (name);
name[i] = '_';
i--;
}
+
if (NULL == (rrdfile = fopen (name, "r")))
newRRD (name);
else
int count;
struct CNT *next;
};
-
struct CNT *CNThash[HASHMAX];
int
-add_to_hash (unsigned int h, char *key, unsigned long long bytes,
+add_to_hash (unsigned int h, char *key,
+ unsigned long long bytes,
unsigned long long pakets, int direction)
{
struct CNT *newCNT, *actual;
unsigned int h;
char buffer[BUFF_SIZE], *ptr, ipbuff[IPLIMIT];
unsigned long long tmppakets, tmpbytes;
+ char outstr[200];
+ time_t t;
+ struct tm *tmp;
+ t = time (NULL);
+ tmp = localtime (&t);
+
for (i = 0; i < HASHMAX; i++)
CNThash[i] = NULL;
-
+ data = stdin;
if (argc == 2)
{
if (NULL == (data = fopen (argv[1], "r")))
return (1);
}
}
- else
- data = stdin;
+
+ strftime (outstr, sizeof (outstr), "%Y/%m/%d %H:%M:00", tmp);
+
+ printf
+ ("# fwcnt 0.5 %s (local time) -- dump every 0d00:05:00 -- generated from iptables counters\n",
+ outstr);
+ printf ("# %-33s%15s%15s%15s\n", "Host", "In (bytes)", "Out (bytes)",
+ "Total (bytes)");
+
while (fgets (buffer, BUFF_SIZE - 1, data))
{
add_to_hash (h, ipbuff, tmpbytes, tmppakets, 0);
}
}
+ printf ("# end of dump %s\n", outstr);
if (data != stdin)
fclose (data);
return (0);
if(NR<3)next;
if(NF==9) {
printf "%s %s %s %s\n",$1,$2,$8,$9
- C1="iptables -L "$3" -n -x -v"
+ C1="iptables -L "$3" -n -x -v"
C1|getline
C1|getline
while(C1|getline){
if(NF==9) {
printf "%s %s %s %s\n",$1,$2,$8,$9
- C2="iptables -L "$3" -n -x -v"
+ C2="iptables -L "$3" -n -x -v"
C2|getline
C2|getline
while(C2|getline){
projects / fwcnt.backup / commitdiff