From: Peter Popovec Date: Tue, 6 Mar 2007 07:28:07 +0000 (+0100) Subject: import debian version fwcnt-0.5 X-Git-Tag: fwcnt-0.5 X-Git-Url: http://zub.fei.tuke.sk/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=02ebb5bcf72e82e5fc445dfdf9c59717d6debd44;p=fwcnt import debian version fwcnt-0.5 --- diff --git a/FWcnt2rrd b/FWcnt2rrd index 06a940d..ec180d1 100755 --- a/FWcnt2rrd +++ b/FWcnt2rrd @@ -1,6 +1,8 @@ #!/bin/bash -/usr/lib/FWcnt/fw2rrd +/usr/lib/FWcnt/fw2rrd >/var/log/fwcnt/fwcnt-global.tmp +mv /var/log/fwcnt/fwcnt-global.tmp /var/log/fwcnt/ipfm-global-`date +%Y-%m-%d`.log + awk 'BEGIN{ while(getline <"/proc/net/dev"){ diff --git a/Makefile b/Makefile index 3f4e412..25ca9d2 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ fw2rrd: fw2rrd.c - cc fw2rrd.c -Wall -Wshadow -Wbad-function-cast \ + cc fw2rrd.c -std=c99 -Wall -Wshadow -Wbad-function-cast \ -pedantic -Wno-long-long -Wstrict-prototypes \ - -o fw2rrd -lrrd -O2 + -o fw2rrd -lrrd -lm -O2 install: fw2rrd install -d $(DESTDIR)/usr/lib/FWcnt @@ -22,11 +22,14 @@ install: fw2rrd touch $(DESTDIR)/var/lib/FWcnt/run_conf/.placeholder touch $(DESTDIR)/var/lib/FWcnt/etc/config install -m 755 mrtg-rrd.wrapper.cgi $(DESTDIR)/usr/lib/cgi-bin/mrtg-rrd.wrapper.cgi + install -d $(DESTDIR)/var/log/fwcnt + touch $(DESTDIR)/var/log/.placeholder cp /dev/null $(DESTDIR)/etc/fwcnt.conf #chown -R FWcnt $(DESTDIR)/var/lib/FWcnt/FW_rrd_database + #chown -R FWcnt $(DESTDIR)/var/log/fwcnt #chown -R www-data $(DESTDIR)/var/www/mrtg-rrd #cp cron.d $(DESTDIR)/etc/cron.d/FWcnt - + #/var/log/fwcnt/ clean: rm -f fw2rrd diff --git a/README.old b/README.old deleted file mode 100644 index 3e087bd..0000000 --- a/README.old +++ /dev/null @@ -1,68 +0,0 @@ -cnt2rrd [filename] - -read filename or stdin if no filename is specified. Format of input file is -designed for iptables -L output but target must be RETURN. -Example input file: - ------------------------ cut --------------------------- -Chain CNTin (1 references) - pkts bytes target prot opt in out source destination - 302978 50655932 RETURN all -- * * 0.0.0.0/0 62.168.101.165 -Chain CNTout (1 references) - pkts bytes target prot opt in out source destination - 2 211 RETURN all -- * * 62.168.101.165 0.0.0.0/0 - ------------------------ cut --------------------------- - - -more chains can be concatenated in input and chains may consist of couple of -rules for input and output. As "download" must be source set to -0.0.0.0/0. for upload must be destination set to 0.0.0.0/0. Protocol must be -"all", opt must be "--" and in and out must be "-". - -For each couple of rule (one for down and one for upload) two rrd files are -updated. Name od rrd file is derived from IP (or ip and netmask). For IP -62.168.101.165 for example is output rrd filename 62.168.101.165a.rrd and -62.168.101.165b.rrd. First file is updated by bytes counters from chain and -seconf from pakets counter. - -If IP if rule match subnet (etc 172.26.0.0/24) file is named -172.26.0.0_24a.rrd (all "/" is replaced by "_"). - -Special IP ranges etc may cause problems.. - -WARNING ! rrd files creation is done in working directory. - - - - - -directory structure: - -$ ls -lRa /var/lib/cnt-mrtg/ -/var/lib/cnt-mrtg/: -total 16 -drwxr-xr-x 4 root root 4096 May 11 13:56 . -drwxr-xr-x 30 root root 4096 May 11 13:55 .. -drwxr-xr-x 2 root root 4096 May 11 13:53 bin -drwxr-xr-x 2 arpwatch www-data 4096 May 11 13:56 rrd-database - -/var/lib/cnt-mrtg/bin: -total 16 -drwxr-xr-x 2 root root 4096 May 11 13:53 . -drwxr-xr-x 4 root root 4096 May 11 13:56 .. --rwxr-xr-x 1 root root 7408 May 11 13:53 cnt2rrd - -/var/lib/cnt-mrtg/rrd-database: -total 8 -drwxr-xr-x 2 arpwatch www-data 4096 May 11 13:56 . -drwxr-xr-x 4 root root 4096 May 11 13:56 .. - -$ ls -lRa /var/log/cnt-mrtg/ -/var/log/cnt-mrtg/: -total 8 -drwxr-xr-x 2 arpwatch adm 4096 May 11 13:58 . -drwxr-xr-x 12 root root 4096 May 11 13:58 .. - - - diff --git a/debian/changelog b/debian/changelog index 5346034..95f0796 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,11 @@ +fwcnt (0.5) unstable; urgency=low + + * added ipfm like log output from counters + + -- Peter Popovec Mon, 5 Mar 2007 13:38:14 +0100 + fwcnt (0.4) unstable; urgency=low * Initial Release. - -- root Thu, 22 Feb 2007 14:34:16 +0100 + -- Peter Popovec Thu, 22 Feb 2007 14:34:16 +0100 diff --git a/debian/conffiles b/debian/conffiles index a37c10f..e69de29 100644 --- a/debian/conffiles +++ b/debian/conffiles @@ -1 +0,0 @@ -/etc/fwcnt.conf diff --git a/debian/control b/debian/control index 1a3190d..6cdd68d 100644 --- a/debian/control +++ b/debian/control @@ -1,7 +1,7 @@ Source: fwcnt Section: unknown Priority: extra -Maintainer: root +Maintainer: Peter Popovec Build-Depends: debhelper (>= 5),librrd2-dev Standards-Version: 3.7.2 diff --git a/debian/dirs b/debian/dirs index eb45b02..c4beee7 100644 --- a/debian/dirs +++ b/debian/dirs @@ -5,3 +5,4 @@ var/lib/FWcnt/FW_rrd_database var/www usr/lib/cgi-bin etc/ +var/log/fwcnt diff --git a/debian/postinst b/debian/postinst index d019b5a..2cc9ca3 100644 --- a/debian/postinst +++ b/debian/postinst @@ -30,7 +30,8 @@ case "$1" in adduser --system --force-badname --home /var/lib/FWcnt/FW_rrd_database/ --no-create-home --ingroup FWcnt FWcnt fi chown www-data /var/www/mrtg-rrd - chown -R FWcnt /var/lib/FWcnt/FW_rrd_database + chown FWcnt /var/lib/FWcnt/FW_rrd_database + chown FWcnt /var/log/fwcnt if [ ! -s /etc/fwcnt.conf ]; then echo "Creating initial /etc/fwcnt.conf" echo "# This is initial automatic generated file" >/etc/fwcnt.conf diff --git a/fw2rrd b/fw2rrd deleted file mode 100755 index 0938d6c..0000000 Binary files a/fw2rrd and /dev/null differ diff --git a/fw2rrd.c b/fw2rrd.c index bf99910..38d6592 100644 --- a/fw2rrd.c +++ b/fw2rrd.c @@ -14,6 +14,7 @@ or comment out for new versions #include #include #include +#include #ifdef DO_GETOPT_RESET #include #endif @@ -69,15 +70,18 @@ updateRRD (char *key, unsigned long long inPkts, unsigned long long outPkts, { FILE *rrdfile; char *r_buf, *name; - int i; + unsigned long i; char *r_update[3] = { "update", NULL, NULL }; - + int net = 0; asprintf (&name, "%s-b.rrd", key); i = strlen (name); while (i > 0) { if (name[i] == '/') - name[i] = '_'; + { + net = 1; + name[i] = '_'; + } i--; } if (NULL == (rrdfile = fopen (name, "r"))) @@ -98,6 +102,55 @@ updateRRD (char *key, unsigned long long inPkts, unsigned long long outPkts, rrd_clear_error (); } free (r_buf); + if (!net) + { + time_t start, end, ti; + unsigned long step, ds_cnt; +/* unsigned long ii;*/ + rrd_value_t *data, *datai; + double inD = 0, outD = 0; + char **ds_namv; + char *r_fetch[5] = { "fetch", "--start", NULL, NULL, "AVERAGE" }; + asprintf (&r_buf, "%ld", (unsigned long) (time (NULL) / 86400) * 86400); + r_fetch[2] = r_buf; + r_fetch[3] = name; + if (rrd_fetch + (5, r_fetch, &start, &end, &step, &ds_cnt, &ds_namv, &data) != -1) + { + datai = data; + if (ds_cnt == 2) + { +/* printf (" "); + for (i = 0; i < ds_cnt; i++) + printf ("%20s", ds_namv[i]); + printf ("\n\n"); +*/ + for (ti = start + step; ti <= end; ti += step) + { +/* printf ("%10lu:", ti); + for (ii = 0; ii < ds_cnt; ii++) + printf (" %0.10e", *(datai++)); + printf ("\n"); +*/ + if (isfinite (*(datai))) + inD += *(datai) * 300; /* 300 seconds */ + datai++; + if (isfinite (*(datai))) + outD += *(datai) * 300; + datai++; + } + if ((inD + outD) > 1) + printf ("%-35s%15lld%15lld%15lld\n", key, + (unsigned long long) inD, (unsigned long long) outD, + (unsigned long long) (inD + outD)); + } + for (i = 0; i < ds_cnt; i++) + free (ds_namv[i]); + free (ds_namv); + free (data); + free (r_buf); + } + } free (name); asprintf (&name, "%s-p.rrd", key); i = strlen (name); @@ -107,6 +160,7 @@ updateRRD (char *key, unsigned long long inPkts, unsigned long long outPkts, name[i] = '_'; i--; } + if (NULL == (rrdfile = fopen (name, "r"))) newRRD (name); else @@ -141,10 +195,10 @@ struct CNT int count; struct CNT *next; }; - struct CNT *CNThash[HASHMAX]; int -add_to_hash (unsigned int h, char *key, unsigned long long bytes, +add_to_hash (unsigned int h, char *key, + unsigned long long bytes, unsigned long long pakets, int direction) { struct CNT *newCNT, *actual; @@ -215,10 +269,16 @@ main (int argc, char **argv) unsigned int h; char buffer[BUFF_SIZE], *ptr, ipbuff[IPLIMIT]; unsigned long long tmppakets, tmpbytes; + char outstr[200]; + time_t t; + struct tm *tmp; + t = time (NULL); + tmp = localtime (&t); + for (i = 0; i < HASHMAX; i++) CNThash[i] = NULL; - + data = stdin; if (argc == 2) { if (NULL == (data = fopen (argv[1], "r"))) @@ -227,8 +287,15 @@ main (int argc, char **argv) return (1); } } - else - data = stdin; + + strftime (outstr, sizeof (outstr), "%Y/%m/%d %H:%M:00", tmp); + + printf + ("# fwcnt 0.5 %s (local time) -- dump every 0d00:05:00 -- generated from iptables counters\n", + outstr); + printf ("# %-33s%15s%15s%15s\n", "Host", "In (bytes)", "Out (bytes)", + "Total (bytes)"); + while (fgets (buffer, BUFF_SIZE - 1, data)) { @@ -270,6 +337,7 @@ main (int argc, char **argv) add_to_hash (h, ipbuff, tmpbytes, tmppakets, 0); } } + printf ("# end of dump %s\n", outstr); if (data != stdin) fclose (data); return (0); diff --git a/get_FWcnt b/get_FWcnt index 2be34b9..79ffeba 100755 --- a/get_FWcnt +++ b/get_FWcnt @@ -4,13 +4,13 @@ iptables -L FWcnt -n -x -v 2>/dev/null|awk '{ if(NR<3)next; if(NF==9) { printf "%s %s %s %s\n",$1,$2,$8,$9 - C1="iptables -L "$3" -n -x -v" + C1="iptables -L "$3" -n -x -v" C1|getline C1|getline while(C1|getline){ if(NF==9) { printf "%s %s %s %s\n",$1,$2,$8,$9 - C2="iptables -L "$3" -n -x -v" + C2="iptables -L "$3" -n -x -v" C2|getline C2|getline while(C2|getline){