source-git / mrtg

Clone
Source Code
GIT

Files

  1.   667938717d084574cba2cb3cafd6134fd58e8b87
  2.   contrib
  3.   iptables-accounting
  4.   iptables-accounting
Blob Blame History Raw 
#!/usr/bin/perl
# iptables-accounting .9
#
# Author: Vern Gill <vgill@technologist.com>
# Date: March 9, 2001
#
# Adapted from code used in ipchainacc
#
# ipchainacc 1.1.0
#
# Author: John Lange john@darkcore.net
# Date  : September 12, 2000
#
#
# The command takes one argument:
#     Argument: what filter do you want to view
# I.E. iptables-accounting filter
#      iptables-accounting nat
#
# Also, you can check bytes or packets. Check the $bytec below
# and the text above it for details
#
#   This command must return 4 lines of output:
#     Line 1 : current state of the 'incoming bytes counter'
#     Line 2 : current state of the 'outgoing bytes counter'
#     Line 3 : string, telling the uptime of the target.
#     Line 4 : string, telling the name of the target.
#
# To add more counters, just edit the commented out if lines
# below. For instance, to count the filter table and the
# INPUT chain, just change the elsif to filter, and the
# $inrule to INPUT
# Share and enjoy

# edit for your system

$iptables='/usr/local/sbin/iptables';   # path to iptables
$host=`/bin/hostname --fqdn`;  # local hostname (for information
only)

$table = $ARGV[0];

if ( $table =~ /^filter/i ) {
        $inrule='FORWARD';
        $outrule='OUTPUT';
} elsif ( $table =~ /^nat/i ) {
        $inrule='PREROUTING';
        $outrule='POSTROUTING';
} elsif ( $table =~ /^mangle/i ) {
        $inrule='PREROUTING';
        $outrule='OUTPUT';
#} elsif ( $table =~ /^table-name-here/i ) {
#        $inrule='CHAIN-NAME-HERE';
#        $outrule='OTHER-CHAIN-NAME';
#} elsif ( $table =~ /^table-name-here/i ) {
#        $inrule='CHAIN-NAME-HERE';
#        $outrule='OTHER-CHAIN-NAME';
}

# What should we graph? packet counters = 4, bytes = 6
# If you used the ipchainacc script before and you want to keep
counting
# packets, then set this to 4. If you would rather do the
# sensible thing and count bytes, then set this to 6. If you change
# from one to the other, then you should delete all the previous
# history since it will be meaningless.
$bytec=6;

## -- don't edit below here ----

# fetch the status from iptables
$_=`$iptables -t $table -L $inrule -v -n -x | grep Chain`;
@in_bytes = split;

$_=`$iptables -t $table -L $outrule -v -n -x | grep Chain`;
@out_bytes = split;

# uptime of the machine
open(UPTIME,"uptime |cut -b 13-27|");
$upTime=<UPTIME>;
close(UPTIME);
chop $upTime;

# 4 lines of output only.
printf "$in_bytes[$bytec]\n$out_bytes[$bytec]\n$upTime\n$host";

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation