# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
-# GNU General Public License for more details. #
+# GNU General Public License for more details. #update.sh
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see <http://www.gnu.org/licenses/>. #
sub updatefwhitsgraph {
my $period = $_[0];
- RRDs::graph(
- @GRAPH_ARGS,
- "-",
- "--start",
- "-1".$period,
- "-r",
- "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"},
- "-v ".$Lang::tr{'bytes per second'},
- "--color=SHADEA".$color{"color19"},
- "--color=SHADEB".$color{"color19"},
- "--color=BACK".$color{"color21"},
- "DEF:output=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYOUT/ipt_bytes-DROP_OUTPUT.rrd:value:AVERAGE",
- "DEF:input=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYIN/ipt_bytes-DROP_INPUT.rrd:value:AVERAGE",
- "DEF:forward=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYFWD/ipt_bytes-DROP_FORWARD.rrd:value:AVERAGE",
- "DEF:newnotsyn=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-NEWNOTSYN/ipt_bytes-DROP_NEWNOTSYN.rrd:value:AVERAGE",
- "DEF:portscan=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-PSCAN/ipt_bytes-DROP_PScan.rrd:value:AVERAGE",
- "DEF:spoofedmartian=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-SPOOFED_MARTIAN/ipt_bytes-DROP_SPOOFED_MARTIAN.rrd:value:AVERAGE",
- "DEF:hostilein=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_IN/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
- "DEF:hostileout=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_OUT/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
- "DEF:hostilelegacy=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
-
- # This creates a new combined hostile segment.
- # Previously we did not split into incoming/outgoing, but we cannot go back in time. This CDEF will take the values
- # from the old RRD database unless those are UNKNOWN (i.e. we started collected IN/OUT). If the values are unknown,
- # we replace them with them sum of IN + OUT.
- "CDEF:hostile=hostilelegacy,UN,hostilein,hostileout,+,hostilelegacy,IF",
-
- "COMMENT:".sprintf("%-26s",$Lang::tr{'caption'}),
- "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}),
- "COMMENT:".sprintf("%15s",$Lang::tr{'average'}),
- "COMMENT:".sprintf("%14s",$Lang::tr{'minimal'}),
- "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j",
- "AREA:output".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (OUTPUT)"),
- "GPRINT:output:MAX:%8.1lf %sBps",
- "GPRINT:output:AVERAGE:%8.1lf %sBps",
- "GPRINT:output:MIN:%8.1lf %sBps",
- "GPRINT:output:LAST:%8.1lf %sBps\\j",
- "STACK:forward".$color{"color23"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (FORWARD)"),
- "GPRINT:forward:MAX:%8.1lf %sBps",
- "GPRINT:forward:AVERAGE:%8.1lf %sBps",
- "GPRINT:forward:MIN:%8.1lf %sBps",
- "GPRINT:forward:LAST:%8.1lf %sBps\\j",
- "STACK:input".$color{"color24"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (INPUT)"),
- "GPRINT:input:MAX:%8.1lf %sBps",
- "GPRINT:input:AVERAGE:%8.1lf %sBps",
- "GPRINT:input:MIN:%8.1lf %sBps",
- "GPRINT:input:LAST:%8.1lf %sBps\\j",
- "STACK:newnotsyn".$color{"color14"}."A0:".sprintf("%-25s","NewNotSYN"),
- "GPRINT:newnotsyn:MAX:%8.1lf %sBps",
- "GPRINT:newnotsyn:AVERAGE:%8.1lf %sBps",
- "GPRINT:newnotsyn:MIN:%8.1lf %sBps",
- "GPRINT:newnotsyn:LAST:%8.1lf %sBps\\j",
- "STACK:portscan".$color{"color16"}."A0:".sprintf("%-25s",$Lang::tr{'portscans'}),
- "GPRINT:portscan:MAX:%8.1lf %sBps",
- "GPRINT:portscan:AVERAGE:%8.1lf %sBps",
- "GPRINT:portscan:MIN:%8.1lf %sBps",
- "GPRINT:portscan:LAST:%8.1lf %sBps\\j",
- "STACK:spoofedmartian".$color{"color12"}."A0:".sprintf("%-25s",$Lang::tr{'spoofed or martians'}),
- "GPRINT:spoofedmartian:MAX:%8.1lf %sBps",
- "GPRINT:spoofedmartian:AVERAGE:%8.1lf %sBps",
- "GPRINT:spoofedmartian:MIN:%8.1lf %sBps",
- "GPRINT:spoofedmartian:LAST:%8.1lf %sBps\\j",
- "STACK:hostilein".$color{"color13"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks in'}),
- "GPRINT:hostilein:MAX:%8.1lf %sBps",
- "GPRINT:hostilein:AVERAGE:%8.1lf %sBps",
- "GPRINT:hostilein:MIN:%8.1lf %sBps",
- "GPRINT:hostilein:LAST:%8.1lf %sBps\\j",
- "STACK:hostileout".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks out'}),
- "GPRINT:hostileout:MAX:%8.1lf %sBps",
- "GPRINT:hostileout:AVERAGE:%8.1lf %sBps",
- "GPRINT:hostileout:MIN:%8.1lf %sBps",
- "GPRINT:hostileout:LAST:%8.1lf %sBps\\j",
- "LINE:hostile#000000A0:".sprintf("%-25s",$Lang::tr{'hostile networks total'}),
- "GPRINT:hostile:MAX:%8.1lf %sBps",
- "GPRINT:hostile:AVERAGE:%8.1lf %sBps",
- "GPRINT:hostile:MIN:%8.1lf %sBps",
- "GPRINT:hostile:LAST:%8.1lf %sBps\\j",
- );
+ if ( -e "$mainsettings{'RRDLOG'}/collectd/localhost/iptables-filter-HOSTILE_DROP/ipt_bytes-DROP_HOSTILE.rrd" ) {
+ RRDs::graph(
+ @GRAPH_ARGS,
+ "-",
+ "--start",
+ "-1".$period,
+ "-r",
+ "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"},
+ "-v ".$Lang::tr{'bytes per second'},
+ "--color=SHADEA".$color{"color19"},
+ "--color=SHADEB".$color{"color19"},
+ "--color=BACK".$color{"color21"},
+ "DEF:output=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYOUT/ipt_bytes-DROP_OUTPUT.rrd:value:AVERAGE",
+ "DEF:input=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYIN/ipt_bytes-DROP_INPUT.rrd:value:AVERAGE",
+ "DEF:forward=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYFWD/ipt_bytes-DROP_FORWARD.rrd:value:AVERAGE",
+ "DEF:newnotsyn=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-NEWNOTSYN/ipt_bytes-DROP_NEWNOTSYN.rrd:value:AVERAGE",
+ "DEF:portscan=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-PSCAN/ipt_bytes-DROP_PScan.rrd:value:AVERAGE",
+ "DEF:spoofedmartian=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-SPOOFED_MARTIAN/ipt_bytes-DROP_SPOOFED_MARTIAN.rrd:value:AVERAGE",
+ "DEF:hostilein=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_IN/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
+ "DEF:hostileout=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_OUT/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
+ "DEF:hostilelegacy=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
+
+ # This creates a new combined hostile segment.
+ # Previously we did not split into incoming/outgoing, but we cannot go back in time. This CDEF will take the values
+ # from the old RRD database if it exists and if those values are UNKNOWN (time period after Hostile was split into In and Out),
+ # we replace them with the sum of IN + OUT.
+ "CDEF:hostile=hostilelegacy,UN,hostilein,hostileout,+,hostilelegacy,IF",
+
+ "COMMENT:".sprintf("%-26s",$Lang::tr{'caption'}),
+ "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}),
+ "COMMENT:".sprintf("%15s",$Lang::tr{'average'}),
+ "COMMENT:".sprintf("%14s",$Lang::tr{'minimal'}),
+ "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j",
+ "AREA:output".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (OUTPUT)"),
+ "GPRINT:output:MAX:%8.1lf %sBps",
+ "GPRINT:output:AVERAGE:%8.1lf %sBps",
+ "GPRINT:output:MIN:%8.1lf %sBps",
+ "GPRINT:output:LAST:%8.1lf %sBps\\j",
+ "STACK:forward".$color{"color23"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (FORWARD)"),
+ "GPRINT:forward:MAX:%8.1lf %sBps",
+ "GPRINT:forward:AVERAGE:%8.1lf %sBps",
+ "GPRINT:forward:MIN:%8.1lf %sBps",
+ "GPRINT:forward:LAST:%8.1lf %sBps\\j",
+ "STACK:input".$color{"color24"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (INPUT)"),
+ "GPRINT:input:MAX:%8.1lf %sBps",
+ "GPRINT:input:AVERAGE:%8.1lf %sBps",
+ "GPRINT:input:MIN:%8.1lf %sBps",
+ "GPRINT:input:LAST:%8.1lf %sBps\\j",
+ "STACK:newnotsyn".$color{"color14"}."A0:".sprintf("%-25s","NewNotSYN"),
+ "GPRINT:newnotsyn:MAX:%8.1lf %sBps",
+ "GPRINT:newnotsyn:AVERAGE:%8.1lf %sBps",
+ "GPRINT:newnotsyn:MIN:%8.1lf %sBps",
+ "GPRINT:newnotsyn:LAST:%8.1lf %sBps\\j",
+ "STACK:portscan".$color{"color16"}."A0:".sprintf("%-25s",$Lang::tr{'portscans'}),
+ "GPRINT:portscan:MAX:%8.1lf %sBps",
+ "GPRINT:portscan:AVERAGE:%8.1lf %sBps",
+ "GPRINT:portscan:MIN:%8.1lf %sBps",
+ "GPRINT:portscan:LAST:%8.1lf %sBps\\j",
+ "STACK:spoofedmartian".$color{"color12"}."A0:".sprintf("%-25s",$Lang::tr{'spoofed or martians'}),
+ "GPRINT:spoofedmartian:MAX:%8.1lf %sBps",
+ "GPRINT:spoofedmartian:AVERAGE:%8.1lf %sBps",
+ "GPRINT:spoofedmartian:MIN:%8.1lf %sBps",
+ "GPRINT:spoofedmartian:LAST:%8.1lf %sBps\\j",
+ "STACK:hostilein".$color{"color13"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks in'}),
+ "GPRINT:hostilein:MAX:%8.1lf %sBps",
+ "GPRINT:hostilein:AVERAGE:%8.1lf %sBps",
+ "GPRINT:hostilein:MIN:%8.1lf %sBps",
+ "GPRINT:hostilein:LAST:%8.1lf %sBps\\j",
+ "STACK:hostileout".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks out'}),
+ "GPRINT:hostileout:MAX:%8.1lf %sBps",
+ "GPRINT:hostileout:AVERAGE:%8.1lf %sBps",
+ "GPRINT:hostileout:MIN:%8.1lf %sBps",
+ "GPRINT:hostileout:LAST:%8.1lf %sBps\\j",
+ "LINE:hostile#000000A0:".sprintf("%-25s",$Lang::tr{'hostile networks total'}),
+ "GPRINT:hostile:MAX:%8.1lf %sBps",
+ "GPRINT:hostile:AVERAGE:%8.1lf %sBps",
+ "GPRINT:hostile:MIN:%8.1lf %sBps",
+ "GPRINT:hostile:LAST:%8.1lf %sBps\\j",
+ );
+ }else{
+ RRDs::graph(
+ @GRAPH_ARGS,
+ "-",
+ "--start",
+ "-1".$period,
+ "-r",
+ "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"},
+ "-v ".$Lang::tr{'bytes per second'},
+ "--color=SHADEA".$color{"color19"},
+ "--color=SHADEB".$color{"color19"},
+ "--color=BACK".$color{"color21"},
+ "DEF:output=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYOUT/ipt_bytes-DROP_OUTPUT.rrd:value:AVERAGE",
+ "DEF:input=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYIN/ipt_bytes-DROP_INPUT.rrd:value:AVERAGE",
+ "DEF:forward=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYFWD/ipt_bytes-DROP_FORWARD.rrd:value:AVERAGE",
+ "DEF:newnotsyn=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-NEWNOTSYN/ipt_bytes-DROP_NEWNOTSYN.rrd:value:AVERAGE",
+ "DEF:portscan=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-PSCAN/ipt_bytes-DROP_PScan.rrd:value:AVERAGE",
+ "DEF:spoofedmartian=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-SPOOFED_MARTIAN/ipt_bytes-DROP_SPOOFED_MARTIAN.rrd:value:AVERAGE",
+ "DEF:hostilein=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_IN/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
+ "DEF:hostileout=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_OUT/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE",
+
+ # This creates a new combined hostile segment.
+ # If we started collecting IN/OUT, ie the old single Hostile RRD database is not available then this CDEF will take the values
+ # from the sum of IN + OUT.
+ "CDEF:hostile=hostilein,hostileout,+",
+
+ "COMMENT:".sprintf("%-26s",$Lang::tr{'caption'}),
+ "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}),
+ "COMMENT:".sprintf("%15s",$Lang::tr{'average'}),
+ "COMMENT:".sprintf("%14s",$Lang::tr{'minimal'}),
+ "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j",
+ "AREA:output".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (OUTPUT)"),
+ "GPRINT:output:MAX:%8.1lf %sBps",
+ "GPRINT:output:AVERAGE:%8.1lf %sBps",
+ "GPRINT:output:MIN:%8.1lf %sBps",
+ "GPRINT:output:LAST:%8.1lf %sBps\\j",
+ "STACK:forward".$color{"color23"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (FORWARD)"),
+ "GPRINT:forward:MAX:%8.1lf %sBps",
+ "GPRINT:forward:AVERAGE:%8.1lf %sBps",
+ "GPRINT:forward:MIN:%8.1lf %sBps",
+ "GPRINT:forward:LAST:%8.1lf %sBps\\j",
+ "STACK:input".$color{"color24"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (INPUT)"),
+ "GPRINT:input:MAX:%8.1lf %sBps",
+ "GPRINT:input:AVERAGE:%8.1lf %sBps",
+ "GPRINT:input:MIN:%8.1lf %sBps",
+ "GPRINT:input:LAST:%8.1lf %sBps\\j",
+ "STACK:newnotsyn".$color{"color14"}."A0:".sprintf("%-25s","NewNotSYN"),
+ "GPRINT:newnotsyn:MAX:%8.1lf %sBps",
+ "GPRINT:newnotsyn:AVERAGE:%8.1lf %sBps",
+ "GPRINT:newnotsyn:MIN:%8.1lf %sBps",
+ "GPRINT:newnotsyn:LAST:%8.1lf %sBps\\j",
+ "STACK:portscan".$color{"color16"}."A0:".sprintf("%-25s",$Lang::tr{'portscans'}),
+ "GPRINT:portscan:MAX:%8.1lf %sBps",
+ "GPRINT:portscan:AVERAGE:%8.1lf %sBps",
+ "GPRINT:portscan:MIN:%8.1lf %sBps",
+ "GPRINT:portscan:LAST:%8.1lf %sBps\\j",
+ "STACK:spoofedmartian".$color{"color12"}."A0:".sprintf("%-25s",$Lang::tr{'spoofed or martians'}),
+ "GPRINT:spoofedmartian:MAX:%8.1lf %sBps",
+ "GPRINT:spoofedmartian:AVERAGE:%8.1lf %sBps",
+ "GPRINT:spoofedmartian:MIN:%8.1lf %sBps",
+ "GPRINT:spoofedmartian:LAST:%8.1lf %sBps\\j",
+ "STACK:hostilein".$color{"color13"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks in'}),
+ "GPRINT:hostilein:MAX:%8.1lf %sBps",
+ "GPRINT:hostilein:AVERAGE:%8.1lf %sBps",
+ "GPRINT:hostilein:MIN:%8.1lf %sBps",
+ "GPRINT:hostilein:LAST:%8.1lf %sBps\\j",
+ "STACK:hostileout".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks out'}),
+ "GPRINT:hostileout:MAX:%8.1lf %sBps",
+ "GPRINT:hostileout:AVERAGE:%8.1lf %sBps",
+ "GPRINT:hostileout:MIN:%8.1lf %sBps",
+ "GPRINT:hostileout:LAST:%8.1lf %sBps\\j",
+ "LINE:hostile#000000A0:".sprintf("%-25s",$Lang::tr{'hostile networks total'}),
+ "GPRINT:hostile:MAX:%8.1lf %sBps",
+ "GPRINT:hostile:AVERAGE:%8.1lf %sBps",
+ "GPRINT:hostile:MIN:%8.1lf %sBps",
+ "GPRINT:hostile:LAST:%8.1lf %sBps\\j",
+ );
+ }
$ERROR = RRDs::error;
return "Error in RRD::graph for firewallhits: ".$ERROR."\n" if $ERROR;
}