print "Error in RRD::update for $interface: $ERROR\n" if $ERROR;
}
+sub updatefwhitsgraph {
+ my $interval = $_[0];
+
+ RRDs::graph ("$graphs/firewallhits-$interval-area.png",
+ "--start", "-1$interval", "-aPNG", "-i", "-z",
+ "--alt-y-grid", "-w 600", "-h 200",
+ "--color", "SHADEA#EAE9EE",
+ "--color", "SHADEB#EAE9EE",
+ "--color", "BACK#EAE9EE",
+ "-t firewall hits over the last $interval",
+ "DEF:amount=$rrdlog/firewallhits.rrd:amount:AVERAGE",
+ "AREA:amount#6464FF:firewallhits",
+ "GPRINT:amount:MAX: Max\\: %2.2lf %S",
+ "GPRINT:amount:AVERAGE: Avg\\: %2.2lf %S",
+ "GPRINT:amount:LAST: Current\\: %2.2lf %Shits/5 min\\n",
+ "DEF:portamount=$rrdlog/firewallhits.rrd:portamount:AVERAGE",
+ "AREA:portamount#FF6464:portscans",
+ "GPRINT:portamount:MAX: Max\\: %2.2lf %S",
+ "GPRINT:portamount:AVERAGE: Avg\\: %2.2lf %S",
+ "GPRINT:portamount:LAST: Current\\: %2.2lf %Shits/5 min");
+ $ERROR = RRDs::error;
+ print "Error in RRD::graph for Firewallhits: $ERROR\n" if $ERROR;
+
+ RRDs::graph ("$graphs/firewallhits-$interval-line.png",
+ "--start", "-1$interval", "-aPNG", "-i", "-z",
+ "--alt-y-grid", "-w 600", "-h 200",
+ "--color", "SHADEA#EAE9EE",
+ "--color", "SHADEB#EAE9EE",
+ "--color", "BACK#EAE9EE",
+ "-t firewall hits over the last $interval",
+ "DEF:amount=$rrdlog/firewallhits.rrd:amount:AVERAGE",
+ "LINE2:amount#6464FF:firewallhits",
+ "GPRINT:amount:MAX: Max\\: %2.2lf %S",
+ "GPRINT:amount:AVERAGE: Avg\\: %2.2lf %S",
+ "GPRINT:amount:LAST: Current\\: %2.2lf %Shits/5 min\\n",
+ "DEF:portamount=$rrdlog/firewallhits.rrd:portamount:AVERAGE",
+ "LINE2:portamount#FF6464:portscans",
+ "GPRINT:portamount:MAX: Max\\: %2.2lf %S",
+ "GPRINT:portamount:AVERAGE: Avg\\: %2.2lf %S",
+ "GPRINT:portamount:LAST: Current\\: %2.2lf %Shits/5 min");
+ $ERROR = RRDs::error;
+ print "Error in RRD::graph for Firewallhits: $ERROR\n" if $ERROR;
+}
+
+sub updatefwhitsdata {
+ my $portamount=0;
+ my $alertaktuell=0;
+ my $aktuell=0;
+ my $portaktuell=0;
+ my $skip=0;
+
+ if (! -e "$rrdlog/firewallhits.rrd")
+ {
+ RRDs::create ("$rrdlog/firewallhits.rrd", "--step=300",
+ "DS:amount:GAUGE:600:0:U",
+ "DS:portamount:GAUGE:600:0:U",
+ "RRA:AVERAGE:0.5:1:576",
+ "RRA:AVERAGE:0.5:6:672",
+ "RRA:AVERAGE:0.5:24:732",
+ "RRA:AVERAGE:0.5:144:1460");
+ $ERROR = RRDs::error;
+ print "Error in RRD::create for cpu: $ERROR\n" if $ERROR;
+ }
+
+ system("logtailfwhits /var/log/messages /var/log/fwhits.messages.offset >/tmp/messages.fwhits");
+ if (!(open (FILE,'/tmp/messages.fwhits'))) {
+ $skip=1;
+ }
+ $aktuell = 0;
+ if (!$skip) {
+ while (<FILE>) {
+ if (/kernel:.*(IN=.*)$/) {
+ $aktuell++;
+ }
+ }
+ close (FILE);
+ }
+
+ system("logtailfwhits /var/log/snort/alert /var/log/snort/fwhits.alert.offset >/tmp/snort.fwhits");
+ if (!(open (FILE,'/tmp/snort.fwhits'))) {
+ $skip=1;
+ }
+ $alertaktuell = 0;
+ if (!$skip) {
+ while (<FILE>) {
+ if (/scan.*$/) {
+ $alertaktuell++;
+ }
+ }
+ close (FILE);
+ }
+
+ if (!(open (FILE,'/tmp/messages.fwhits'))) {
+ $skip=1;
+ }
+ $portaktuell = 0;
+ if (!$skip) {
+ while (<FILE>) {
+ if (/kernel:.*(Scan.*)$/) {
+ $portaktuell++;
+ }
+ }
+ close (FILE);
+ }
+
+ system("rm /tmp/messages.fwhits");
+ system("rm /tmp/snort.fwhits");
+
+ $portamount = $portaktuell + $alertaktuell;
+ chomp($portamount);
+ RRDs::update ("$rrdlog/firewallhits.rrd",
+ "N:$aktuell:$portamount");
+ $ERROR = RRDs::error;
+ print "Error in RRD::update for Firewallhits: $ERROR\n" if $ERROR;
+}
+
+# Creates and updates a link quality database
+# -------------------------------------------
+sub updatelq {
+ if ( ! -e "$rrdlog/lq.rrd") {
+ RRDs::create ("$rrdlog/lq.rrd", "--step=300",
+ "DS:loss:GAUGE:600:0:100",
+ "DS:roundtrip:GAUGE:600:0:10000",
+ "RRA:AVERAGE:0.5:1:576",
+ "RRA:AVERAGE:0.5:6:672",
+ "RRA:AVERAGE:0.5:24:732",
+ "RRA:AVERAGE:0.5:144:1460");
+ $ERROR = RRDs::error;
+ print "Error in RRD::create for link: $ERROR\n" if $ERROR;
+ }
+ my $packetloss=0;
+ my $roundtrip=0;
+ my $test=0;
+# LQ_GATEWAY is the ip of your isp's public ip facing you
+ my $LQ_GATEWAY=`netstat -r | grep ^default | awk '{print \$2}'`;
+ my $NUMPINGS=10;
+ my $pingoutput = `ping -c $NUMPINGS -q $LQ_GATEWAY`;
+ chomp;
+ my @temp = split (/\/|\%|\s/, $pingoutput);
+ $packetloss = $temp[17];
+ $roundtrip = $temp[28];
+ RRDs::update ("$rrdlog/lq.rrd", "N:$packetloss:$roundtrip");
+ $ERROR = RRDs::error;
+ print "Error in RRD::update for line quality: $ERROR\n" if $ERROR;
+}
+
+sub updatelqgraph {
+ my $period = $_[0];
+ RRDs::graph ("$graphs/lq-$period.png",
+ "--start", "-1$period", "-aPNG", "-i", "-z",
+ "--alt-y-grid", "-w 600", "-h 100", "-l 0", "-r",
+ "-t $tr{'linkq'} ($tr{'graph per'} $tr{$period})",
+ "--lazy",
+ "--color", "SHADEA#EAE9EE",
+ "--color", "SHADEB#EAE9EE",
+ "--color", "BACK#EAE9EE",
+ "-v ms / pkts (% x10)",
+ "DEF:roundtrip=$rrdlog/lq.rrd:roundtrip:AVERAGE",
+ "DEF:loss=$rrdlog/lq.rrd:loss:AVERAGE",
+ "CDEF:roundavg=roundtrip,PREV(roundtrip),+,2,/",
+ "CDEF:loss10=loss,10,*",
+ "CDEF:r0=roundtrip,30,MIN",
+ "CDEF:r1=roundtrip,70,MIN",
+ "CDEF:r2=roundtrip,150,MIN",
+ "CDEF:r3=roundtrip,300,MIN",
+ "AREA:roundtrip#EE7000:>300 ms",
+ "AREA:r3#D88E1B:150-300 ms",
+ "AREA:r2#B9B63F:70-150 ms",
+ "AREA:r1#99E064:30-70 ms",
+ "AREA:r0#80FF80:<30 ms",
+ "AREA:loss10#800000:Packet loss (x10)",
+ "LINE1:roundtrip#707070:",
+ "GPRINT:roundtrip:MAX:$tr{'maximal'} $tr{'linkq'}\\:%3.2lf ms",
+ "GPRINT:roundtrip:AVERAGE:$tr{'average'} $tr{'linkq'}\\:%3.2lf ms",
+ "GPRINT:roundtrip:LAST:$tr{'current'} $tr{'linkq'}\\:%3.2lf ms\\j",
+ "GPRINT:loss:MAX:$tr{'maximal'} Loss\\:%3.2lf%%",
+ "GPRINT:loss:AVERAGE:$tr{'average'} Loss\\:%3.2lf%%",
+ "GPRINT:loss:LAST:$tr{'current'} Loss\\:%3.2lf%%\\j"
+ );
+ $ERROR = RRDs::error;
+ print "Error in RRD::graph for Link Quality: $ERROR\n" if $ERROR;
+}
+
## Update ipac logs
system ('/usr/sbin/fetchipac');
sleep 8;
updatediskgraph ("month");
updatediskgraph ("year");
+###
+### Firewallhits
+###
+updatefwhitsdata();
+updatefwhitsgraph ("day");
+updatefwhitsgraph ("week");
+updatefwhitsgraph ("month");
+updatefwhitsgraph ("year");
+
+###
+### Link Quality
+###
+updatelq();
+sleep 2;
+updatelqgraph("day");
+updatelqgraph("week");
+updatelqgraph("month");
+updatelqgraph("year");
+
###
### Network Graphs
###
projects / ipfire-2.x.git / blobdiff