#!/usr/bin/perl ############################################################################ # # # This file is part of the IPCop Firewall. # # # # IPCop is free software; you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # # the Free Software Foundation; either version 2 of the License, or # # (at your option) any later version. # # # # IPCop is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # # GNU General Public License for more details. # # # # You should have received a copy of the GNU General Public License # # along with IPCop; if not, write to the Free Software # # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # # # Copyright (C) 2004-01-19 Mark Wormgoor . # # # ############################################################################ use strict; #use warnings; use RRDs; require "/var/ipfire/general-functions.pl"; require "${General::swroot}/lang.pl"; my (%settings, @ipacsum, $iface, $ERROR); &General::readhash("${General::swroot}/ethernet/settings", \%settings); my %mbmon_settings = (); &General::readhash("${General::swroot}/mbmon/settings", \%mbmon_settings); # Added for conversion of utf-8 characters use Encode 'from_to'; my %tr=(); system("chmod 777 /srv/web/ipfire/html/graphs"); # Force language back to English (ugly hack!) # Modified to only force if we are unable to convert charset # from utf-8 if ((${Lang::language} eq 'el') || (${Lang::language} eq 'fa') || (${Lang::language} eq 'ru') || (${Lang::language} eq 'th') || (${Lang::language} eq 'vi') || (${Lang::language} eq 'zh') || (${Lang::language} eq 'zt')) { eval `/bin/cat "${General::swroot}/langs/en.pl"`; } else { %tr=%Lang::tr; # use translated version for other languages } # Settings my $rrdlog = "/var/log/rrd"; my $graphs = "/srv/web/ipfire/html/graphs"; $ENV{PATH}="/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"; my $hdd_device = "/dev/harddisk"; my $temp = ''; my %mbmon_values = (); my $key; my $value; my @args = (); my $count = 0; my $ERROR; my $dbg = 0; my $path_smartctl = "/usr/sbin/smartctl"; my $path_hddtemp = "/usr/sbin/hddtemp"; my %color = (); my %mainsettings = (); &General::readhash("${General::swroot}/main/settings", \%mainsettings); &General::readhash("/srv/web/ipfire/html/themes/".$mainsettings{'THEME'}."/include/colors.txt", \%color); open(MBMON_OUT, ">/var/log/mbmon-values"); open(FD, "/usr/bin/mbmon -rc1|" ) || die "ERROR: Cannot run mbmon\n" ; while( $_ = ) { next unless( /^([A-Za-z][^:\s]+)\s*:\s*([+\-]{0,1}[\d\.]+)/ ) ; $key = $1 ; $value = $2 ; $key =~ y/A-Z/a-z/ ; $mbmon_values{$key} = $value; print(MBMON_OUT "$key=$value\n"); } close(FD); close(MBMON_OUT); sub gettraffic { my $interface = $_[0]; my $bytesin=0; my $bytesout=0; foreach (@ipacsum) { # Incoming... $bytesin += $1 if (/^[\* ]\s+incoming\s+${interface}.+\:\s+(\d+)/); # Forwarded Incoming... $bytesin += $1 if (/^[\* ]\s+forwarded\s+incoming\s+${interface}.+\:\s+(\d+)/); # Outgoing... $bytesout += $1 if (/^[* ]\s+outgoing\s+${interface}.+\:\s+(\d+)/); # Forwarded Outgoing... $bytesout += $1 if (/^[* ]\s+forwarded\s+outgoing\s+${interface}.+\:\s+(\d+)/); } return "$bytesin:$bytesout"; } sub updatecpudata { if ( ! -e "$rrdlog/cpu.rrd") { RRDs::create ("$rrdlog/cpu.rrd", "--step=300", "DS:user:COUNTER:600:0:500000000", "DS:system:COUNTER:600:0:500000000", "DS:idle:COUNTER:600:0:500000000", "DS:iowait:COUNTER:600:0:500000000", "DS:irq:COUNTER:600:0:500000000", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for cpu: $ERROR\n" if $ERROR; } my ($cpu, $user, $nice, $system, $idle, $iowait, $irq, $softirq); open STAT, "/proc/stat"; while() { chomp; /^cpu\s/ or next; ($cpu, $user, $nice, $system, $idle, $iowait, $irq, $softirq) = split /\s+/; last; } close STAT; $user += $nice; $irq += $softirq; RRDs::update ("$rrdlog/cpu.rrd", "-t", "user:system:idle:iowait:irq", "N:$user:$system:$idle:$iowait:$irq"); $ERROR = RRDs::error; print "Error in RRD::update for cpu: $ERROR\n" if $ERROR; } sub updateloaddata { if ( ! -e "$rrdlog/load.rrd") { RRDs::create ("$rrdlog/load.rrd", "--step=60", "DS:load1:GAUGE:120:0:U", "DS:load5:GAUGE:120:0:U", "DS:load15:GAUGE:120:0:U", "RRA:AVERAGE:0.5:1:2160", "RRA:AVERAGE:0.5:5:2016", "RRA:AVERAGE:0.5:15:2880", "RRA:AVERAGE:0.5:60:8760"); $ERROR = RRDs::error; print "Error in RRD::create for cpu: $ERROR\n" if $ERROR; } } sub updatememdata { my ($memused, $memfree, $memshared, $membuffers, $memcache, $swapused, $swapfree, $swaptotal); if ( ! -e "$rrdlog/mem.rrd") { RRDs::create ("$rrdlog/mem.rrd", "--step=300", "DS:memused:ABSOLUTE:600:0:5000000000", "DS:memfree:ABSOLUTE:600:0:5000000000", "DS:memshared:ABSOLUTE:600:0:5000000000", "DS:membuffers:ABSOLUTE:600:0:5000000000", "DS:memcache:ABSOLUTE:600:0:5000000000", "DS:swapused:ABSOLUTE:600:0:5000000000", "DS:swapfree:ABSOLUTE:600:0:5000000000", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for mem: $ERROR\n" if $ERROR; } open MEM, "/proc/meminfo"; while() { chomp; if ($_ =~ /^MemTotal:/) { my @temp = split (/\s+/, $_); $memused = $temp[1]; } elsif ($_ =~ /^MemFree:/) { my @temp = split (/\s+/, $_); $memfree = $temp[1]; } elsif ($_ =~ /^Cached:/) { my @temp = split (/\s+/, $_); $memcache = $temp[1]; } elsif ($_ =~ /^Buffers:/) { my @temp = split (/\s+/, $_); $membuffers = $temp[1]; } elsif ($_ =~ /^SwapTotal:/) { my @temp = split (/\s+/, $_); $swaptotal = $temp[1]; } elsif ($_ =~ /^SwapFree:/) { my @temp = split (/\s+/, $_); $swapfree = $temp[1]; } } close MEM; system("/bin/df > /tmp/diskfree"); open DF, "/tmp/diskfree"; while() { chomp; if ($_ =~ /^shm/) { my @temp = split (/\s+/, $_); $memshared = $temp[2]; } } close DF; system("/bin/rm -f /tmp/diskfree"); $swapused = $swaptotal-$swapfree; RRDs::update ("$rrdlog/mem.rrd", "-t", "memused:memfree:memshared:membuffers:memcache:swapused:swapfree", "N:$memused:$memfree:$memshared:$membuffers:$memcache:$swapused:$swapfree"); $ERROR = RRDs::error; print "Error in RRD::update for mem: $ERROR\n" if $ERROR; } sub updatediskdata { my $disk = $_[0]; my ($readsect, $writesect, $trash); if ( ! -e "$rrdlog/disk-$disk.rrd") { RRDs::create ("$rrdlog/disk-$disk.rrd", "--step=300", "DS:readsect:COUNTER:600:0:5000000000", "DS:writesect:COUNTER:600:0:5000000000", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for disk $disk: $ERROR\n" if $ERROR; } my $Zeilen = `/usr/bin/iostat $disk | tail -2 | head -1`; ($trash, $trash, $trash, $trash, $readsect, $writesect) = split(/\s+/,$Zeilen); print "\nread:".$readsect."write:".$writesect."\n"; if ($readsect && $writesect) { RRDs::update ("$rrdlog/disk-$disk.rrd", "-t", "readsect:writesect", "N:$readsect:$writesect"); $ERROR = RRDs::error; print "Error in RRD::update for disk $disk: $ERROR\n" if $ERROR; } else { print "Error in RRD::update for disk: $disk no data available\n"; } } sub updateifdata { my $interface = $_[0]; if ( ! -e "$rrdlog/$interface.rrd") { RRDs::create ("$rrdlog/$interface.rrd", "--step=300", "DS:incoming:ABSOLUTE:600:0:12500000", "DS:outgoing:ABSOLUTE:600:0:12500000", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for $interface: $ERROR\n" if $ERROR; } my $traffic = gettraffic ($interface); RRDs::update ("$rrdlog/$interface.rrd", "-t", "incoming:outgoing", "N:$traffic"); $ERROR = RRDs::error; print "Error in RRD::update for $interface: $ERROR\n" if $ERROR; } sub updatefwhitsdata { my $portamount=0; my $alertaktuell=0; my $aktuell=0; my $portaktuell=0; my $skip=0; if (! -e "$rrdlog/firewallhits.rrd") { RRDs::create ("$rrdlog/firewallhits.rrd", "--step=300", "DS:amount:GAUGE:600:0:U", "DS:portamount:GAUGE:600:0:U", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for cpu: $ERROR\n" if $ERROR; } system("logtailfwhits /var/log/messages /var/log/fwhits.messages.offset >/tmp/messages.fwhits"); if (!(open (FILE,'/tmp/messages.fwhits'))) { $skip=1; } $aktuell = 0; if (!$skip) { while () { if (/kernel:.*(IN=.*)$/) { $aktuell++; } } close (FILE); } system("logtailfwhits /var/log/snort/alert /var/log/snort/fwhits.alert.offset >/tmp/snort.fwhits"); if (!(open (FILE,'/tmp/snort.fwhits'))) { $skip=1; } $alertaktuell = 0; if (!$skip) { while () { if (/scan.*$/) { $alertaktuell++; } } close (FILE); } if (!(open (FILE,'/tmp/messages.fwhits'))) { $skip=1; } $portaktuell = 0; if (!$skip) { while () { if (/kernel:.*(Scan.*)$/) { $portaktuell++; } } close (FILE); } system("rm /tmp/messages.fwhits"); system("rm /tmp/snort.fwhits"); $portamount = $portaktuell + $alertaktuell; chomp($portamount); RRDs::update ("$rrdlog/firewallhits.rrd", "N:$aktuell:$portamount"); $ERROR = RRDs::error; print "Error in RRD::update for Firewallhits: $ERROR\n" if $ERROR; } # Creates and updates a link quality database # ------------------------------------------- sub updatelq { if ( ! -e "$rrdlog/lq.rrd") { RRDs::create ("$rrdlog/lq.rrd", "--step=300", "DS:loss:GAUGE:600:0:100", "DS:roundtrip:GAUGE:600:0:10000", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for link: $ERROR\n" if $ERROR; } my $packetloss=0; my $roundtrip=0; my $test=0; # LQ_GATEWAY is the ip of your isp's public ip facing you my $LQ_GATEWAY=`cat /var/ipfire/red/remote-ipaddress`; chomp($LQ_GATEWAY); my $NUMPINGS=5; my $pingoutput = `/usr/bin/ping -w 10 -c $NUMPINGS -q $LQ_GATEWAY | tail -2`; my @temp = split (/\/|\%|\s/, $pingoutput); $packetloss = $temp[5]; $roundtrip = $temp[17]; print "Paketlos->".$packetloss."<-Roundtrip->".$roundtrip."<-\n"; if ( $packetloss eq "100" ){ my $pingoutput = `/usr/bin/ping -w 10 -c $NUMPINGS -q ping.ipfire.org | tail -2`; my @temp = split (/\/|\%|\s/, $pingoutput); $packetloss = $temp[5]; $roundtrip = $temp[17]; print "Paketlos->".$packetloss."<-Roundtrip->".$roundtrip."<-\n"; } RRDs::update ("$rrdlog/lq.rrd", "N:$packetloss:$roundtrip"); $ERROR = RRDs::error; print "Error in RRD::update for line quality: $ERROR\n" if $ERROR; } sub updatehdddata { my $disk = $_[0]; my $standby; if ( ! -e "$rrdlog/hddshutdown-$disk.rrd") { # database did not exist -> create RRDs::create ("$rrdlog/hddshutdown-$disk.rrd", "--step=300", "DS:standby:GAUGE:600:0:1", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for hddshutdown-$disk: $ERROR\n" if $ERROR; } if (-e "/tmp/hddshutdown-$disk") {$standby = 1;} else {$standby = 0;} RRDs::update ("$rrdlog/hddshutdown-$disk.rrd", "-t", "standby", "N:$standby"); $ERROR = RRDs::error; print "Error in RRD::update for hddshutdown-$disk: $ERROR\n" if $ERROR; if ( ! -e "$rrdlog/hddtemp-$disk.rrd") { # database did not exist -> create RRDs::create ("$rrdlog/hddtemp-$disk.rrd", "--step=300", "DS:temperature:GAUGE:600:0:100", "RRA:AVERAGE:0.5:1:576", "RRA:AVERAGE:0.5:6:672", "RRA:AVERAGE:0.5:24:732", "RRA:AVERAGE:0.5:144:1460"); $ERROR = RRDs::error; print "Error in RRD::create for hdd-$disk: $ERROR\n" if $ERROR; } # Temperaturlesen wÃrde die Platte aufwecken!!! if (!$standby) { $temp = 0; my $hdd_output = ''; my $smart_output = ''; if ( -e "$path_smartctl" ) { system("$path_smartctl -iHA -d ata /dev/$disk > /var/log/smartctl_out_hddtemp-$disk"); } if ( -e "$path_hddtemp" ) { $hdd_output = `$path_hddtemp -qn /dev/$disk`; # I know 4 response possible responses: # # /dev/harddisk: harddisk type: S.M.A.R.T. not available # /dev/harddisk: harddisk type: no sensor # /dev/harddisk: harddisk type: 37?C or ?F # 37 if ( index($hdd_output, "S.M.A.R.T.") != -1 ) { $temp = 0; } elsif ( index($hdd_output, "no sensor") != -1 ) { $temp = 1; } elsif ( index($hdd_output, "$disk") != -1 ) { $hdd_output =~ /.*:.*:\s*(\d+).*\s/; $temp = $1; } else { $hdd_output =~ /(\d+)\s/; $temp = $1; } } elsif ( -e "/var/log/smartctl_out_hddtemp-$disk" ) { $hdd_output = `cat /var/log/smartctl_out_hddtemp-$disk | grep Temperature_`; my @t = split(/\s+/,$hdd_output); $temp = $t[9]; } else { $temp = 0; } print "Temperature for ".$disk."->".$temp."<-\n"; # Nur ins RDD wenn nicht 0 (sonst klappt die min Anzeige nicht) if ($temp) { RRDs::update ("$rrdlog/hddtemp-$disk.rrd", "-t", "temperature", "N:$temp"); $ERROR = RRDs::error; print "Error in RRD::update for hdd-$disk: $ERROR\n" if $ERROR; } } } sub updatembmondata { if ( ! -e "$rrdlog/mbmon.rrd" ) { # database did not exist -> create @args = ("$rrdlog/mbmon.rrd"); push(@args, "--step=300"); foreach $key ( sort(keys %mbmon_values) ) { push(@args, "DS:$key:GAUGE:600:U:U"); } push(@args, "RRA:AVERAGE:0.5:1:576"); push(@args, "RRA:AVERAGE:0.5:6:672"); push(@args, "RRA:AVERAGE:0.5:24:732"); push(@args, "RRA:AVERAGE:0.5:144:1460"); print("create ". join( ", ", @args)) if ( $dbg ); RRDs::create (@args); $ERROR = RRDs::error; print("Error in RRD::create for mbmon: $ERROR\n") if $ERROR; } my @ds; my @val; my $template; foreach $key ( sort(keys %mbmon_values) ) { push(@ds, $key); push(@val, $mbmon_values{$key}); } $template = join(':', @ds); $value = "N:".join(':', @val); print("update template = '$template'\n") if ( $dbg ); print("update value = '$value'\n") if ( $dbg ); RRDs::update("$rrdlog/mbmon.rrd", "-t", $template, $value); $ERROR = RRDs::error; print("Error in RRD::update for mbmon: $ERROR\n") if $ERROR; } ## Update ipac logs system ('/usr/sbin/fetchipac'); sleep 8; ### ### Squid Graphs ### if ( -e "/var/log/squid/access.log") { system ("/usr/bin/squid-graph -o=/srv/web/ipfire/html/sgraph --tcp-only < /var/log/squid/access.log >/dev/null 2>&1"); } ### ### utf8 conversion ### if ((${Lang::language} eq 'cs') || (${Lang::language} eq 'hu') || (${Lang::language} eq 'pl') || (${Lang::language} eq 'sk')) { # Czech, Hungarian, Polish and Slovak character set foreach my $key(keys %Lang::tr) { from_to($tr{$key}, "utf-8", "iso-8859-2"); } } elsif (${Lang::language} eq 'tr') { # Turkish foreach my $key(keys %Lang::tr) { from_to($tr{$key}, "utf-8", "iso-8859-9"); } } else { foreach my $key(keys %Lang::tr) { from_to($tr{$key}, "utf-8", "iso-8859-1"); } } ### ### System graphs ### updatecpudata(); updateloaddata(); updatememdata(); ### ### HDD graphs ### my @disks = `kudzu -qps -c HD | grep device: | cut -d" " -f2 | sort | uniq`; system("unlink /tmp/hddstatus && touch /tmp/hddstatus"); print "\nFound following amount of disks:".@disks."\n"; foreach (@disks){ my $disk = $_; chomp $disk; print "Working on disk ".$disk.".\n"; my $status = ""; my $diskstats = ""; my $newdiskstats = ""; $diskstats = `cat /tmp/hddstats-$disk`; chomp $diskstats; my $newdiskstats = `/usr/bin/iostat -d -t $disk | tail -2 | head -1 | awk '{ print \$5","\$6}'`; chomp $newdiskstats; my $status = `hdparm -C /dev/$disk | tail -1 | cut -d: -f2`; chomp $status; if ($status !~/standby/ || $diskstats ne $newdiskstats) { if (-e "/tmp/hddshutdown-$disk") { system("unlink /tmp/hddshutdown-$disk"); } } if (-e "/tmp/hddshutdown-$disk") { $status = " standby\n"; } else { $status = " active\n"; } open(DATEI, ">>/tmp/hddstatus") || die "Datei nicht gefunden"; print DATEI $disk."-".$status; close(DATEI); updatediskdata($disk); updatehdddata($disk); } ### ### Firewallhits ### updatefwhitsdata(); ### ### Link Quality ### updatelq(); ### ### Mbmon Data ### updatembmondata(); ### ### Network Graphs ### @ipacsum = `/usr/sbin/ipacsum --exact -s 5m 2>/dev/null`; if (@ipacsum) { updateifdata ("GREEN"); updateifdata ("RED"); if ($settings{'CONFIG_TYPE'} =~ /^(2|4)$/ ) { updateifdata ("ORANGE"); } if ($settings{'CONFIG_TYPE'} =~ /^(3|4)$/ ) { updateifdata ("BLUE"); } }