From: Michael Tremer Date: Thu, 4 Dec 2025 15:54:30 +0000 (+0000) Subject: graphs: Add a graph for dropped packets from/to hostile networks X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ae6dd0f7eec11f1134431dcf8bccb71056b31b1;p=telemetry.git graphs: Add a graph for dropped packets from/to hostile networks Signed-off-by: Michael Tremer --- diff --git a/Makefile.am b/Makefile.am index bf53475..c02dbdd 100644 --- a/Makefile.am +++ b/Makefile.am @@ -132,6 +132,8 @@ dist_telemetryd_SOURCES = \ src/daemon/graphs/interface-packets.h \ src/daemon/graphs/legacy-gateway-latency4.c \ src/daemon/graphs/legacy-gateway-latency4.h \ + src/daemon/graphs/legacy-hostile-drops.c \ + src/daemon/graphs/legacy-hostile-drops.h \ src/daemon/graphs/legacy-port-scans.c \ src/daemon/graphs/legacy-port-scans.h \ src/daemon/graphs/legacy-suricata.c \ diff --git a/src/daemon/colors.h b/src/daemon/colors.h index c699c87..525673f 100644 --- a/src/daemon/colors.h +++ b/src/daemon/colors.h @@ -95,6 +95,9 @@ #define COLOR_ICMP COLOR_RED #define COLOR_IP_FRAG COLOR_BLACK +// Firewall +#define COLOR_DROP COLOR_RED + // DNS #define COLOR_DNS_KEYS COLOR_RED #define COLOR_DNS_INFRA COLOR_GREY diff --git a/src/daemon/graphs.c b/src/daemon/graphs.c index 4c49686..56bb576 100644 --- a/src/daemon/graphs.c +++ b/src/daemon/graphs.c @@ -49,6 +49,7 @@ // Legacy graphs #include "graphs/legacy-gateway-latency4.h" +#include "graphs/legacy-hostile-drops.h" #include "graphs/legacy-port-scans.h" #include "graphs/legacy-suricata.h" @@ -86,6 +87,7 @@ static const td_graph_impl* graph_impls[] = { // Legacy &legacy_gateway_latency4_graph, + &legacy_hostile_drops_graph, &legacy_port_scans_graph, &legacy_suricata_graph, diff --git a/src/daemon/graphs/legacy-hostile-drops.c b/src/daemon/graphs/legacy-hostile-drops.c new file mode 100644 index 0000000..9d21d5e --- /dev/null +++ b/src/daemon/graphs/legacy-hostile-drops.c @@ -0,0 +1,59 @@ +/*############################################################################# +# # +# telemetryd - The IPFire Telemetry Collection Service # +# Copyright (C) 2025 IPFire Development Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#############################################################################*/ + +#include + +#include "graph.h" +#include "legacy-port-scans.h" + +static int legacy_hostile_drops_title(td_ctx* ctx, td_graph* graph, + const char* object, char* title, size_t length) { + return __td_string_set(title, length, _("Dropped Packets To Hostile Networks")); +} + +static int legacy_hostile_drops_render(td_ctx* ctx, td_graph* graph, + const td_graph_render_options* options, td_args* args, const char* object) { + int r; + + // Load all sources + r = td_graph_require_source(graph, args, "iptables", "DROP_HOSTILE"); + if (r < 0) + return r; + + // Header + PRINT_HEADER4(args, _("Current"), _("Average"), _("Minimum"), _("Maximum")); + + DRAW_AREA_WITH_LABEL(args, "packets", "DROP_HOSTILE", + COLOR_DROP, 0, _("Dropped Packets")); + PRINT_CAMM(args, "packets", "DROP_HOSTILE", PPS); + + return 0; +} + +const td_graph_impl legacy_hostile_drops_graph = { + .name = "LegacyHostileDrops", + .render = legacy_hostile_drops_render, + .title = legacy_hostile_drops_title, + .vlabel = td_graph_vlabel_pps, + + // Limits + .lower_limit = 0, + .upper_limit = LONG_MAX, +}; diff --git a/src/daemon/graphs/legacy-hostile-drops.h b/src/daemon/graphs/legacy-hostile-drops.h new file mode 100644 index 0000000..a669d4c --- /dev/null +++ b/src/daemon/graphs/legacy-hostile-drops.h @@ -0,0 +1,28 @@ +/*############################################################################# +# # +# telemetryd - The IPFire Telemetry Collection Service # +# Copyright (C) 2025 IPFire Development Team # +# # +# This program is free software: you can redistribute it and/or modify # +# it under the terms of the GNU General Public License as published by # +# the Free Software Foundation, either version 3 of the License, or # +# (at your option) any later version. # +# # +# This program is distributed in the hope that it will be useful, # +# but WITHOUT ANY WARRANTY; without even the implied warranty of # +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # +# GNU General Public License for more details. # +# # +# You should have received a copy of the GNU General Public License # +# along with this program. If not, see . # +# # +#############################################################################*/ + +#ifndef TELEMETRY_GRAPH_LEGACY_HOSTILE_DROPS_H +#define TELEMETRY_GRAPH_LEGACY_HOSTILE_DROPS_H + +#include "../graph.h" + +extern const td_graph_impl legacy_hostile_drops_graph; + +#endif /* TELEMETRY_GRAPH_LEGACY_HOSTILE_DROPS_H */