graphs: Add a legacy suricata graph

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/Makefile.am b/Makefile.am
index 2c74008d978cd9b1ba1fdc948da60c36f9e9f083..8ed0355bbf261a0699783a4286582c229a55b998 100644 (file)
--- a/Makefile.am
+++ b/Makefile.am
@@ -126,6 +126,8 @@ dist_telemetryd_SOURCES = \
        src/daemon/graphs/hostapd-station-rate-info.h \
        src/daemon/graphs/hostapd-station-signal.c \
        src/daemon/graphs/hostapd-station-signal.h \
+       src/daemon/graphs/legacy-suricata.c \
+       src/daemon/graphs/legacy-suricata.h \
        src/daemon/graphs/loadavg.c \
        src/daemon/graphs/loadavg.h \
        src/daemon/graphs/memory.c \

diff --git a/src/daemon/graphs.c b/src/daemon/graphs.c
index 6c8df9ad0bd048e5005af5af6d324c84cf9abab3..cee8f56798b8b693bab8f3a97c911d277edbe5a4 100644 (file)
--- a/src/daemon/graphs.c
+++ b/src/daemon/graphs.c
@@ -40,6 +40,9 @@
 #include "graphs/processor.h"
 #include "graphs/uptime.h"
 
+// Legacy graphs
+#include "graphs/legacy-suricata.h"
+
 // Register all graphs
 static const td_graph_impl* graph_impls[] = {
        &conntrack_graph,
@@ -58,6 +61,9 @@ static const td_graph_impl* graph_impls[] = {
        &pressure_io_graph,
        &pressure_memory_graph,
 
+       // Legacy
+       &legacy_suricata_graph,
+
        NULL,
 };
 

diff --git a/src/daemon/graphs/legacy-suricata.c b/src/daemon/graphs/legacy-suricata.c
new file mode 100644 (file)
index 0000000..a9cf4dc
--- /dev/null
+++ b/src/daemon/graphs/legacy-suricata.c
@@ -0,0 +1,112 @@
+/*#############################################################################
+#                                                                             #
+# telemetryd - The IPFire Telemetry Collection Service                        #
+# Copyright (C) 2025 IPFire Development Team                                  #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+#############################################################################*/
+
+#include <limits.h>
+
+#include "graph.h"
+#include "legacy-suricata.h"
+
+#define COLOR_WHITELISTED GREEN
+#define COLOR_BYPASSED    ORANGE
+#define COLOR_SCANNED     RED
+
+static int legacy_suricata_title(td_ctx* ctx, td_graph* graph,
+               const char* object, char* title, size_t length) {
+       return __td_string_set(title, length, _("Suricata Throughput"));
+}
+
+static int legacy_suricata_vlabel(td_ctx* ctx, td_graph* graph,
+               const char* object, char* vlabel, size_t length) {
+       return __td_string_set(vlabel, length, _("bps"));
+}
+
+static int legacy_suricata_render(td_ctx* ctx,
+               td_graph* graph, td_args* args, const char* object) {
+       int r;
+
+       const char* chains[] = {
+               "SCANNED",
+               "BYPASSED",
+               "WHITELISTED",
+               NULL,
+       };
+
+       // Load all sources
+       r = td_graph_require_sources(graph, args, "iptables", chains);
+       if (r < 0)
+               return r;
+
+       // Convert everything into bps
+       COMPUTE_BITS(args, "bps", "WHITELISTED", "bytes");
+       COMPUTE_BITS(args, "bps", "BYPASSED", "bytes");
+       COMPUTE_BITS(args, "bps", "SCANNED", "bytes");
+
+       // Add up all packets
+       COMPUTE_CDEF(args,
+               "total=" FIELD "," FIELD ",ADDNAN," FIELD ",ADDNAN",
+               FIELD_AND_OBJECT("bps", "WHITELISTED"),
+               FIELD_AND_OBJECT("bps", "BYPASSED"),
+               FIELD_AND_OBJECT("bps", "SCANNED")
+       );
+       VALUE_ALL(args, "total", NULL);
+
+       // Draw the stacked background first
+       DRAW_AREA_BACKGROUND(args, "bps", "WHITELISTED", COLOR_WHITELISTED, 0);
+       DRAW_AREA_BACKGROUND(args, "bps", "BYPASSED", COLOR_BYPASSED, STACKED);
+       DRAW_AREA_BACKGROUND(args, "bps", "SCANNED", COLOR_SCANNED, STACKED);
+
+       // Draw the area outlines afterwards
+       DRAW_AREA_OUTLINE_WITH_LABEL(args, "bps", "WHITELISTED", COLOR_WHITELISTED,
+               0, _("Whitelisted"));
+       PRINT_CAMM(args, "bps", "WHITELISTED", BPS);
+
+       DRAW_AREA_OUTLINE_WITH_LABEL(args, "bps", "BYPASSED", COLOR_BYPASSED,
+               0, _("Offloaded"));
+       PRINT_CAMM(args, "bps", "BYPASSED", BPS);
+
+       DRAW_AREA_OUTLINE_WITH_LABEL(args, "bps", "SCANNED", COLOR_SCANNED,
+               0, _("Scanned"));
+       PRINT_CAMM(args, "bps", "SCANNED", BPS);
+
+       PRINT_EMPTY_LINE(args);
+
+       // Show the total throughput
+       PRINT_LABEL(args, _("Total"));
+       PRINT_CAMM(args, "total", NULL, BPS);
+
+       // Header
+       PRINT_HEADER4(args, _("Current"), _("Average"), _("Minimum"), _("Maximum"));
+
+       return 0;
+}
+
+const td_graph_impl legacy_suricata_graph = {
+       .name    = "LegacySuricata",
+       .render  = legacy_suricata_render,
+       .title   = legacy_suricata_title,
+       .vlabel  = legacy_suricata_vlabel,
+
+       // Flags
+       .flags   = TELEMETRY_GRAPH_REVERSE,
+
+       // Limits
+       .lower_limit = 0,
+       .upper_limit = LONG_MAX,
+};

diff --git a/src/daemon/graphs/legacy-suricata.h b/src/daemon/graphs/legacy-suricata.h
new file mode 100644 (file)
index 0000000..6e5f184
--- /dev/null
+++ b/src/daemon/graphs/legacy-suricata.h
@@ -0,0 +1,28 @@
+/*#############################################################################
+#                                                                             #
+# telemetryd - The IPFire Telemetry Collection Service                        #
+# Copyright (C) 2025 IPFire Development Team                                  #
+#                                                                             #
+# This program is free software: you can redistribute it and/or modify        #
+# it under the terms of the GNU General Public License as published by        #
+# the Free Software Foundation, either version 3 of the License, or           #
+# (at your option) any later version.                                         #
+#                                                                             #
+# This program is distributed in the hope that it will be useful,             #
+# but WITHOUT ANY WARRANTY; without even the implied warranty of              #
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the               #
+# GNU General Public License for more details.                                #
+#                                                                             #
+# You should have received a copy of the GNU General Public License           #
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.       #
+#                                                                             #
+#############################################################################*/
+
+#ifndef TELEMETRY_GRAPH_LEGACY_SURICATA_H
+#define TELEMETRY_GRAPH_LEGACY_SURICATA_H
+
+#include "../graph.h"
+
+extern const td_graph_impl legacy_suricata_graph;
+
+#endif /* TELEMETRY_GRAPH_LEGACY_SURICATA_H */