Phillipus Gunawan wrote:
>Is there any suggestion on plug in to make this shorewall accounting more
>'readable'?
>I found a few solutions explaining how to extract these values and store it on
>postgre,
>but I just want to ask opinion from the expert or at least whomever already
>use it for a while
I stuff the data into several rrd databases which can then be graphed
separately. For the IP based accounting I use this script :
>>/usr/bin/rrdtool update ip-stats.rrd N:`/sbin/iptables -L account-ip -vxn | \
>> /usr/bin/awk 'BEGIN { getline ; getline }
>> { print $2 }' | \
>> /usr/bin/tr '
>>' ':' | /bin/sed -e 's/:$//'`
Note the '-vxn' switches to iptables. For my purposes, I arranged the rrd
database to match the iptables output order, so I just extract the second field
with awk, convert newlines to ':', and strip the extra trailing ':' - I then
have a string of the form nnn:nnn:nnn:nnn:...nnn:nnn which I can use in the rrd
update.
Arranging the rrd database like that is easy when you are simply logging a
whole network, but it does tie you down to never altering the accounting setup
without also altering the rrd database.
For traffic control logging, I have a script that extracts the tc counters into
an array and then updates a number of rrd databases. By use of the shell
substitution ':-' I can easily deal with values that aren't there. You could
possibly adapt this script, or at least get some ideas from it :
>>Now=`date +%s`
>>
>>( /sbin/tc -s class show dev ethext
>> /sbin/tc -s class show dev ethint ) | \
>> /bin/sed -e :a -e '$!N;s/\n / /;ta' -e 'P;D' | \
>> /bin/sed -r -e "s/^class htb [0-9]+:([0-9]+) .* Sent ([0-9]+) bytes
>> [0-9]+ pkt .dropped ([0-9]+),.*$/\1 \2 \3/" | \
>> /bin/grep -v '^$' | \
>> (
>> while read Class ByteCount DropCount
>> do
>> Bytes[${Class}]=${ByteCount}
>> Dropped[${Class}]=${DropCount}
>> done
>>
>>
>># Main link
>>/usr/bin/rrdtool update tc-main-in.rrd
>>${Now}:${Bytes[110]:-"U"}:${Dropped[110]:="U"}:${Bytes[111]:-"U"}:${Dropped[111]:="U"}:${Bytes[112]:-"U"}:${Dropped[112]:="U"}:${Bytes[113]:-"U"}:${Dropped[113]:="U"}:${Bytes[114]:-"U"}:${Dropped[114]:="U"}
>>/usr/bin/rrdtool update tc-main-out.rrd
>>${Now}:${Bytes[10]:-"U"}:${Dropped[10]:="U"}:${Bytes[11]:-"U"}:${Dropped[11]:="U"}:${Bytes[12]:-"U"}:${Dropped[12]:="U"}:${Bytes[13]:-"U"}:${Dropped[13]:="U"}:${Bytes[14]:-"U"}:${Dropped[14]:="U"}
--
Simon Hobson
Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
------------------------------------------------------------------------------
SF.Net email is Sponsored by MIX09, March 18-20, 2009 in Las Vegas, Nevada.
The future of the web can't happen without you. Join us at MIX09 to help
pave the way to the Next Web now. Learn more and register at
http://ad.doubleclick.net/clk;208669438;13503038;i?http://2009.visitmix.com/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
