FW: Traffic Graphs / TCPIP Monitoring

Thu, 8 Apr 1999 17:26:31 -0400 

Just notced I failed to attach the file I mentioned last time, so here it
is, as well as an older version ("record.pl") that works with the ipfwadm
interface if you don't have the 2.2 kernel.

The CGIs that ferch and display the data from the database are really
simple, you can see examples of the resulting pages at
http://www.riverstyx.net/trafficdemo/

---
Jeff Magnusson
River Styx Internet



#!/usr/bin/perl

use DBI;
$dbh = DBI->connect("DBI:mysql:accounting","username","password");

chop(@lines = `cat /proc/net/ip_fwchains`);
chop($date = `date +"%Y-%m-%d %H:%M:%S"`);

foreach $line (@lines) {
   @a = split(/\s/, $line);
   @b = grep /\S/, @a;
   ($chain,$path,$packets,$bytes) = ($b[0],$b[1],$b[7],$b[9]);
   ($packets == 0) and next;
   (($chain eq "acctin") or ($chain eq "acctout")) or next;
   ($tmpa,$tmpb)        = split(/->/, $path);
   ($in_ip, $in_mask)   = split(/\//, $tmpa);
   ($out_ip, $out_mask) = split(/\//, $tmpb);
   $src_ip    = &ip($in_ip);   
   $src_mask  = &ip($in_mask);   
   $dest_ip   = &ip($out_ip);   
   $dest_mask = &ip($out_mask);
   $src   = (($src_mask eq "255.255.255.255") or ($src_mask eq "0.0.0.0"))   ? $src_ip 
 : "$src_ip/$src_mask"; 
   $dest  = (($dest_mask eq "255.255.255.255") or ($dest_mask eq "0.0.0.0")) ? 
$dest_ip : "$dest_ip/$dest_mask"; 
   $prot  = "new";
   $ports = "n/a";
#   print "('$date','$packets','$bytes','$prot','$src','$dest','$ports')\n";
   $sth   = $dbh->do("insert into onemin 
values('$date','$packets','$bytes','$prot','$src','$dest','$ports')"); 
}

system("/sbin/ipchains -Z");

sub ip {
  $_ = $_[0];
  @singles = split('', $_);
  return "Invalid" if ( /[^a-fA-F0-9]/ || $#singles > 7 );
  if ( $#singles == 7 ) {
    $net = $_; 
    }
  else {
    $remainder = 7 - $#singles;
    $net = "0" x $remainder . $_;
    }
  @singles = unpack("A2A2A2A2", $net);
  $ipaddress = hex($singles[0]) . "." . hex($singles[1]) . "." .
                hex($singles[2]) . "." . hex($singles[3]);
  return $ipaddress;
}
#!/usr/bin/perl

use DBI;
$dbh = DBI->connect("DBI:mysql:accounting","username","password");

chop(@lines = `/sbin/ipfwadm -Alnx`);
chop($date = `date +"%Y-%m-%d %H:%M:%S"`);

foreach $line (@lines) {
   $line =~ /accounting rules/ and next;
   $line =~ /pkts/ and next;
   @a = split /\s/, $line;
   @b = grep /\S/, @a;
   (($b[0] == 0) and ($b[1] == 0)) and next;
   $b[4] eq "0.0.0.0/0" and $b[4] = "anywhere";
   $b[5] eq "0.0.0.0/0" and $b[5] = "anywhere";
   $str = join("','", @b);
   $statement = "insert into onemin values('$date','$str')";
   print "$statement\n";
   $sth = $dbh->prepare($statement);
   $sth->execute;
}

system("/sbin/ipfwadm -Az");

$dbh->disconnect;

Reply via email to