Henrik Stoerner wrote:
On Wed, Sep 05, 2007 at 03:37:09PM +1000, Allan wrote:
Just wondering if anyone has done or has seen a way of being able to graph the number of references to an iptables chain ?
'iptables -L spammer' returns currently for example
# iptables -L spammer
Chain spammer (2269 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level debug prefix `Spammer: '
DROP all -- anywhere anywhere
Unfortunately I have zero skills when it comes to rrd and the like so I'm looking for something similar I can change to suit or for someone to be really generous and help me out.
If anyone wants it I have a (fairly) generic script that will graph the number of bytes an IP tables firewall is processing, with input output and forward in different colours :)
Cheers
Iain
Run a Hobbit client-side script that does:
#!/bin/sh
REFCOUNT=`iptables -L spammer | grep "^Chain spammer" | awk '{print $3}'|cut -c2-`
$BB $BBDISP "status $MACHINE.spammers green `date`
references: $REFCOUNT
"
exit 0
This generates a "spammers" status with the number from the "references" line in the iptables output. On the Hobbit server you then feed this through the "ncv" module - see the description in the "Custom graphs"
help page on your Hobbit server or here:
http://www.hswn.dk/hobbit/help/howtograph.html
Regards,
Henrik