Initial version

2025-07-21 18:41:03 +00:00 · 2007-06-13 19:44:07 +02:00 · 2007-06-13 19:44:07 +02:00 · e908d2d28b
commit e908d2d28b
parent 4896b5fc67
1 changed files with 83 additions and 0 deletions
--- a/plugins/other/ipt_accounting_
+++ b/plugins/other/ipt_accounting_
@ -0,0 +1,83 @@
+#!/bin/sh
+#
+# iptables Accounting Tool
+#
+# What it does:
+#  It accounts data based on the counters of iptables
+#
+# How it works:
+#  You have to create a rule like this:
+#   iptables -I INPUT -m comment --comment "ACC-Name" ...
+#   iptables -I OUTPUT -m comment --comment "ACC-Name" ...
+#
+#  You can create custom rules which matches any package which should
+#  be accounted. But the comment *must* begin with "ACC-"  and a rule
+#  should be created for input and output for measuring the direction.
+#
+#  Please specify no target on this rule, so it just counts the data.
+#
+# Some Examples:
+#  iptables -I INPUT -p udp -d 12.34.56.78 --dport 8767 -m comment --comment "ACC-teamspeak"
+#  iptables -I OUTPUT -p udp -s 12.34.56.78 --sport 8767 -m comment --comment "ACC-teamspeak"
+#  iptables -I INPUT -p tcp -d 12.34.56.78 --dport 25 -m comment --comment "ACC-mailserver"
+#  iptables -I OUTPUT -p tcp -s 12.34.56.78 --sport 25 -m comment --comment "ACC-mailserver"
+#
+# This plugin needs to be run as root for iptables to work!
+#
+# created by Markus Frosch aka lazyfrosch
+# more Information on: http://www.lazyfrosch.de/linux/munin-ipt-accounting
+# based on ip_ by jimmyo
+#
+#$Log$
+#Revision 0.1  2007/06/13 16:35:00  lazyfrosch
+#First Release
+#
+# Magic markers (optional - used by munin-config and some installation
+# scripts):
+#
+#%# family=auto
+#%# capabilities=autoconf suggest
+
+ACC=`basename $0 | sed 's/^ipt_accounting_//g'`
+
+if [ "$1" = "autoconf" ]; then
+        if [ -r /proc/net/dev ]; then
+                iptables -L INPUT -v -n -x >/dev/null 2>/dev/null
+                if [ $? -gt 0 ]; then
+                        echo "no (could not run iptables as user `whoami`)"
+                        exit 1
+                else
+                        echo yes
+                        exit 0
+                fi
+        else
+                echo "no (/proc/net/dev not found)"
+                exit 1
+        fi
+fi
+
+if [ "$1" = "suggest" ]; then
+        iptables -L INPUT -v -x -n 2>/dev/null | sed -n 's/^.*\/\* ACC\-\([a-zA-Z]*\) \*\/.*$/\1/p'
+        exit 0
+fi
+
+if [ "$1" = "config" ]; then
+
+        echo "graph_order out in"
+        echo "graph_title iptables traffic for $ACC"
+        echo 'graph_args --base 1000'
+        echo 'graph_vlabel bits per ${graph_period}'
+        echo 'graph_category network'
+        echo 'out.label sent'
+        echo 'out.type DERIVE'
+        echo 'out.min 0'
+        echo 'out.cdef out,8,*'
+        echo 'in.label received'
+        echo 'in.type DERIVE'
+        echo 'in.min 0'
+        echo 'in.cdef in,8,*'
+        exit 0
+fi;
+
+iptables -L INPUT -v -n -x | grep -m1 "\/\* ACC\-"$ACC" \*\/" | awk "{ print \"in.value \" \$2 }"
+iptables -L OUTPUT -v -n -x | grep -m1 "\/\* ACC\-"$ACC" \*\/" | awk "{ print \"out.value \" \$2 }"