jablonka.czprosek.czf

hotsanic

Subversion Repositories:
[/] [branches/] [HotSaNIC-0.5.0-jablonecka/] [modules/] [networks/] [platform/] [linux.pm] - Rev 26 Go to most recent revision

Compare with Previous - Blame - Download


package HotSaNICmod::OSdep;

use RRDs;
use lib "../../lib";

sub version {
  ($VERSION = '$Revision: 1.4 $') =~ s/.*(\d+\.\d+).*/$1/;
  return "$^O.pm $VERSION";
  }

sub sample {
  my %args=@_;

  my $IPTABLES=$args{IPTABLES};

  if ( (! -e "acct_int.dat") || (! -e "acct_ext.dat")) {
    system("$IPTABLES -L acct_int -xvn > acct_int.dat");
    system("$IPTABLES -L acct_ext -xvn > acct_ext.dat");
    }

  my %acct_int_old=readfile("acct_int.dat",$IPTABLES);
  my %acct_ext_old=readfile("acct_ext.dat",$IPTABLES);
  system("$IPTABLES -L acct_int -xvn > acct_int.dat");
  system("$IPTABLES -L acct_ext -xvn > acct_ext.dat");
  my %acct_int=readfile("acct_int.dat",$IPTABLES);
  my %acct_ext=readfile("acct_ext.dat",$IPTABLES);

  my $time=time;

  foreach my $nn (sort(keys(%acct_int))) {
    $allin=$acct_int{$nn}[1]-$acct_int_old{$nn}[1];
    $tcpin=$acct_int{$nn}[3]-$acct_int_old{$nn}[3];
    $udpin=$acct_int{$nn}[5]-$acct_int_old{$nn}[5];
    $icmpin=$acct_int{$nn}[7]-$acct_int_old{$nn}[7];
    $allout=$acct_int{$nn}[2]-$acct_int_old{$nn}[2];
    $tcpout=$acct_int{$nn}[4]-$acct_int_old{$nn}[4];
    $udpout=$acct_int{$nn}[6]-$acct_int_old{$nn}[6];
    $icmpout=$acct_int{$nn}[8]-$acct_int_old{$nn}[8];
    updatedb($args{MODNAME},$time,"int$nn",$tcpin,$udpin,$icmpin,$tcpout,$udpout,$icmpout);
    }

  foreach my $nn (sort(keys(%acct_ext))) {
    $allin=$acct_ext{$nn}[1]-$acct_ext_old{$nn}[1];
    $tcpin=$acct_ext{$nn}[3]-$acct_ext_old{$nn}[3];
    $udpin=$acct_ext{$nn}[5]-$acct_ext_old{$nn}[5];
    $icmpin=$acct_ext{$nn}[7]-$acct_ext_old{$nn}[7];
    $allout=$acct_ext{$nn}[2]-$acct_ext_old{$nn}[2];
    $tcpout=$acct_ext{$nn}[4]-$acct_ext_old{$nn}[4];
    $udpout=$acct_ext{$nn}[6]-$acct_ext_old{$nn}[6];
    $icmpout=$acct_ext{$nn}[8]-$acct_ext_old{$nn}[8];
    updatedb($args{MODNAME},$time,"ext$nn",$tcpin,$udpin,$icmpin,$tcpout,$udpout,$icmpout);
    }
  }

sub readfile {
  my ($file,$IPTABLES)=@_;
  my $ip="";
  undef my %hash;
  open (FILE,$file);
  while (<FILE>) {
    chomp;
    if (index($IPTABLES,"ipchains") >= 0 ) { ($pkt,$bytes,$target,$proto,$opt,$tosa,$tosx,$ifname,$src,$dst)=split; }
    else { ($pkt,$bytes,$target,$proto,$opt,$in,$out,$src,$dst)=split; }
    if ($pkt =~ /^[0-9]*$/ ) {
      if ($dst eq "") { ($proto,$opt,$in,$out,$src,$dst)=($target,$proto,$opt,$in,$out,$src); }
      if ($src eq "0.0.0.0/0") { $ip=$dst;$dir=1; } elsif ($dst eq "0.0.0.0/0") { $ip=$src;$dir=0; }
      if ($proto eq "all") { $prt=1 };
      if ($proto eq "tcp") { $prt=3 };
      if ($proto eq "udp") { $prt=5 };
      if ($proto eq "icmp") { $prt=7 };
      if ($ip ne "") {$hash{"$ip"}[$prt+$dir]=$bytes;}
      }
    }
  close (FILE);
  return %hash;
  }

sub updatedb {
  my ($MODNAME,$time,$name,$tcpin,$udpin,$icmpin,$tcpout,$udpout,$icmpout)=@_;
  $name =~ s/\//_/g;
  if ( !-e "rrd/$name.rrd") { system "./makerrd $name U"; }
  RRDs::update "rrd/$name.rrd",$time.":".$tcpin.":".$udpin.":".$icmpin.":".$tcpout.":".$udpout.":".$icmpout;
  if ($ERROR = RRDs::error) { print time," ",$MODNAME,": unable to update `$name.rrd': $ERROR\n"; }
  }


1;


Powered by WebSVN 2.2.1