jablonka.czprosek.czf

freenet-router

Subversion Repositories:
[/] [trunk/] [freenet-router/] [etc/] [firewall/] [account] - Rev 2

Compare with Previous - Blame - Download


#! /bin/bash
# Firewall nove generace pro Czela Debian 3.0
# Autor: Mirek Slugen
# Spoluatori: Michal Perlik, Michal Vondracek, Jan Chmelensky
# Vytvoreno: 06.11.2006
# Naposledy zmeneno: 17.09.2007
# Tento skript muzete volne sirit a upravovat.

# interni promenne tykajici se pouze account
ACCOUNT_DIR="/var/log/account"
ACCOUNT_COMPRESSION="yes"

# kazdych 120 ($INTERVAL) vterin bude graf ocekavat nova data
INTERVAL="120"

# Maximální doba čekání na nová data, po překročení bude časový úsek označen unknown
INTERVAL_0="$(($INTERVAL * 2))"

# den   - nechame kazdy vzorek (720*1*120) = (24*60*60)
# tyden - nechame kazdy 7. vzorek (1260*4*120) = (7*24*60*60)
# mesic - nechame kazdy 31. vzorek (2232*10*120) = (31*24*60*60)
# rok   - nechame kazdy 365. vzorek (4380*60*120) = (365*24*60*60)
INTERVAL_1="1:$(((24 * 60 * 60) / ($INTERVAL * 1)))"
INTERVAL_2="7:$(((7 * 24 * 60 * 60) / ($INTERVAL * 7)))"
INTERVAL_3="31:$(((31 * 24 * 60 * 60) / ($INTERVAL * 31)))"
INTERVAL_4="365:$(((365 * 24 * 60 * 60) / ($INTERVAL * 365)))"

RO="no"

account_create_dir() {
    # Vytvoříme adresářovou strutkuru
    mkdir -p "$ACCOUNT_DIR"
    mkdir -p "$ACCOUNT_DIR/graphs"
    mkdir -p "$ACCOUNT_DIR/rrd"
    chown www-data:www-data -R "$ACCOUNT_DIR/graphs"
}

rrdtool_update() {
    if [ "$ACCOUNT_COMPRESSION" == "yes" ]; then
        cp "$ACCOUNT_DIR/rrd/$1" "/tmp/account_$1"
        rrdtool update "/tmp/account_$1" -t $2 $3
        mv "/tmp/account_$1" "$ACCOUNT_DIR/rrd/$1"
    else
        rrdtool update "$ACCOUNT_DIR/rrd/$1" -t $2 $3
    fi
}

# implementace pocitani dat
account_start() {
    account_stop
    [ "$INTERNAL_IP" != "" ] && $IPTABLES -I FORWARD -j ACCOUNT --addr $INTERNAL_IP --tname account
    [ "$EXTERNAL_IP" != "" ] && $IPTABLES -I FORWARD -j ACCOUNT --addr $EXTERNAL_IP --tname account_ext
    #if [ "`$IPTABLES -L FORWARD | grep eth_accept`" != "" ]; then
    #   $IPTABLES -I eth_accept -j ACCOUNT --addr $INTERNAL_IP --tname account
    #fi
}

account_stop() {
    for I in `$IPTABLES -L FORWARD -n -v --line-numbers | grep ACCOUNT | awk '{print $1}' | sort -r -n`; do
        $IPTABLES -D FORWARD $I
    done
    #for I in `$IPTABLES -L eth_accept -n -v --line-numbers | grep ACCOUNT | awk '{print $1}' | sort -r -n`; do
    #   $IPTABLES -D eth_accept $I
    #done
}

account_restart() {
    account_start
}

account_reset() {
    iptaccount -f -l account &>/dev/null
    iptaccount -f -l account_ext &>/dev/null
    rm -f "$ACCOUNT_DIR/data.txt"
}

account_graphs_generate_ip() {
    account_create_dir

    # Načteme nová data
    local DATA=`iptaccount -f -l account 2>/dev/null | grep "IP" | awk '{print $2":"$7":"$12}'`"
"`iptaccount -f -l account_ext 2>/dev/null | grep "IP" | awk '{print $2":"$7":"$12}'`
    local DATA_OLD=`grep -v \# "$ACCOUNT_DIR/data.txt"`

    local CTIME="`grep \# \"$ACCOUNT_DIR/data.txt\"`"

    # UloŞíme novå data do tmp souborů, protoŞe je rychlejťí grepovat IP adresy
    # ze souboru, neĹž pomocĂ­ echa.
    echo "$DATA" > "/tmp/account_data.txt"
    echo "$DATA_OLD" > "/tmp/account_data_old.txt"

    # Zachováváme datum vytvoření
    if [ "$CTIME" == "" ]; then
        DATA_I="# vytvoreno `date +%H:%M\" \"%d.%m.%Y`
"
    else
        DATA_I="$CTIME
"
    fi

    # zpracujeme data pro nove adresy
    for I in $DATA; do
        # rychlejsi zpusob ziskani dat
        IFS=$' :\t\n'
        I=( $I )
        IFS=$' \t\n'

        # zpracovavana IP adresa, aktualni upload a download
        IP=${I[0]}
        DOWNLOAD=${I[1]}
        UPLOAD=${I[2]}

        # Nebudeme uklĂĄdat IP adresy, kterĂŠ majĂ­ nulovĂ˝ upload, nebo download,
        # protože jde většinou jen o skenování sítě, teoreticky by bylo vhodné
        # použít nějaký limit pro druhou nenulovou hodnotu, například 1024 bitů
        # by stačilo aby byla IP brána jako aktivní.
        ( [ "$DOWNLOAD" == "" ] || [ "$UPLOAD" == "" ] ) && continue
        ( [ "$DOWNLOAD" == "0" ] || [ "$UPLOAD" == "0" ] ) && continue

        # starĂ˝ upload a download
        IFS=$' :\t\n'
        I_OLD=( `grep -F "$IP:" "/tmp/account_data_old.txt"` )
        IFS=$' \t\n'

        # součet downloadu a uploadu
        if [ "${I[0]}" == "${I_OLD[0]}" ]; then
            DOWNLOAD_NEW=$((${I_OLD[1]} + $DOWNLOAD))
            UPLOAD_NEW=$((${I_OLD[2]} + $UPLOAD))
        else
            DOWNLOAD_NEW=$DOWNLOAD
            UPLOAD_NEW=$UPLOAD
        fi

        # rychlost
        DOWNLOAD_RATE=$(($DOWNLOAD / $INTERVAL))
        UPLOAD_RATE=$(($UPLOAD / $INTERVAL))

        # nechceme ukladat data casto, proto je nacteme do promenne a pak ulozime najdnou, musime odradkovat!
        DATA_I=$DATA_I"$IP:$DOWNLOAD_NEW:$UPLOAD_NEW:$DOWNLOAD_RATE:$UPLOAD_RATE
"
        # vytvorime rrd soubor
        [ ! -e "$ACCOUNT_DIR/rrd/host-$IP.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/host-$IP.rrd" \
            --step $INTERVAL \
            DS:in:GAUGE:$INTERVAL_0:0:U \
            DS:out:GAUGE:$INTERVAL_0:0:U \
            RRA:AVERAGE:0.5:$INTERVAL_1 \
            RRA:AVERAGE:0.5:$INTERVAL_2 \
            RRA:AVERAGE:0.5:$INTERVAL_3 \
            RRA:AVERAGE:0.5:$INTERVAL_4
            # Do proměnné in a out se uloží data, bude použit model GAUGE, každá
            # hodnota odpovída přesně reálné hodnotě, není přírustková.
            # MinimĂĄlnĂ­ hodnota je 0, maximĂĄlnĂ­ je unlimited (U).
        rrdtool_update "host-$IP.rrd" in:out N:$UPLOAD_RATE:$DOWNLOAD_RATE
    done

    # Musíme uložit aktuální data z aktivních ip, abychom při následném prohledávání
    # brali v potaz jen jiĹž uloĹženĂŠ ip adresy.
    echo "$DATA_I" > "/tmp/account_data.txt"

    # zpracujeme data i pro stare adresy, toto ma obrovsky vliv na vykon
    for I in $DATA_OLD; do
        IFS=$' :\t\n'
        I=( $I )
        IFS=$' \t\n'

        IP=${I[0]}
        DOWNLOAD=${I[1]}
        UPLOAD=${I[2]}

        # Nebudeme uklĂĄdat IP adresy, kterĂŠ majĂ­ nulovĂ˝ upload, nebo download,
        # protože jde většinou jen o skenování sítě!
        ( [ "$DOWNLOAD" == "" ] || [ "$UPLOAD" == "" ] ) && continue
        ( [ "$DOWNLOAD" == "0" ] || [ "$UPLOAD" == "0" ] ) && continue

        # PokaĹždĂŠ grepovat v souboru je opravdu velmi nevhodnĂŠ, ale rychlejĹĄĂ­
        # než echo celé proměnné data.
        [ "`grep -F \"$IP:\" \"/tmp/account_data.txt\"`" != "" ] && continue

        # UloŞíme data
        DATA_I=$DATA_I"$IP:$DOWNLOAD:$UPLOAD:0:0
"
        # OtĂĄzka je jestli vĹŻbec mĂĄ cenu aktualizovat data pro neaktivnĂ­ ip adresy
        # může to mít nepříznivý vliv na výkon při větším počtu klientů a jediné co nám to dává
        # je lepší přesnost v grafec, místo údaje Na bude 0 hodnota.
        # Pokud monitorujete velké množstí adres, pak následující řádky raději zakomentujte.
        [ "$ACCOUNT_GRAPHS_IP_EX" != "yes" ] && continue
        # vytvorime rrd soubor
        [ ! -e "$ACCOUNT_DIR/rrd/host-$IP.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/host-$IP.rrd" \
            --step $INTERVAL \
            DS:in:GAUGE:$INTERVAL_0:0:U \
            DS:out:GAUGE:$INTERVAL_0:0:U \
            RRA:AVERAGE:0.5:$INTERVAL_1 \
            RRA:AVERAGE:0.5:$INTERVAL_2 \
            RRA:AVERAGE:0.5:$INTERVAL_3 \
            RRA:AVERAGE:0.5:$INTERVAL_4
        rrdtool_update "host-$IP.rrd" in:out N:0:0
    done

    # ZapĂ­ĹĄeme novĂĄ data najednou
    echo "$DATA_I" > "$ACCOUNT_DIR/data.txt"

    # SmaĹžeme tmp soubory
    rm -f "/tmp/account_data.txt"
    rm -f "/tmp/account_data_old.txt"
}

account_graphs_generate_system() {
    account_create_dir

    # používaná proměnná, do které ukládáme získané informace
    local DATA=""

    # zátěž procesoru
    local CPU_DATA=`cat /proc/stat`
    local CPU_DATA_OLD=`cat $ACCOUNT_DIR/cpu_load_data.txt 2>/dev/null`

    echo "$CPU_DATA" > "$ACCOUNT_DIR/cpu_load_data.txt"

    local CPU_LOAD=""

    if [ "$CPU_DATA_OLD" != "" ]; then
        IFS=$'\t\n'
        for I in $CPU_DATA; do
            IFS=$' \t\n'
            I=( $I )
            [ "${I[0]:0:3}" != "cpu" ] && continue
            IFS=$'\t\n'
            for J in $CPU_DATA_OLD; do
                IFS=$' \t\n'
                J=( $J )
                [ "${I[0]}" != "${J[0]}" ] && continue
                # našli jsme odpovídající předchozí data
                TIME=$((${I[1]} + ${I[2]} + ${I[3]} + ${I[4]} + ${I[5]} + ${I[6]} + ${I[7]} - ${J[1]} - ${J[2]} - ${J[3]} - ${J[4]} - ${J[5]} - ${J[6]} - ${J[7]}))
                LOAD=$((100 - ((100 * (${I[4]} - ${J[4]})) / $TIME)))
                LOAD_USER=$(((100 * (${I[1]} - ${J[1]})) / $TIME))
                LOAD_USER_NICE=$(((100 * (${I[2]} - ${J[2]})) / $TIME))
                LOAD_SYSTEM=$(((100 * (${I[3]} - ${J[3]})) / $TIME))
                LOAD_IOWAIT=$(((100 * (${I[5]} - ${J[5]})) / $TIME))
                LOAD_HARDIRQ=$(((100 * (${I[6]} - ${J[6]})) / $TIME))
                LOAD_SOFTIRQ=$(((100 * (${I[7]} - ${J[7]})) / $TIME))
                break
            done
            CPU_LOAD=$CPU_LOAD"${I[0]} $LOAD
"
            DATA=$DATA"${I[0]}_load $LOAD
${I[0]}_load_user $LOAD_USER
${I[0]}_load_user_nice $LOAD_USER_NICE
${I[0]}_load_system $LOAD_SYSTEM
${I[0]}_load_iowait $LOAD_IOWAIT
${I[0]}_load_hardirq $LOAD_HARDIRQ
${I[0]}_load_softirq $LOAD_SOFTIRQ
"
        done
        IFS=$' \t\n'
    else
        # Pro tvorbu grafu musíme získat alespoň počet procesorů, jinak
        # bychom při prvním načtení vytvořili chybný soubor.
        for I in $CPU_DATA; do
            IFS=$' \t\n'
            I=( $I )
            [ "${I[0]:0:3}" != "cpu" ] && continue
            CPU_LOAD=$CPU_LOAD"${I[0]} 0
"
            DATA=$DATA"${I[0]}_load 0
${I[0]}_load_user 0
${I[0]}_load_user_nice 0
${I[0]}_load_system 0
${I[0]}_load_iowait 0
${I[0]}_load_hardirq 0
${I[0]}_load_softirq 0
"
        done
    fi

    echo "$CPU_LOAD" > "$ACCOUNT_DIR/cpu_load.txt"

    # vyuĹžitĂ­ RAM
    IFS=$' \t\n'
    local MEM_DATA=( `awk '{print $2}' /proc/meminfo` )

    DATA=$DATA"mem_total ${MEM_DATA[0]}
mem_used $(((${MEM_DATA[0]} - ${MEM_DATA[1]}) * 1024))
mem_buffers $((${MEM_DATA[2]} * 1024))
mem_cached $((${MEM_DATA[3]} * 1024))
mem_active $((${MEM_DATA[5]} * 1024))
mem_inact $((${MEM_DATA[6]} * 1024))
mem_mapped $((${MEM_DATA[16]} * 1024))
mem_slab $((${MEM_DATA[17]} * 1024))
swap_total $((${MEM_DATA[11]} * 1024))
swap_used $(((${MEM_DATA[11]} - ${MEM_DATA[12]}) * 1024))
"

    # obsazenĂ­ rootfs, tmpfs a tmpfs_small
    local FS_DATA=`df / /var/tmpfs /var/tmpfs/small 2>/dev/null`

    IFS=$'\t\n'
    for I in $FS_DATA; do
        IFS=$' \t\n'
        I=( $I )
        if [ "${I[5]}" == "/" ]; then
            ROOT_TOTAL=$((${I[1]} * 1024))
            ROOT_USED=$((${I[2]} * 1024))
        elif [ "${I[5]}" == "/var/tmpfs" ]; then
            TMPFS_TOTAL=$((${I[1]} * 1024))
            TMPFS_USED=$((${I[2]} * 1024))
        elif [ "${I[5]}" == "/var/tmpfs/small" ]; then
            TMPFSS_TOTAL=$((${I[1]} * 1024))
            TMPFSS_USED=$((${I[2]} * 1024))
        fi
    done
    IFS=$' \t\n'

    DATA=$DATA"root_total $ROOT_TOTAL
root_used $ROOT_USED
tmpfs_total $TMPFS_TOTAL
tmpfs_used $TMPFS_USED
tmpfss_total $TMPFSS_TOTAL
tmpfss_used $TMPFSS_USED
"

    # Počet aktivní počítačů na základě conntrack, bohužel složité matchování na základě
    # daného interního rozsahu by bylo nepřiměřeně pomalé, proto správně matchuje pouze
    # rozsahy: 0.0.0.0/0, X.0.0.0/8, X.X.0.0/16 a X.X.X.0/24
    IFS=$'/.\t\n'
    local INTERNAL_IP=( $INTERNAL_IP )
    IFS=$' \t\n'
    [ "${INTERNAL_IP[0]}" != "0" ] && POM_IP="${INTERNAL_IP[0]}."
    [ "${INTERNAL_IP[1]}" != "0" ] && POM_IP="$POM_IP${INTERNAL_IP[1]}."
    [ "${INTERNAL_IP[2]}" != "0" ] && POM_IP="$POM_IP${INTERNAL_IP[2]}."
    [ "${INTERNAL_IP[3]}" != "0" ] && POM_IP="$POM_IP${INTERNAL_IP[3]}"
    local ACTIVE_IPS=`awk '{print $5}' /proc/net/ip_conntrack | cut -d= -f2 | grep -F $POM_IP | sort -u | wc -l`

    DATA=$DATA"active_ips $ACTIVE_IPS
"
    echo "$ACTIVE_IPS" > "$ACCOUNT_DIR/users.txt"

    local CREATE_DATA=""
    local UPDATE_DATA1=""
    local UPDATE_DATA2=""

    IFS=$'\t\n'
    for I in $DATA; do
        IFS=$' \t\n'
        I=( $I )
        CREATE_DATA=$CREATE_DATA" DS:${I[0]}:GAUGE:$INTERVAL_0:0:U"
        UPDATE_DATA1=$UPDATE_DATA1":${I[0]}"
        UPDATE_DATA2=$UPDATE_DATA2":${I[1]}"
    done
    IFS=$' \t\n'

    # Samotné vytvoření rrd souboru
    [ ! -e "$ACCOUNT_DIR/rrd/system.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/system.rrd" \
        --step $INTERVAL $CREATE_DATA \
        RRA:AVERAGE:0.5:$INTERVAL_1 \
        RRA:AVERAGE:0.5:$INTERVAL_2 \
        RRA:AVERAGE:0.5:$INTERVAL_3 \
        RRA:AVERAGE:0.5:$INTERVAL_4

    # aktualizujeme data
    rrdtool_update "system.rrd" ${UPDATE_DATA1:1} N$UPDATE_DATA2
}

# funkce vyžaduje kompletní přepsání a optimalizaci
account_graphs_generate_interfaces() {
    account_create_dir

    # načteme základní data
    local DATA=`grep -F ":" /proc/net/dev | sed 's/:/ /g'`
    local DATA_OLD=`cat "$ACCOUNT_DIR/interfaces.txt" 2>/dev/null`

    echo "$DATA" > "$ACCOUNT_DIR/interfaces.txt"

    # data pro generování celkových přenesených dat na rozhraní
    local DATA_2=""
    local DATA_2_OLD=`cat "$ACCOUNT_DIR/interfaces_data.txt" 2>/dev/null`

    local TOTAL_DOWNLOAD="0"
    local TOTAL_UPLOAD="0"

    local TOTAL_DOWNLOAD_RATE="0"
    local TOTAL_UPLOAD_RATE="0"

    # Pro vytvoření statistik potřebujeme předchozí data
    if [ "$DATA_OLD" != "" ]; then
        IFS=$'\t\n'
        for I in $DATA; do
            IFS=$' \t\n'
            I=( $I )
            [ "${I[0]:1:2}" != "th" ] && [ "${I[0]:0:4}" != "wlan" ] && continue

            DOWNLOAD=${I[1]}
            UPLOAD=${I[9]}

            DOWNLOAD_DIFF="0"
            UPLOAD_DIFF="0"

            DOWNLOAD_RATE="0"
            UPLOAD_RATE="0"

            DOWNLOAD_TOTAL="0"
            UPLOAD_TOTAL="0"

            # V pĹŻvodnĂ­ch datech najdeme rozhranĂ­
            IFS=$'\t\n'
            for J in $DATA_OLD; do
                IFS=$' \t\n'
                J=( $J )
                [ "${I[0]}" != "${J[0]}" ] && continue
                DOWNLOAD_OLD=${J[1]}
                UPLOAD_OLD=${J[9]}

                # počítadla na rozhraní přetékají po přenesení 4 GB dat
                if [ "$DOWNLOAD" -lt "$DOWNLOAD_OLD" ]; then
                    DOWNLOAD_DIFF=$(($DOWNLOAD + ( 4 * 1024 * 1024 * 1024 ) - $DOWNLOAD_OLD))
                else
                    DOWNLOAD_DIFF=$(($DOWNLOAD - $DOWNLOAD_OLD))
                fi
                if [ "$UPLOAD" -lt "$UPLOAD_OLD" ]; then
                    UPLOAD_DIFF=$(($UPLOAD + ( 4 * 1024 * 1024 * 1024 ) - $UPLOAD_OLD))
                else
                    UPLOAD_DIFF=$(($UPLOAD - $UPLOAD_OLD))
                fi

                # spočítáme aktuální přenosovu rychlost na rozhraní
                DOWNLOAD_RATE=$(($DOWNLOAD_DIFF / $INTERVAL))
                UPLOAD_RATE=$(($UPLOAD_DIFF / $INTERVAL))
                break
            done

            # Výpočet stažených dat na rozhraní
            IFS=$'\t\n'
            for J in $DATA_2_OLD; do
                IFS=$' \t\n'
                J=( $J )
                [ "${I[0]}" != "${J[0]}" ] && continue
                DOWNLOAD_TOTAL=$((${J[1]} + $DOWNLOAD_DIFF))
                UPLOAD_TOTAL=$((${J[2]} + $UPLOAD_DIFF))
                break
            done

            [ "$DOWNLOAD_TOTAL" == "0" ] && DOWNLOAD_TOTAL="$DOWNLOAD"
            [ "$UPLOAD_TOTAL" == "0" ] && UPLOAD_TOTAL="$UPLOAD"

            DATA_2=$DATA_2"${I[0]} $DOWNLOAD_TOTAL $UPLOAD_TOTAL $DOWNLOAD_RATE $UPLOAD_RATE
"

            # UloŞíme průtok rozhraním
            [ ! -e "$ACCOUNT_DIR/rrd/interface-${I[0]}.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/interface-${I[0]}.rrd" \
                --step $INTERVAL \
                DS:in:GAUGE:$INTERVAL_0:0:U \
                DS:out:GAUGE:$INTERVAL_0:0:U \
                RRA:AVERAGE:0.5:$INTERVAL_1 \
                RRA:AVERAGE:0.5:$INTERVAL_2 \
                RRA:AVERAGE:0.5:$INTERVAL_3 \
                RRA:AVERAGE:0.5:$INTERVAL_4
            rrdtool_update "interface-${I[0]}.rrd" in:out N:$DOWNLOAD_RATE:$UPLOAD_RATE

            TOTAL_DOWNLOAD=$(($DOWNLOAD_TOTAL + $TOTAL_DOWNLOAD))
            TOTAL_UPLOAD=$(($UPLOAD_TOTAL + $TOTAL_UPLOAD))

            TOTAL_DOWNLOAD_RATE=$(($DOWNLOAD_RATE + $TOTAL_DOWNLOAD_RATE))
            TOTAL_UPLOAD_RATE=$(($UPLOAD_RATE + $TOTAL_UPLOAD_RATE))
        done
        IFS=$' \t\n'
    fi

    DATA_2=$DATA_2"all $TOTAL_DOWNLOAD $TOTAL_UPLOAD $TOTAL_DOWNLOAD_RATE $TOTAL_UPLOAD_RATE
"

    # CelkovĂĄ data protĂŠkajĂ­cĂ­ skrze router
    [ ! -e "$ACCOUNT_DIR/rrd/interface-all.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/interface-all.rrd" \
        --step $INTERVAL \
        DS:all:GAUGE:$INTERVAL_0:0:U \
        RRA:AVERAGE:0.5:$INTERVAL_1 \
        RRA:AVERAGE:0.5:$INTERVAL_2 \
        RRA:AVERAGE:0.5:$INTERVAL_3 \
        RRA:AVERAGE:0.5:$INTERVAL_4
    rrdtool_update "interface-all.rrd" all N:$(($TOTAL_DOWNLOAD_RATE + $TOTAL_UPLOAD_RATE))

    echo "$DATA_2" > "$ACCOUNT_DIR/interfaces_data.txt"
}

account_graphs_generate_pings() {
    account_create_dir

    [ ! -e "/etc/firewall/routers.conf" ] && return 0

    # načteme data
    local DATA=`grep -F "." /etc/firewall/routers.conf | awk '{print $1}'`
    local DATA_OLD=`grep -v \# "$ACCOUNT_DIR/routers.txt"`
    local DATA_NEW=""

    # Zpracujeme data
    for I in $DATA; do
        [ "${I:0:1}" == "#" ] && continue

        GOOD="0"
        BAD="0"

        IFS=$'\t\n'
        for J in $DATA_OLD; do
            IFS=$': \t\n'
            J=( $J )
            IFS=$' \t\n'
            [ "$I" != "${J[0]}" ] && continue
            GOOD="${J[1]}"
            BAD="${J[2]}"
            break
        done

        IFS=$'\/ \t\n'
        RESPONSE=( `ping $I -c 1 -s 1024 -q -v -W 1 | grep min 2>/dev/null` )
        IFS=$' \t\n'

        if [ "${RESPONSE[7]}" == "" ]; then
            ((BAD++))
        else
            ((GOOD++))
        fi

        DATA_NEW=$DATA_NEW"$I:$GOOD:$BAD
"
        # Vytvoříme graf
        [ ! -e "$ACCOUNT_DIR/rrd/ping-$I.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/ping-$I.rrd" \
            --step $INTERVAL \
            DS:response:GAUGE:$INTERVAL_0:0:U \
            RRA:AVERAGE:0.5:$INTERVAL_1 \
            RRA:AVERAGE:0.5:$INTERVAL_2 \
            RRA:AVERAGE:0.5:$INTERVAL_3 \
            RRA:AVERAGE:0.5:$INTERVAL_4
        rrdtool_update "ping-$I.rrd" response N:${RESPONSE[7]}
    done

    echo "$DATA_NEW" > "$ACCOUNT_DIR/routers.txt"
}

account_graphs_get_mikrotik_wifi_clients() {
    account_create_dir

    [ ! -e "/etc/firewall/mikrotik.conf" ] && return 0

    local DATA=`grep -F "." /etc/firewall/mikrotik.conf`
    local DATA_NEW=""

    IFS=$'\t\n'
    for I in $DATA; do
        IFS=$' \t\n'
        I=( $I )
        [ "${I[0]:0:1}" == "#" ] && continue
        DATA_NEW=$DATA_NEW"`mikrotik_get -ip=${I[0]} -name=${I[1]} -pwd=${I[2]} -cmd=\"interface wireless registration-table print\" | grep \":\" | sed 's/\r\$//'`"
    done
    IFS=$' \t\n'

    echo "$DATA_NEW" > "$ACCOUNT_DIR/mikrotik_wifi.txt"
}

account_graphs_generate_signal() {
    account_create_dir

    local DATA=""

    # madwifi
    for I in `ls /proc/net/madwifi/ 2>/dev/null`; do
        # z madwifi lze získat data přes wlanconfig i iwlist
        #iwlist $I peers
        IFS=$'\t\n'
        CLIENTS=`wlanconfig $I list | grep ":" | tr [:lower:] [:upper:]`
        for CLIENT in $CLIENTS; do
            IFS=$' \t\n'
            CLIENT=( $CLIENT )
            DATA=$DATA"$I ${CLIENT[0]} ${CLIENT[5]}
"
            IFS=$'\t\n'
        done
        IFS=$' \t\n'
    done

    # hostap
    for I in `ls /proc/net/hostap/ 2>/dev/null`; do
        # hostap ukrývå vťe v proc
        IFS=$'\t\n'
        CLIENTS=`ls /proc/net/hostap/$I/ | grep ":"`
        for CLIENT in $CLIENTS; do
            IFS=$' =\t\n'
            SIGNAL=( `grep "signal" /proc/net/hostap/$I/$CLIENT` )
            IFS=$' \t\n'
            DATA=$DATA"$I $CLIENT ${SIGNAL[5]}
"
            IFS=$'\t\n'
        done
        IFS=$' \t\n'
    done

    # Klasický iwlist, například madwifi dělá takto bgscan, takže jde spíš
    # o scan, nežli o měření signálu klientů.
    #IFS=$'\t\n'
    #for I in `ip link show 2>/dev/null | grep -E "wlan|ath"`; do
    #    IFS=$' :\t\n'
    #    I=( $I )
    #    IFS=$'\t\n'
    #    CLIENTS=`iwlist ${I[1]} peers | grep ":" | grep -i "signal" | tr [:lower:] [:upper:]`
    #    for CLIENT in $CLIENTS; do
    #        IFS=$' =\t\n'
    #        CLIENT=( $CLIENT )
    #        IFS=$' \t\n'
    #        DATA=$DATA"${I[1]} ${CLIENT[0]} ${CLIENT[6]}
#"
    #        IFS=$'\t\n'
    #    done
    #    IFS=$' \t\n'
    #done

    # Nahrajeme data takĂŠ pro mikrotik
    if [ -e "$ACCOUNT_DIR/mikrotik_wifi.txt" ] && [ "$ACCOUNT_GRAPHS_MK_SIGNAL" == "yes" ]; then
        CLIENTS=`grep ":" "$ACCOUNT_DIR/mikrotik_wifi.txt"`
        IFS=$'\t\n'
        for CLIENT in $CLIENTS; do
            IFS=$' \t\n'
            CLIENT=( $CLIENT )
            # Mikrotik občas nezašle RADIO-NAME a tím rozhodí pořadí
            if [ "${CLIENT[3]:2:1}" == ":" ]; then
                DATA=$DATA"${CLIENT[1]} ${CLIENT[3]} -${CLIENT[5]//[^0-9]/}
"
            elif [ "${CLIENT[2]:2:1}" == ":" ]; then
                DATA=$DATA"${CLIENT[1]} ${CLIENT[2]} -${CLIENT[4]//[^0-9]/}
"
            fi
            IFS=$'\t\n'
        done
        IFS=$' \t\n'
    fi

    # hromadně změníme vše na velká písmena
    DATA="`echo \"$DATA\" | tr [:lower:] [:upper:]`"

    IFS=$'\t\n'
    for I in $DATA; do
        IFS=$' \t\n'
        I=( $I )
        # rrdtool nesnese v názvu soubor se vstupními daty dvojtečky
        MAC=${I[1]//:/-}
        [ ! -e "$ACCOUNT_DIR/rrd/signal-$MAC.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/signal-$MAC.rrd" \
            --step $INTERVAL \
            DS:signal:GAUGE:$INTERVAL_0:-100:0 \
            RRA:AVERAGE:0.5:$INTERVAL_1 \
            RRA:AVERAGE:0.5:$INTERVAL_2 \
            RRA:AVERAGE:0.5:$INTERVAL_3 \
            RRA:AVERAGE:0.5:$INTERVAL_4
        # aktualizujeme data pro vsechny karty
        rrdtool_update "signal-$MAC.rrd" signal N:${I[2]}
        IFS=$'\t\n'
    done
    IFS=$' \t\n'
}

account_graphs_generate_drives() {
    account_create_dir

    # Načteme data, jen lokální disky, zobrazit typ a postfix zobrazení
    local DATA=`df -lTP`
    local DATA_NEW=""

    local DRIVES=""
    local SIZES=""

    IFS=$'\t\n'
    for I in $DATA; do
        IFS=$' \t\n'
        I=( $I )
        [ "${I[0]}" == "/dev/root" ] && I[0]="/dev/`readlink /dev/root`"

        if [ "${I[0]%/*}" == "/dev" ]; then
            # Musíme předejít bind mountům, nezpracováváme již zpracovaný disk.
            [ "`echo \"$DRIVES\" | grep -x \"${I[0]}\"`" != "" ] && continue
            DRIVES=$DRIVES"${I[0]}
"
            DRIVE=${I[0]##*/}
            TYPE="drive"
        elif [ "${I[0]}" == "tmpfs" ] || [ "${I[0]}" == "cf_main" ]; then
            # Musíme předejít bind mountům, nezpracováváme již zpracovaný disk.
            [ "`echo \"$SIZES\" | grep -x \"${I[2]}-${I[3]}\"`" != "" ] && continue
            SIZES=$SIZES"${I[2]}-${I[3]}
"
            # nahradíme všechny / pomlčkou a odstraníme první pomlčku
            DRIVE=${I[6]//\//-}
            DRIVE=${DRIVE:1}
            TYPE="tmpfs"
        else
            continue
        fi

        TOTAL=$((${I[2]} * 1024))
        USED=$((${I[3]} * 1024))

        # Vytvoříme graf
        [ ! -e "$ACCOUNT_DIR/rrd/$TYPE-$DRIVE.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/$TYPE-$DRIVE.rrd" \
            --step $INTERVAL \
            DS:total:GAUGE:$INTERVAL_0:0:U \
            DS:used:GAUGE:$INTERVAL_0:0:U \
            RRA:AVERAGE:0.5:$INTERVAL_1 \
            RRA:AVERAGE:0.5:$INTERVAL_2 \
            RRA:AVERAGE:0.5:$INTERVAL_3 \
            RRA:AVERAGE:0.5:$INTERVAL_4
        rrdtool_update "$TYPE-$DRIVE.rrd" total:used N:$TOTAL:$USED
    done
}

account_graphs_reset() {
    rm -rf "$ACCOUNT_DIR/rrd/"*
    rm -rf "$ACCOUNT_DIR/graphs/"*
    rm -f "$ACCOUNT_DIR/cpu_load.txt"
    rm -f "$ACCOUNT_DIR/cpu_load_data.txt"
    rm -f "$ACCOUNT_DIR/data.txt"
    rm -f "$ACCOUNT_DIR/interfaces.txt"
    rm -f "$ACCOUNT_DIR/interfaces_data.txt"
    rm -f "$ACCOUNT_DIR/mikrotik_wifi.txt"
    rm -f "$ACCOUNT_DIR/routers.txt"
    rm -f "$ACCOUNT_DIR/signals.txt"
    rm -f "$ACCOUNT_DIR/users.txt"
    iptaccount -f -l account &>/dev/null
    iptaccount -f -l account_ext &>/dev/null
}

# automaticke spousteni generovani grafu pro webove rozhrani
if [ "$ACCOUNT_GRAPHS" == "yes" ] && [ "$ACCOUNT" == "yes" ] && [ "$FIREWALL" == "yes" ] && [ ! -e "/etc/cron.d/account_graphs" ]; then
    echo -n "Creating cron file for firewall account..."

    ro_test "/etc/cron.d/account_graphs"

    echo "# Created by firewall script for account" > /etc/cron.d/account_graphs
    echo "*/2    * * * * root    /etc/init.d/firewall account_graphs_generate" >> /etc/cron.d/account_graphs

    ro_exit

    echo "done."
elif ( [ "$ACCOUNT" != "yes" ] || [ "$ACCOUNT_GRAPHS" != "yes" ]  || [ "$FIREWALL" != "yes" ] || [ "$1" == "account_stop" ] ) && [ -e "/etc/cron.d/account_graphs" ] && [ "`basename $0`" != "account" ]; then
    echo -n "Deleting cron file for firewall account..."

    ro_test "/etc/cron.d/account_graphs"

    rm -f "/etc/cron.d/account_graphs" 2>/dev/null

    ro_exit

    echo "done."
fi


Powered by WebSVN 2.2.1