[hobbit] Graphing number of references to iptables chain
Iain Conochie
iain at shihad.org
Wed Sep 5 11:04:40 CEST 2007
Henrik Stoerner wrote:
> On Wed, Sep 05, 2007 at 03:37:09PM +1000, Allan wrote:
>
>> Just wondering if anyone has done or has seen a way of being able to
>> graph the number of references to an iptables chain ?
>> 'iptables -L spammer' returns currently for example
>>
>> # iptables -L spammer
>> Chain spammer (2269 references)
>> target prot opt source destination
>> LOG all -- anywhere anywhere LOG level
>> debug prefix `Spammer: '
>> DROP all -- anywhere anywhere
>>
>>
>> Unfortunately I have zero skills when it comes to rrd and the like so
>> I'm looking for something similar I can change to suit or for someone to
>> be really generous and help me out.
>>
If anyone wants it I have a (fairly) generic script that will graph the
number of bytes an IP tables firewall is processing, with input output
and forward in different colours :)
Cheers
Iain
>
> Run a Hobbit client-side script that does:
>
> #!/bin/sh
> REFCOUNT=`iptables -L spammer | grep "^Chain spammer" | awk '{print $3}'|cut -c2-`
>
> $BB $BBDISP "status $MACHINE.spammers green `date`
>
> references: $REFCOUNT
> "
>
> exit 0
>
> This generates a "spammers" status with the number from the "references"
> line in the iptables output. On the Hobbit server you then feed this
> through the "ncv" module - see the description in the "Custom graphs"
> help page on your Hobbit server or here:
> http://www.hswn.dk/hobbit/help/howtograph.html
>
>
> Regards,
> Henrik
>
>
> To unsubscribe from the hobbit list, send an e-mail to
> hobbit-unsubscribe at hswn.dk
>
>
More information about the Xymon
mailing list