Ключевые слова:freebsd, ipfw, traffic, (найти похожие документы)
From: Pahanivo <upf@int-ural.ru.>
Newsgroups: email
Date: Mon, 19 Nov 2006 18:21:07 +0000 (UTC)
Subject: Простой скрипт для учета трафика ipfw count правил FreeBSD.
Данный скрипт не предназначем для каких то либо сложных и точных подсчетов.
Он просто собирает статистику из правил типа count в ipfw с последующим
сбросом счетчиков.
Подойдет для NAT шлюза на слабой машинке когда нужно посчитать трафик
локальных пользователей без особых извращений.
Хранит статистику помесячно в отдельном файле для каждого ip адреса в
структуре каталогов по годам и месяцам, архивирует предыдущие месяцы.
stcounter - сам скрипт
#!/bin/sh
#Stupid Traffic Counter v 1.1
#CopyLeft Ustyugov Pavel aka Pahanivo
#
# This script count traffic from ipfw rules "count" type.
#
# For example:
# 01000 divert 8668 ip from any to any via rl0
# > 01010 count ip from any to 10.0.0.2 out via rl1
# > 01020 count ip from any to 10.0.0.3 out via rl1
# !WARNING! Script process ONLY THIS RULE FORMAT!
#
# rl0 - external interface, rl1 - internal
#
# This script tested ONLY on FreeBSD, for ipfw.
#
# To mass create ip rules use this
# in /etc/rc.firewall:
#
# IPNUM=2
# while [ $IPNUM -lt 256 ]
# do
# ${fwcmd} add count all from any to 10.0.0.${IPNUM} out via ${iif}
# IPNUM=`expr $IPNUM + 1`
# done
#
# Crontab example:
# */15 * * * * root /usr/local/stcounter/stcounter
#
# Script zip statictic data for previous month new month begin then.
# For use stview script for previous mont you must unzip(untar)
# stat archive or you can disable archiving by comment "arc previous
# month" section (see below).
#
# To see stat use "stview" script.
#
PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin"
#setup this
BASEDIR=/usr/local/stcounter
BASESTATDIR=/usr/local/stcounter/stat
#date processing
YDATEY=`date -v-1d "+%Y`
YDATEM=`date -v-1d "+%m`
DATE=`date "+%Y/%m/%d %H:%M`
DATEY=`date "+%Y`
DATEM=`date "+%m`
#create stat dir
if [ ! -d $BASESTATDIR/$DATEY/$DATEM ]; then
mkdir -p $BASESTATDIR/$DATEY/$DATEM
fi
#save counters and zeroing
ipfw -a list > $BASEDIR/IPFW_OUT && ipfw -q zero
#clearing stats
grep " count " $BASEDIR/IPFW_OUT |\
awk '{if ($3 > 0) print $3,$9}' > $BASEDIR/IP_STAT
#save
exec 3<&0 0<$BASEDIR/IP_STAT
while read LINE
do
DATASIZE=`echo $LINE | awk '{print $1}'`
DATAIP=`echo $LINE | awk '{print $2}'`
DATAIP=`echo $DATAIP | sed 's/\//\\\/g'`
echo "$DATASIZE $DATE" >> $BASESTATDIR/$DATEY/$DATEM/$DATAIP
done
exec 0<&3
#arc previous month
if [ $YDATEM -ne $DATEM ]; then
if [ -d $BASESTATDIR/$YDATEY/$YDATEM ]; then
cd $BASESTATDIR/$YDATEY/
tar -cf - $YDATEM |\
bzip2 -9 > $BASESTATDIR/$YDATEY/$YDATEM.tar.bz2
rm -r $BASESTATDIR/$YDATEY/$YDATEM
fi
fi
#remove tmp
rm $BASEDIR/IPFW_OUT $BASEDIR/IP_STAT
stview - отображалка трафика
----------------------------
#!/bin/sh
#Stupid Traffic View v 1.2
#CopyLeft Ustyugov Pavel aka Pahanivo
PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin:/usr/local/sbin"
#setup this
BASEDIR=/usr/local/stcounter
BASESTATDIR=/usr/local/stcounter/stat
echo "Enter date"
echo -n "Year (xxxx): "
read RDATEY
echo -n "Month (xx): "
read RDATEM
echo ""
if [ -d $BASESTATDIR/$RDATEY/$RDATEM ]; then
for statfile in `ls -A $BASESTATDIR/$RDATEY/$RDATEM`
do
SUMMA=`awk '{summ+=$1} END {print summ}'
$BASESTATDIR/$RDATEY/$RDATEM/$statfile`
echo "$SUMMA $statfile" >> $BASEDIR/REPORT
done
else
echo "No data"
exit
fi
echo -e "Traffic, order by ip\n"
sed 's/\./ /g' REPORT |\
sort -n -k 2 |\
sort -n -k 3 |\
sort -n -k 4 |\
sort -n -k 5 |\
awk '{printf ("%10i %s.%s.%s.%s\n",$1,$2,$3,$4,$5)}'
echo -e "\n\nTraffic, order by traffic\n"
sed 's/\./ /g' REPORT |\
sort -n -r -k 1 |\
awk '{printf ("%10i %s.%s.%s.%s\n",$1,$2,$3,$4,$5)}'
rm $BASEDIR/REPORT
