/usr/share/munin/plugins/fw_packets is in munin-node 1.4.6-3ubuntu3.4.
This file is owned by root:root, with mode 0o755.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 | #!/usr/bin/perl -w
# -*- perl -*-
=head1 NAME
fw_packets - Plugin to monitor the throuhgput of a firewall
=head1 CONFIGURATION
This plugin must run with root privileges
=head1 CONFIGURATION EXAMPLE
/etc/munin/plugin-conf.d/global or other file in that dir must contain:
[fw*]
user root
=head1 AUTHOR
Unknown author
=head1 LICENSE
Unknown license
=head1 MAGIC MARKERS
#%# family=auto
#%# capabilities=autoconf
=cut
if ( $ARGV[0] ) {
if ( $ARGV[0] eq 'autoconf' ) {
if ( -r '/proc/net/snmp') {
print "yes\n";
exit 0;
}
print "no\n";
exit 0;
} elsif ( $ARGV[0] eq 'config' ) {
print <<EOM;
graph_title Firewall Throughput
graph_args --base 1000 -l 0
graph_vlabel Packets/\${graph_period}
graph_category network
received.label Received
received.draw AREA
received.type DERIVE
received.min 0
forwarded.label Forwarded
forwarded.draw LINE2
forwarded.type DERIVE
forwarded.min 0
EOM
# Is LINE1 better I wonder? The lines are meant to show how large a
# portion of the total received packets gets forwarded.
# rejected.label rejected
# rejected.draw LINE2
# rejected.type COUNTER
exit 0;
}
}
open(F, "/proc/net/snmp") or die "Cannot read /proc/net/snmp: $!\n";
while (<F>) {
if (/^Ip: \d/) {
@ip = split;
$forwarded = $ip[6]; #forwarded
$received = $ip[3]; #received
print "received.value $received\n";
print "forwarded.value $forwarded\n";
# This calculation is invalid, the packet may have been
# destined for the firewall, then the difference is wrong. If
# you firewall does not receive traffic itself it is correct
# though.
#
# print "rejected.value ", $received - $forwarded,"\n";
last;
}
}
close(F);
# vim:syntax=perl
|