diff options
| author | Daniil Baturin <daniil.baturin@vyatta.com> | 2011-12-15 03:11:06 +0700 |
|---|---|---|
| committer | Daniil Baturin <daniil.baturin@vyatta.com> | 2011-12-15 03:11:06 +0700 |
| commit | e7c13acc6abf011809c6e60c25f80acc963e3bd8 (patch) | |
| tree | 4c2c24db736a3e80b9ae2f1ce3f6b0060d8c779c | |
| parent | 212f5c8673cbe0a948639ee429d6159282d5a432 (diff) | |
| download | vyatta-nat-e7c13acc6abf011809c6e60c25f80acc963e3bd8.tar.gz vyatta-nat-e7c13acc6abf011809c6e60c25f80acc963e3bd8.zip | |
Update show NAT statistics script to match CLI changes,
rename to make more clear what does it do.
| -rwxr-xr-x | scripts/vyatta-show-nat-statistics.pl | 101 | ||||
| -rwxr-xr-x | scripts/vyatta-show-nat.pl | 89 |
2 files changed, 101 insertions, 89 deletions
diff --git a/scripts/vyatta-show-nat-statistics.pl b/scripts/vyatta-show-nat-statistics.pl new file mode 100755 index 0000000..8dc343e --- /dev/null +++ b/scripts/vyatta-show-nat-statistics.pl @@ -0,0 +1,101 @@ +#!/usr/bin/perl + +use strict; +use Getopt::Long; +use lib "/opt/vyatta/share/perl5"; +use Vyatta::Config; +use Vyatta::NatRuleCommon; +use Vyatta::SrcNatRule; +use Vyatta::DstNatRule; + +sub numerically { $a <=> $b; } + +my $format = "%-5s %-6s %-6s %-12s"; + +my $iptables = "sudo /sbin/iptables"; + +my $src_level = "nat source rule"; +my $dst_level = "nat destination rule"; +my $level = undef; + +my $src_chain = "POSTROUTING"; +my $dst_chain = "PREROUTING"; +my $chain = undef; + +my $type = undef; + +my @stats = (); + +GetOptions( + "type=s" => \$type +); + +die("Must specify NAT type!") if !defined($type); + +if ($type eq 'source') { + $level = $src_level; + $chain = $src_chain; +} elsif ($type eq 'destination') { + $level = $dst_level; + $chain = $dst_chain; +} else { + die("Unknown NAT type $type!"); +} + +open(STATS, "$iptables -t nat -L $chain -vn |") or exit 1; +my ($rule_tcp_pkts, $rule_tcp_bytes, $rule_pkts, $rule_bytes); +my $tcp_done = 0; +while (<STATS>) { + if ( (m/ SNAT/ || m/ DNAT/ || m/MASQUERADE/ || m/RETURN/ || m/NETMAP/)) { + m/^\s*(\d+[KMG]?)\s+(\d+[KMG]?)\s/; + $rule_pkts = $1; + $rule_bytes = $2; + if (m/tcp_udp/) { # protocol is tcp_udp, 2 rules in iptables for it + if ($tcp_done == 0) { + $rule_tcp_pkts = $rule_pkts; + $rule_tcp_bytes = $rule_bytes; + $tcp_done = 1; + next; + } else { + $rule_pkts += $rule_tcp_pkts; + $rule_bytes += $rule_tcp_bytes; + $tcp_done = 0; + } + } + push @stats, ($rule_pkts, $rule_bytes); + } +} +close STATS; + +printf($format, "rule", "pkts", "bytes", "interface"); +print "\n"; +printf($format, "----", "----", "-----", "---------"); +print "\n"; + +my $config = new Vyatta::Config; +$config->setLevel("$level"); +my @rules_pre = $config->listOrigNodes(); +my $rule; +my @rules = sort numerically @rules_pre; +for $rule (@rules) { + my $nrule = undef; + $nrule = new Vyatta::SrcNatRule if $type eq 'source'; + $nrule = new Vyatta::DstNatRule if $type eq 'destination'; + + $nrule->setupOrig("$level $rule"); + next if defined $nrule->{_disable}; + + my $pkts = shift @stats; + my $bytes = shift @stats; + + my $intf = undef; + $intf = $nrule->{_outbound_if} if $type eq 'source'; + $intf = $nrule->{_inbound_if} if $type eq 'destination'; + + printf($format, $rule, $pkts, $bytes, $intf); + print "\n"; +} + + +exit 0; + diff --git a/scripts/vyatta-show-nat.pl b/scripts/vyatta-show-nat.pl deleted file mode 100755 index 0ae25af..0000000 --- a/scripts/vyatta-show-nat.pl +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/perl - -use strict; -use lib "/opt/vyatta/share/perl5"; -use Vyatta::Config; -use Vyatta::NatRule; - -sub numerically { $a <=> $b; } - -exit 1 if ($#ARGV != 0); -my $xsl_file = $ARGV[0]; - -if (! -e $xsl_file) { - print "Invalid XSL file \"$xsl_file\"\n"; - exit 1; -} - -my %stats = ( - source => [ ], - destination => [ ], - ); -open(STATS, "sudo /sbin/iptables -t nat -L -vn |") or exit 1; -my $skey = ""; -my ($rule_tcp_pkts, $rule_tcp_bytes, $rule_pkts, $rule_bytes); -my $tcp_done = 0; -while (<STATS>) { - if (m/^Chain PREROUTING/) { - $skey = "destination"; - } elsif (m/^Chain POSTROUTING/) { - $skey = "source"; - } elsif (m/^Chain /) { - $skey = ""; - } - - if ($skey ne "" && (m/SNAT/ || m/DNAT/ || m/MASQUERADE/ || m/RETURN/ || m/NETMAP/)) { - m/^\s*(\d+[KMG]?)\s+(\d+[KMG]?)\s/; - $rule_pkts = $1; - $rule_bytes = $2; - if (m/tcp_udp/) { # protocol is tcp_udp, 2 rules in iptables for it - if ($tcp_done == 0) { - $rule_tcp_pkts = $rule_pkts; - $rule_tcp_bytes = $rule_bytes; - $tcp_done = 1; - next; - } else { - $rule_pkts += $rule_tcp_pkts; - $rule_bytes += $rule_tcp_bytes; - $tcp_done = 0; - } - } - push @{$stats{$skey}}, ($rule_pkts, $rule_bytes); - } -} -close STATS; - -open(RENDER, "| /opt/vyatta/sbin/render_xml $xsl_file") or exit 1; - -# begin -print RENDER "<opcommand name='natrules'><format type='row'>\n"; - -# get rid of the stats for PRE_SNAT_HOOK -splice @{$stats{'source'}}, 0, 2; - -my $config = new Vyatta::Config; -$config->setLevel("service nat rule"); -my @rules_pre = $config->listOrigNodes(); -my $rule; -my @rules = sort numerically @rules_pre; -for $rule (@rules) { - my $nrule = new Vyatta::NatRule; - $nrule->setupOrig("service nat rule $rule"); - next if defined $nrule->{_disable}; - my $ntype = $nrule->orig_type(); - print RENDER " <row>\n"; - print RENDER " <rule_num>$rule</rule_num>\n"; - my $pkts = shift @{$stats{$ntype}}; - my $bytes = shift @{$stats{$ntype}}; - print RENDER " <pkts>$pkts</pkts>\n"; - print RENDER " <bytes>$bytes</bytes>\n"; - $nrule->outputXml(*RENDER{IO}); - print RENDER " </row>\n"; -} - -# end -print RENDER "</format></opcommand>\n"; - -close RENDER; -exit 0; - |