From 05903883b79ab3b23f51bd69458ca292fb0b3437 Mon Sep 17 00:00:00 2001 From: James Davidson Date: Thu, 25 Apr 2013 15:29:09 -0700 Subject: Add size and files options to "traffic save" Bug 8020 The total storage used by a traffic capture can be bounded by using the size and files options. --- gen-monitor-interface-templates.sh | 22 +++++++++++++-- gen-monitor-vif-interface-templates.sh | 23 +++++++++++++-- scripts/vyatta-tshark.pl | 51 +++++++++++++++++++++++++++++----- 3 files changed, 84 insertions(+), 12 deletions(-) diff --git a/gen-monitor-interface-templates.sh b/gen-monitor-interface-templates.sh index ee9e9ca..67c9e7e 100755 --- a/gen-monitor-interface-templates.sh +++ b/gen-monitor-interface-templates.sh @@ -2,6 +2,8 @@ #monitor interfaces [type] [name] traffic #monitor interfaces [type] [name] traffic flow #monitor interfaces [type] [name] traffic save [filename] +#monitor interfaces [type] [name] traffic save [filename] size [number] +#monitor interfaces [type] [name] traffic save [filename] size [number] files [number] #monitor interfaces [type] [name] traffic detail #monitor interfaces [type] [name] traffic detail filter #monitor interfaces [type] [name] traffic detail unlimited @@ -27,7 +29,7 @@ cd $TEMPLATE_DIR for type in "${types[@]}"; do mkdir -p $type/node.tag/flow - mkdir -p $type/node.tag/traffic/save/node.tag + mkdir -p $type/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag mkdir -p $type/node.tag/traffic/detail/filter/node.tag mkdir -p $type/node.tag/traffic/detail/unlimited/filter/node.tag mkdir -p $type/node.tag/traffic/filter/node.tag @@ -47,8 +49,22 @@ for type in "${types[@]}"; do echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4' >> $type/node.tag/traffic/node.def # traffic save - echo 'help: Save monitored traffic to a file' >| $type/node.tag/traffic/save/node.def - echo -e 'help: Save monitored traffic to a file\nrun: ${vyatta_bindir}/vyatta-tshark.pl --intf $4 --save "${@:7}"' >| $type/node.tag/traffic/save/node.tag/node.def + echo 'help: Save monitored traffic to a file' >| $type/node.tag/traffic/save/node.def + echo 'help: Save monitored traffic to the specified file' >| $type/node.tag/traffic/save/node.tag/node.def + echo "allowed: echo -e '.pcap'" >> $type/node.tag/traffic/save/node.tag/node.def + echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4 --save "${@:7}"' >> $type/node.tag/traffic/save/node.tag/node.def + + # traffic save size + echo 'help: Save monitored traffic to a file with max size' >| $type/node.tag/traffic/save/node.tag/size/node.def + echo "help: Maximum file size (e.g., 1 = 1 KiB, 1M = 1 MiB)" >| $type/node.tag/traffic/save/node.tag/size/node.tag/node.def + echo "allowed: echo -e ''" >> $type/node.tag/traffic/save/node.tag/size/node.tag/node.def + echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4 --save "${@:7}" --size "${@:9}"' >> $type/node.tag/traffic/save/node.tag/size/node.tag/node.def + + # traffic save size files + echo 'help: Save monitored traffic to a set of rotated file' >| $type/node.tag/traffic/save/node.tag/size/node.tag/files/node.def + echo 'help: Number of files to rotate stored traffic through' >| $type/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag/node.def + echo "allowed: echo -e ''" >> $type/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag/node.def + echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4 --save "${@:7}" --size "${@:9}" --files "${@:11}"' >> $type/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag/node.def # traffic detail echo -e "help: Monitor detailed traffic for the specified $type interface" >| $type/node.tag/traffic/detail/node.def diff --git a/gen-monitor-vif-interface-templates.sh b/gen-monitor-vif-interface-templates.sh index b0ef822..ac128e8 100755 --- a/gen-monitor-vif-interface-templates.sh +++ b/gen-monitor-vif-interface-templates.sh @@ -21,7 +21,7 @@ cd $TEMPLATE_DIR for type in "${types[@]}"; do mkdir -p $type/node.tag/vif/node.tag/flow - mkdir -p $type/node.tag/vif/node.tag/traffic/save/node.tag + mkdir -p $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag mkdir -p $type/node.tag/vif/node.tag/traffic/detail/filter/node.tag mkdir -p $type/node.tag/vif/node.tag/traffic/detail/unlimited/filter/node.tag mkdir -p $type/node.tag/vif/node.tag/traffic/filter/node.tag @@ -36,13 +36,32 @@ for type in "${types[@]}"; do echo 'help: Monitor flows on specified interface' >| $type/node.tag/vif/node.tag/flow/node.def echo 'run: sudo /usr/sbin/iftop -i $4.$6' >> $type/node.tag/vif/node.tag/flow/node.def + # node.tag + echo "help: Monitor specified $type interface" > $type/node.tag/vif/node.tag/node.def + echo "allowed: \${vyatta_sbindir}/vyatta-interfaces.pl --show $type --vif \${COMP_WORDS[COMP_CWORD-2]}" >> $type/node.tag/vif/node.tag/node.def + echo 'run: bmon -p $4.$6' >> $type/node.tag/vif/node.tag/node.def + # traffic echo "help: Montior captured traffic on specified $type interface" >| $type/node.tag/vif/node.tag/traffic/node.def echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4.$6' >> $type/node.tag/vif/node.tag/traffic/node.def # traffic save echo 'help: Save monitored traffic to a file' >| $type/node.tag/vif/node.tag/traffic/save/node.def - echo -e 'help: Save monitored traffic to a file\nrun: ${vyatta_bindir}/vyatta-tshark.pl --intf $4.$6 --save "${@:9}"' >| $type/node.tag/vif/node.tag/traffic/save/node.tag/node.def + echo 'help: Save monitored traffic to the specified file' >| $type/node.tag/vif/node.tag/traffic/save/node.tag/node.def + echo "allowed: echo -e '.pcap'" >> $type/node.tag/vif/node.tag/traffic/save/node.tag/node.def + echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4.$6 --save "${@:9}"' >> $type/node.tag/vif/node.tag/traffic/save/node.tag/node.def + + # traffic save size + echo 'help: Save monitored traffic to a file with max size' >| $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.def + echo "help: Maximum file size (e.g., 1 = 1 KiB, 1M = 1 MiB)" >| $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/node.def + echo "allowed: echo -e ''" >> $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/node.def + echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4 --save "${@:7}" --size "${@:9}"' >> $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/node.def + + # traffic save size files + echo 'help: Save monitored traffic to a set of rotated files' >| $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/files/node.def + echo 'help: Number of files to rotate stored traffic through' >| $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag/node.def + echo "allowed: echo -e ''" >> $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag/node.def + echo 'run: ${vyatta_bindir}/vyatta-tshark.pl --intf $4 --save "${@:7}" --size "${@:9}" --files "${@:11}"' >> $type/node.tag/vif/node.tag/traffic/save/node.tag/size/node.tag/files/node.tag/node.def # traffic detail echo -e "help: Monitor detailed traffic for the specified $type interface" >| $type/node.tag/vif/node.tag/traffic/detail/node.def diff --git a/scripts/vyatta-tshark.pl b/scripts/vyatta-tshark.pl index c065cbe..5423cfc 100755 --- a/scripts/vyatta-tshark.pl +++ b/scripts/vyatta-tshark.pl @@ -54,16 +54,48 @@ sub check_if_interface_is_tsharkable { } } +my ($detail,$filter,$intf,$unlimited,$save,$files,$size); + +# +# The size parameter can have one of the following +# unit suffixes: +# +# - [kK] KiB (1024 bytes) +# - [mM] MiB (1048576 bytes) +# - [gG] GiB (1073741824 bytes) +# - [tT] TiB (109951162778 bytes) +# +# Note: tshark's default size unit is KiB +sub parse_size { + my ( $name, $parm ) = @_; + my %mult = ('T' => 1073741824, 't' => 1073741824, + 'G' => 1048576, 'g' => 1048576, + 'M' => 1024, 'm' => 1024, + 'K' => 1, 'k' => 1); + + die "Invalid parameter: $name" if ($name ne "size"); + my ( $value, $unit ) = $parm =~ m/^([0-9]+)([kKmMgGtT])?$/; + die "Invalid size specified" unless $value; + $unit = "K" unless $unit; + $size = $value * $mult{$unit}; +} + # # main # -my ($detail,$filter,$intf,$unlimited,$save); -GetOptions("detail!" => \$detail, - "filter=s" => \$filter, - "save=s" => \$save, - "intf=s" => \$intf, - "unlimited!" => \$unlimited); +my $result = GetOptions("detail!" => \$detail, + "filter=s" => \$filter, + "save=s" => \$save, + "intf=s" => \$intf, + "unlimited!" => \$unlimited, + "files=i" => \$files, + "size=s" => \&parse_size); + +if (! $result) { + print "Invalid option specifications\n"; + exit 1; +} check_if_interface_is_tsharkable($intf); @@ -72,7 +104,12 @@ if (defined($save)){ print("Please name your file .pcap\n"); exit 1; } - exec "/usr/bin/tshark -i $intf -w '$save'"; + my $options = ""; + + # the CLI will make sure that files is not defined w/o size also + $options .= " -a filesize:$size" if defined($size); + $options .= " -b files:$files" if defined($files); + exec "/usr/bin/tshark -i $intf -w '$save' $options"; exit 0; } -- cgit v1.2.3