summaryrefslogtreecommitdiff
path: root/src/op_mode/show_nat_statistics.py
blob: b77693e19801fc4333a0bf05a9113814a0043277 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#!/usr/bin/env python3
#
# Copyright (C) 2018 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

import jmespath
import json

from argparse import ArgumentParser
from jinja2 import Template
from sys import exit
from vyos.util import cmd

OUT_TMPL_SRC="""
rule      pkts        bytes   interface
----      ----        -----   ---------
{% for r in output %}
{%- if r.comment -%}
{%- set packets   = r.counter.packets -%}
{%- set bytes     = r.counter.bytes -%}
{%- set interface = r.interface -%}
{# remove rule comment prefix #}
{%- set comment   = r.comment | replace('SRC-NAT-', '') | replace('DST-NAT-', '') -%}
{{ "%-4s" | format(comment) }} {{ "%9s" | format(packets) }} {{ "%12s" | format(bytes) }}   {{ interface }}
{%- endif %}
{% endfor %}
"""

parser = ArgumentParser()
group = parser.add_mutually_exclusive_group()
group.add_argument("--source", help="Show statistics for configured source NAT rules", action="store_true")
group.add_argument("--destination", help="Show statistics for configured destination NAT rules", action="store_true")
args = parser.parse_args()

if args.source or args.destination:
    tmp = cmd('sudo nft -j list table nat')
    tmp = json.loads(tmp)

    source = r"nftables[?rule.chain=='POSTROUTING'].rule.{chain: chain, handle: handle, comment: comment, counter: expr[].counter | [0], interface: expr[].match.right | [0] }"
    destination = r"nftables[?rule.chain=='PREROUTING'].rule.{chain: chain, handle: handle, comment: comment, counter: expr[].counter | [0], interface: expr[].match.right | [0] }"
    data = {
        'output' : jmespath.search(source if args.source else destination, tmp),
        'direction' : 'source' if args.source else 'destination'
    }

    tmpl = Template(OUT_TMPL_SRC, lstrip_blocks=True)
    print(tmpl.render(data))
    exit(0)
else:
    parser.print_help()
    exit(1)