KevinMidboe/mktxp-no-cli
1
0
Fork 0
mirror of https://github.com/KevinMidboe/mktxp-no-cli.git synced 2025-12-08 20:38:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

optional ipv6 firewall, disabled by default

Browse Source
This commit is contained in:
Arseniy Kuznetsov
2022-11-14 20:35:00 +01:00
parent cc3fd26ae2
commit 2953cf418a
5 changed files with 77 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
mktxp/_mktxp.conf Normal file
View File

@@ -0,0 +1,25 @@
## Copyright (c) 2020 Arseniy Kuznetsov
##
## This program is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License
## as published by the Free Software Foundation; either version 2
## of the License, or (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
[MKTXP]
port = 49090
socket_timeout = 2
initial_delay_on_failure = 120
max_delay_on_failure = 900
delay_inc_div = 5
bandwidth = True # Turns metrics bandwidth metrics collection on / off
bandwidth_test_interval = 420 # Interval for colllecting bandwidth metrics
verbose_mode = False # Set it on for troubleshooting

9
mktxp/cli/config/config.py
View File

@@ -42,6 +42,10 @@ class MKTXPConfigKeys:
FE_IP_CONNECTIONS_KEY = 'connections' FE_IP_CONNECTIONS_KEY = 'connections'
FE_INTERFACE_KEY = 'interface' FE_INTERFACE_KEY = 'interface'
FE_FIREWALL_KEY = 'firewall' FE_FIREWALL_KEY = 'firewall'
FE_IPV6_FIREWALL_KEY = 'ipv6_firewall'
FE_IPV6_NEIGHBOR_KEY = 'ipv6_neighbor'
FE_MONITOR_KEY = 'monitor' FE_MONITOR_KEY = 'monitor'
FE_ROUTE_KEY = 'route' FE_ROUTE_KEY = 'route'
FE_WIRELESS_KEY = 'wireless' FE_WIRELESS_KEY = 'wireless'
@@ -50,7 +54,6 @@ class MKTXPConfigKeys:
FE_CAPSMAN_CLIENTS_KEY = 'capsman_clients' FE_CAPSMAN_CLIENTS_KEY = 'capsman_clients'
FE_POE_KEY = 'poe' FE_POE_KEY = 'poe'
FE_PUBLIC_IP_KEY = 'public_ip' FE_PUBLIC_IP_KEY = 'public_ip'
FE_IPV6_NEIGHBOR_KEY = 'ipv6_neighbor'
FE_NETWATCH_KEY = 'netwatch' FE_NETWATCH_KEY = 'netwatch'
MKTXP_SOCKET_TIMEOUT = 'socket_timeout' MKTXP_SOCKET_TIMEOUT = 'socket_timeout'
@@ -81,7 +84,7 @@ class MKTXPConfigKeys:
DEFAULT_MKTXP_INC_DIV = 5 DEFAULT_MKTXP_INC_DIV = 5
DEFAULT_MKTXP_BANDWIDTH_TEST_INTERVAL = 420 DEFAULT_MKTXP_BANDWIDTH_TEST_INTERVAL = 420
BOOLEAN_KEYS_NO = {ENABLED_KEY, SSL_KEY, NO_SSL_CERTIFICATE, SSL_CERTIFICATE_VERIFY, FE_IPV6_NEIGHBOR_KEY} BOOLEAN_KEYS_NO = {ENABLED_KEY, SSL_KEY, NO_SSL_CERTIFICATE, SSL_CERTIFICATE_VERIFY, FE_IPV6_FIREWALL_KEY, FE_IPV6_NEIGHBOR_KEY}
# Feature keys enabled by default # Feature keys enabled by default
BOOLEAN_KEYS_YES = {FE_DHCP_KEY, FE_DHCP_LEASE_KEY, FE_DHCP_POOL_KEY, FE_IP_CONNECTIONS_KEY, FE_INTERFACE_KEY, FE_FIREWALL_KEY, BOOLEAN_KEYS_YES = {FE_DHCP_KEY, FE_DHCP_LEASE_KEY, FE_DHCP_POOL_KEY, FE_IP_CONNECTIONS_KEY, FE_INTERFACE_KEY, FE_FIREWALL_KEY,
@@ -107,7 +110,7 @@ class ConfigEntry:
MKTXPConfigKeys.FE_DHCP_KEY, MKTXPConfigKeys.FE_DHCP_LEASE_KEY, MKTXPConfigKeys.FE_DHCP_POOL_KEY, MKTXPConfigKeys.FE_INTERFACE_KEY, MKTXPConfigKeys.FE_FIREWALL_KEY, MKTXPConfigKeys.FE_DHCP_KEY, MKTXPConfigKeys.FE_DHCP_LEASE_KEY, MKTXPConfigKeys.FE_DHCP_POOL_KEY, MKTXPConfigKeys.FE_INTERFACE_KEY, MKTXPConfigKeys.FE_FIREWALL_KEY,
MKTXPConfigKeys.FE_MONITOR_KEY, MKTXPConfigKeys.FE_ROUTE_KEY, MKTXPConfigKeys.FE_WIRELESS_KEY, MKTXPConfigKeys.FE_WIRELESS_CLIENTS_KEY, MKTXPConfigKeys.FE_IP_CONNECTIONS_KEY, MKTXPConfigKeys.FE_MONITOR_KEY, MKTXPConfigKeys.FE_ROUTE_KEY, MKTXPConfigKeys.FE_WIRELESS_KEY, MKTXPConfigKeys.FE_WIRELESS_CLIENTS_KEY, MKTXPConfigKeys.FE_IP_CONNECTIONS_KEY,
MKTXPConfigKeys.FE_CAPSMAN_KEY, MKTXPConfigKeys.FE_CAPSMAN_CLIENTS_KEY, MKTXPConfigKeys.FE_POE_KEY, MKTXPConfigKeys.FE_NETWATCH_KEY, MKTXPConfigKeys.MKTXP_USE_COMMENTS_OVER_NAMES, MKTXPConfigKeys.FE_CAPSMAN_KEY, MKTXPConfigKeys.FE_CAPSMAN_CLIENTS_KEY, MKTXPConfigKeys.FE_POE_KEY, MKTXPConfigKeys.FE_NETWATCH_KEY, MKTXPConfigKeys.MKTXP_USE_COMMENTS_OVER_NAMES,
MKTXPConfigKeys.FE_PUBLIC_IP_KEY, MKTXPConfigKeys.FE_IPV6_NEIGHBOR_KEY MKTXPConfigKeys.FE_PUBLIC_IP_KEY, MKTXPConfigKeys.FE_IPV6_FIREWALL_KEY, MKTXPConfigKeys.FE_IPV6_NEIGHBOR_KEY
]) ])
MKTXPSystemEntry = namedtuple('MKTXPSystemEntry', [MKTXPConfigKeys.PORT_KEY, MKTXPConfigKeys.MKTXP_SOCKET_TIMEOUT, MKTXPSystemEntry = namedtuple('MKTXPSystemEntry', [MKTXPConfigKeys.PORT_KEY, MKTXPConfigKeys.MKTXP_SOCKET_TIMEOUT,
MKTXPConfigKeys.MKTXP_INITIAL_DELAY, MKTXPConfigKeys.MKTXP_MAX_DELAY, MKTXPConfigKeys.MKTXP_INITIAL_DELAY, MKTXPConfigKeys.MKTXP_MAX_DELAY,

7
mktxp/cli/config/mktxp.conf
View File

@@ -29,11 +29,14 @@
connections = True # IP connections metrics connections = True # IP connections metrics
pool = True # Pool metrics pool = True # Pool metrics
interface = True # Interfaces traffic metrics interface = True # Interfaces traffic metrics
firewall = True # Firewall rules traffic metrics
firewall = True # IPv4 Firewall rules traffic metrics
ipv6_firewall = False # IPv6 Firewall rules traffic metrics
ipv6_neighbor = False # Reachable IPv6 Neighbors
monitor = True # Interface monitor metrics monitor = True # Interface monitor metrics
poe = True # POE metrics poe = True # POE metrics
public_ip = True # Public IP metrics public_ip = True # Public IP metrics
ipv6_neighbor = False # Reachable IPv6 Neighbors
route = True # Routes metrics route = True # Routes metrics
wireless = True # WLAN general metrics wireless = True # WLAN general metrics
wireless_clients = True # WLAN clients metrics wireless_clients = True # WLAN clients metrics

2
mktxp/collector/firewall_collector.py
View File

@@ -43,6 +43,8 @@ class FirewallCollector(BaseCollector):
yield firewall_raw_metrics yield firewall_raw_metrics
# ~*~*~*~*~*~ IPv6 ~*~*~*~*~*~ # ~*~*~*~*~*~ IPv6 ~*~*~*~*~*~
if not router_entry.config_entry.ipv6_firewall:
return
firewall_filter_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels) firewall_filter_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels)
if firewall_filter_records_ipv6: if firewall_filter_records_ipv6:
metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records_ipv6] metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records_ipv6]

39
mktxp/mktxp.conf Normal file
View File

@@ -0,0 +1,39 @@
## Copyright (c) 2020 Arseniy Kuznetsov
##
## This program is free software; you can redistribute it and/or
## modify it under the terms of the GNU General Public License
## as published by the Free Software Foundation; either version 2
## of the License, or (at your option) any later version.
##
## This program is distributed in the hope that it will be useful,
## but WITHOUT ANY WARRANTY; without even the implied warranty of
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
## GNU General Public License for more details.
[Sample-Router]
interface = True
wireless = True
connections = True
netwatch = True
wireless_clients = True
poe = True
public_ip = True
dhcp_lease = True
capsman_clients = True
use_comments_over_names = True
capsman = True
monitor = True
dhcp = True
firewall = True
pool = True
enabled = False
ssl_certificate_verify = False
no_ssl_certificate = False
use_ssl = False
route = True
ipv6_neighbor = False
hostname = localhost
username = username
password = password
port = 8728