mirror of
https://github.com/KevinMidboe/mktxp-no-cli.git
synced 2025-10-29 17:50:23 +00:00
optional ipv6 firewall, disabled by default
This commit is contained in:
Arseniy Kuznetsov
@@ -19,7 +19,8 @@
|
||||
max_delay_on_failure = 900
|
||||
delay_inc_div = 5
|
||||
|
||||
bandwidth = True # Turns metrics bandwidth metrics collection on / off
|
||||
bandwidth_test_interval = 420 # Interval for colllecting bandwidth metrics
|
||||
bandwidth = True # Turns metrics bandwidth metrics collection on / off
|
||||
bandwidth_test_interval = 420 # Interval for colllecting bandwidth metrics
|
||||
|
||||
verbose_mode = False # Set it on for troubleshooting
|
||||
|
||||
|
||||
@@ -22,40 +22,37 @@ class FirewallCollector(BaseCollector):
|
||||
'''
|
||||
@staticmethod
|
||||
def collect(router_entry):
|
||||
if not router_entry.config_entry.firewall:
|
||||
return
|
||||
|
||||
# Initialize all pool counts, including those currently not used
|
||||
# These are the same for both IPv4 and IPv6
|
||||
firewall_labels = ['chain', 'action', 'bytes', 'comment', 'log']
|
||||
|
||||
# ~*~*~*~*~*~ IPv4 ~*~*~*~*~*~
|
||||
firewall_filter_records = FirewallMetricsDataSource.metric_records_ipv4(router_entry, metric_labels = firewall_labels)
|
||||
if firewall_filter_records:
|
||||
metrics_records = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records]
|
||||
firewall_filter_metrics = BaseCollector.counter_collector('firewall_filter', 'Total amount of bytes matched by firewall rules', metrics_records, 'bytes', ['name', 'log'])
|
||||
yield firewall_filter_metrics
|
||||
|
||||
firewall_raw_records = FirewallMetricsDataSource.metric_records_ipv4(router_entry, metric_labels = firewall_labels, raw = True)
|
||||
if firewall_raw_records:
|
||||
metrics_records = [FirewallCollector.metric_record(router_entry, record) for record in firewall_raw_records]
|
||||
firewall_raw_metrics = BaseCollector.counter_collector('firewall_raw', 'Total amount of bytes matched by raw firewall rules', metrics_records, 'bytes', ['name', 'log'])
|
||||
yield firewall_raw_metrics
|
||||
if router_entry.config_entry.firewall:
|
||||
# ~*~*~*~*~*~ IPv4 ~*~*~*~*~*~
|
||||
firewall_filter_records = FirewallMetricsDataSource.metric_records_ipv4(router_entry, metric_labels = firewall_labels)
|
||||
if firewall_filter_records:
|
||||
metrics_records = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records]
|
||||
firewall_filter_metrics = BaseCollector.counter_collector('firewall_filter', 'Total amount of bytes matched by firewall rules', metrics_records, 'bytes', ['name', 'log'])
|
||||
yield firewall_filter_metrics
|
||||
|
||||
firewall_raw_records = FirewallMetricsDataSource.metric_records_ipv4(router_entry, metric_labels = firewall_labels, raw = True)
|
||||
if firewall_raw_records:
|
||||
metrics_records = [FirewallCollector.metric_record(router_entry, record) for record in firewall_raw_records]
|
||||
firewall_raw_metrics = BaseCollector.counter_collector('firewall_raw', 'Total amount of bytes matched by raw firewall rules', metrics_records, 'bytes', ['name', 'log'])
|
||||
yield firewall_raw_metrics
|
||||
|
||||
# ~*~*~*~*~*~ IPv6 ~*~*~*~*~*~
|
||||
if not router_entry.config_entry.ipv6_firewall:
|
||||
return
|
||||
firewall_filter_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels)
|
||||
if firewall_filter_records_ipv6:
|
||||
metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records_ipv6]
|
||||
firewall_filter_metrics_ipv6 = BaseCollector.counter_collector('firewall_filter_ipv6', 'Total amount of bytes matched by firewall rules (IPv6)', metrics_records_ipv6, 'bytes', ['name', 'log'])
|
||||
yield firewall_filter_metrics_ipv6
|
||||
if router_entry.config_entry.ipv6_firewall:
|
||||
firewall_filter_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels)
|
||||
if firewall_filter_records_ipv6:
|
||||
metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records_ipv6]
|
||||
firewall_filter_metrics_ipv6 = BaseCollector.counter_collector('firewall_filter_ipv6', 'Total amount of bytes matched by firewall rules (IPv6)', metrics_records_ipv6, 'bytes', ['name', 'log'])
|
||||
yield firewall_filter_metrics_ipv6
|
||||
|
||||
firewall_raw_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels, raw = True)
|
||||
if firewall_raw_records_ipv6:
|
||||
metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_raw_records_ipv6]
|
||||
firewall_raw_metrics_ipv6 = BaseCollector.counter_collector('firewall_raw_ipv6', 'Total amount of bytes matched by raw firewall rules (IPv6)', metrics_records_ipv6, 'bytes', ['name', 'log'])
|
||||
yield firewall_raw_metrics_ipv6
|
||||
firewall_raw_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels, raw = True)
|
||||
if firewall_raw_records_ipv6:
|
||||
metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_raw_records_ipv6]
|
||||
firewall_raw_metrics_ipv6 = BaseCollector.counter_collector('firewall_raw_ipv6', 'Total amount of bytes matched by raw firewall rules (IPv6)', metrics_records_ipv6, 'bytes', ['name', 'log'])
|
||||
yield firewall_raw_metrics_ipv6
|
||||
|
||||
# Helpers
|
||||
@staticmethod
|
||||
|
||||
Reference in New Issue
Block a user