mirror of
https://github.com/KevinMidboe/mktxp-no-cli.git
synced 2025-10-29 17:50:23 +00:00
65 lines
4.0 KiB
Python
65 lines
4.0 KiB
Python
# coding=utf8
|
|
## Copyright (c) 2020 Arseniy Kuznetsov
|
|
##
|
|
## This program is free software; you can redistribute it and/or
|
|
## modify it under the terms of the GNU General Public License
|
|
## as published by the Free Software Foundation; either version 2
|
|
## of the License, or (at your option) any later version.
|
|
##
|
|
## This program is distributed in the hope that it will be useful,
|
|
## but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
## GNU General Public License for more details.
|
|
|
|
|
|
from mktxp.cli.config.config import MKTXPConfigKeys
|
|
from mktxp.collector.base_collector import BaseCollector
|
|
from mktxp.datasource.firewall_ds import FirewallMetricsDataSource
|
|
|
|
|
|
class FirewallCollector(BaseCollector):
|
|
''' Firewall rules traffic metrics collector
|
|
'''
|
|
@staticmethod
|
|
def collect(router_entry):
|
|
# Initialize all pool counts, including those currently not used
|
|
# These are the same for both IPv4 and IPv6
|
|
firewall_labels = ['chain', 'action', 'bytes', 'comment', 'log']
|
|
|
|
if router_entry.config_entry.firewall:
|
|
# ~*~*~*~*~*~ IPv4 ~*~*~*~*~*~
|
|
firewall_filter_records = FirewallMetricsDataSource.metric_records_ipv4(router_entry, metric_labels = firewall_labels)
|
|
if firewall_filter_records:
|
|
metrics_records = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records]
|
|
firewall_filter_metrics = BaseCollector.counter_collector('firewall_filter', 'Total amount of bytes matched by firewall rules', metrics_records, 'bytes', ['name', 'log'])
|
|
yield firewall_filter_metrics
|
|
|
|
firewall_raw_records = FirewallMetricsDataSource.metric_records_ipv4(router_entry, metric_labels = firewall_labels, raw = True)
|
|
if firewall_raw_records:
|
|
metrics_records = [FirewallCollector.metric_record(router_entry, record) for record in firewall_raw_records]
|
|
firewall_raw_metrics = BaseCollector.counter_collector('firewall_raw', 'Total amount of bytes matched by raw firewall rules', metrics_records, 'bytes', ['name', 'log'])
|
|
yield firewall_raw_metrics
|
|
|
|
# ~*~*~*~*~*~ IPv6 ~*~*~*~*~*~
|
|
if router_entry.config_entry.ipv6_firewall:
|
|
firewall_filter_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels)
|
|
if firewall_filter_records_ipv6:
|
|
metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_filter_records_ipv6]
|
|
firewall_filter_metrics_ipv6 = BaseCollector.counter_collector('firewall_filter_ipv6', 'Total amount of bytes matched by firewall rules (IPv6)', metrics_records_ipv6, 'bytes', ['name', 'log'])
|
|
yield firewall_filter_metrics_ipv6
|
|
|
|
firewall_raw_records_ipv6 = FirewallMetricsDataSource.metric_records_ipv6(router_entry, metric_labels = firewall_labels, raw = True)
|
|
if firewall_raw_records_ipv6:
|
|
metrics_records_ipv6 = [FirewallCollector.metric_record(router_entry, record) for record in firewall_raw_records_ipv6]
|
|
firewall_raw_metrics_ipv6 = BaseCollector.counter_collector('firewall_raw_ipv6', 'Total amount of bytes matched by raw firewall rules (IPv6)', metrics_records_ipv6, 'bytes', ['name', 'log'])
|
|
yield firewall_raw_metrics_ipv6
|
|
|
|
# Helpers
|
|
@staticmethod
|
|
def metric_record(router_entry, firewall_record):
|
|
name = f"| {firewall_record.get('chain', ' ')} | {firewall_record.get('action', ' ')} | {firewall_record.get('comment', ' ')}"
|
|
bytes = firewall_record.get('bytes', 0)
|
|
return {MKTXPConfigKeys.ROUTERBOARD_NAME: router_entry.router_id[MKTXPConfigKeys.ROUTERBOARD_NAME],
|
|
MKTXPConfigKeys.ROUTERBOARD_ADDRESS: router_entry.router_id[MKTXPConfigKeys.ROUTERBOARD_ADDRESS],
|
|
'name': name, 'log': firewall_record['log'], 'bytes': bytes}
|