diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:22:31 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:22:31 +0000 |
commit | 8d4f58e49b9dc7d3545651023a36729de773ad86 (patch) | |
tree | 7bc7be4a8e9e298daa1349348400aa2a653866f2 /collectors/python.d.plugin/freeradius/freeradius.chart.py | |
parent | Initial commit. (diff) | |
download | netdata-upstream/1.12.0.tar.xz netdata-upstream/1.12.0.zip |
Adding upstream version 1.12.0.upstream/1.12.0upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'collectors/python.d.plugin/freeradius/freeradius.chart.py')
-rw-r--r-- | collectors/python.d.plugin/freeradius/freeradius.chart.py | 177 |
1 files changed, 177 insertions, 0 deletions
diff --git a/collectors/python.d.plugin/freeradius/freeradius.chart.py b/collectors/python.d.plugin/freeradius/freeradius.chart.py new file mode 100644 index 0000000..8563660 --- /dev/null +++ b/collectors/python.d.plugin/freeradius/freeradius.chart.py @@ -0,0 +1,177 @@ +# -*- coding: utf-8 -*- +# Description: freeradius netdata python.d module +# Author: l2isbad +# SPDX-License-Identifier: GPL-3.0-or-later + +import re +from subprocess import Popen, PIPE + +from bases.collection import find_binary +from bases.FrameworkServices.SimpleService import SimpleService + +update_every = 15 + +PARSER = re.compile(r'((?<=-)[AP][a-zA-Z-]+) = (\d+)') + +RADIUS_MSG = 'Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 15, Response-Packet-Type = Access-Accept' + +RADCLIENT_RETRIES = 1 +RADCLIENT_TIMEOUT = 1 + +DEFAULT_HOST = 'localhost' +DEFAULT_PORT = 18121 +DEFAULT_DO_ACCT = False +DEFAULT_DO_PROXY_AUTH = False +DEFAULT_DO_PROXY_ACCT = False + +ORDER = [ + 'authentication', + 'accounting', + 'proxy-auth', + 'proxy-acct', +] + +CHARTS = { + 'authentication': { + 'options': [None, 'Authentication', 'packets/s', 'authentication', 'freerad.auth', 'line'], + 'lines': [ + ['access-accepts', None, 'incremental'], + ['access-rejects', None, 'incremental'], + ['auth-dropped-requests', 'dropped-requests', 'incremental'], + ['auth-duplicate-requests', 'duplicate-requests', 'incremental'], + ['auth-invalid-requests', 'invalid-requests', 'incremental'], + ['auth-malformed-requests', 'malformed-requests', 'incremental'], + ['auth-unknown-types', 'unknown-types', 'incremental'] + ] + }, + 'accounting': { + 'options': [None, 'Accounting', 'packets/s', 'accounting', 'freerad.acct', 'line'], + 'lines': [ + ['accounting-requests', 'requests', 'incremental'], + ['accounting-responses', 'responses', 'incremental'], + ['acct-dropped-requests', 'dropped-requests', 'incremental'], + ['acct-duplicate-requests', 'duplicate-requests', 'incremental'], + ['acct-invalid-requests', 'invalid-requests', 'incremental'], + ['acct-malformed-requests', 'malformed-requests', 'incremental'], + ['acct-unknown-types', 'unknown-types', 'incremental'] + ] + }, + 'proxy-auth': { + 'options': [None, 'Proxy Authentication', 'packets/s', 'authentication', 'freerad.proxy.auth', 'line'], + 'lines': [ + ['proxy-access-accepts', 'access-accepts', 'incremental'], + ['proxy-access-rejects', 'access-rejects', 'incremental'], + ['proxy-auth-dropped-requests', 'dropped-requests', 'incremental'], + ['proxy-auth-duplicate-requests', 'duplicate-requests', 'incremental'], + ['proxy-auth-invalid-requests', 'invalid-requests', 'incremental'], + ['proxy-auth-malformed-requests', 'malformed-requests', 'incremental'], + ['proxy-auth-unknown-types', 'unknown-types', 'incremental'] + ] + }, + 'proxy-acct': { + 'options': [None, 'Proxy Accounting', 'packets/s', 'accounting', 'freerad.proxy.acct', 'line'], + 'lines': [ + ['proxy-accounting-requests', 'requests', 'incremental'], + ['proxy-accounting-responses', 'responses', 'incremental'], + ['proxy-acct-dropped-requests', 'dropped-requests', 'incremental'], + ['proxy-acct-duplicate-requests', 'duplicate-requests', 'incremental'], + ['proxy-acct-invalid-requests', 'invalid-requests', 'incremental'], + ['proxy-acct-malformed-requests', 'malformed-requests', 'incremental'], + ['proxy-acct-unknown-types', 'unknown-types', 'incremental'] + ] + } +} + + +def radclient_status(radclient, retries, timeout, host, port, secret): + # radclient -r 1 -t 1 -x 127.0.0.1:18121 status secret + + return '{radclient} -r {num_retries} -t {timeout} -x {host}:{port} status {secret}'.format( + radclient=radclient, + num_retries=retries, + timeout=timeout, + host=host, + port=port, + secret=secret, + ).split() + + +class Service(SimpleService): + def __init__(self, configuration=None, name=None): + SimpleService.__init__(self, configuration=configuration, name=name) + self.order = ORDER + self.definitions = CHARTS + self.host = self.configuration.get('host', DEFAULT_HOST) + self.port = self.configuration.get('port', DEFAULT_PORT) + self.secret = self.configuration.get('secret') + self.do_acct = self.configuration.get('acct', DEFAULT_DO_ACCT) + self.do_proxy_auth = self.configuration.get('proxy_auth', DEFAULT_DO_PROXY_AUTH) + self.do_proxy_acct = self.configuration.get('proxy_acct', DEFAULT_DO_PROXY_ACCT) + self.echo = find_binary('echo') + self.radclient = find_binary('radclient') + self.sub_echo = [self.echo, RADIUS_MSG] + self.sub_radclient = radclient_status( + self.radclient, RADCLIENT_RETRIES, RADCLIENT_TIMEOUT, self.host, self.port, self.secret, + ) + + def check(self): + if not self.radclient: + self.error("Can't locate 'radclient' binary or binary is not executable by netdata user") + return False + + if not self.echo: + self.error("Can't locate 'echo' binary or binary is not executable by netdata user") + return None + + if not self.secret: + self.error("'secret' isn't set") + return None + + if not self.get_raw_data(): + self.error('Request returned no data. Is server alive?') + return False + + if not self.do_acct: + self.order.remove('accounting') + + if not self.do_proxy_auth: + self.order.remove('proxy-auth') + + if not self.do_proxy_acct: + self.order.remove('proxy-acct') + + return True + + def get_data(self): + """ + Format data received from shell command + :return: dict + """ + result = self.get_raw_data() + + if not result: + return None + + return dict( + (key.lower(), value) for key, value in PARSER.findall(result) + ) + + def get_raw_data(self): + """ + The following code is equivalent to + 'echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 15, Response-Packet-Type = Access-Accept" + | radclient -t 1 -r 1 host:port status secret' + :return: str + """ + try: + process_echo = Popen(self.sub_echo, stdout=PIPE, stderr=PIPE, shell=False) + process_rad = Popen(self.sub_radclient, stdin=process_echo.stdout, stdout=PIPE, stderr=PIPE, shell=False) + process_echo.stdout.close() + raw_result = process_rad.communicate()[0] + except OSError: + return None + + if process_rad.returncode is 0: + return raw_result.decode() + + return None |