diff options
Diffstat (limited to 'charts.d/libreswan.chart.sh')
-rw-r--r-- | charts.d/libreswan.chart.sh | 173 |
1 files changed, 0 insertions, 173 deletions
diff --git a/charts.d/libreswan.chart.sh b/charts.d/libreswan.chart.sh deleted file mode 100644 index 30632e9c..00000000 --- a/charts.d/libreswan.chart.sh +++ /dev/null @@ -1,173 +0,0 @@ -# no need for shebang - this file is loaded from charts.d.plugin - -# netdata -# real-time performance and health monitoring, done right! -# (C) 2018 Costa Tsaousis <costa@tsaousis.gr> -# GPL v3+ -# - -# _update_every is a special variable - it holds the number of seconds -# between the calls of the _update() function -libreswan_update_every=1 - -# the priority is used to sort the charts on the dashboard -# 1 = the first chart -libreswan_priority=90000 - -# set to 1, to run ipsec with sudo -libreswan_sudo=1 - -# global variables to store our collected data - -# [TUNNELID] = TUNNELNAME -# here we track the *latest* established tunnels -# as detected by: ipsec whack --status -declare -A libreswan_connected_tunnels=() - -# [TUNNELID] = VALUE -# here we track values of all established tunnels (not only the latest) -# as detected by: ipsec whack --trafficstatus -declare -A libreswan_traffic_in=() -declare -A libreswan_traffic_out=() -declare -A libreswan_established_add_time=() - -# [TUNNELNAME] = CHARTID -# here we remember CHARTIDs of all tunnels -# we need this to avoid converting tunnel names to chart IDs on every iteration -declare -A libreswan_tunnel_charts=() - -# run the ipsec command -libreswan_ipsec() { - if [ ${libreswan_sudo} -ne 0 ] - then - sudo -n "${IPSEC_CMD}" "${@}" - return $? - else - "${IPSEC_CMD}" "${@}" - return $? - fi -} - -# fetch latest values - fill the arrays -libreswan_get() { - # do all the work to collect / calculate the values - # for each dimension - - # empty the variables - libreswan_traffic_in=() - libreswan_traffic_out=() - libreswan_established_add_time=() - libreswan_connected_tunnels=() - - # convert the ipsec command output to a shell script - # and source it to get the values - source <( - { - libreswan_ipsec whack --status; - libreswan_ipsec whack --trafficstatus; - } | sed -n \ - -e "s|[0-9]\+ #\([0-9]\+\): \"\(.*\)\".*IPsec SA established.*newest IPSEC.*|libreswan_connected_tunnels[\"\1\"]=\"\2\"|p" \ - -e "s|[0-9]\+ #\([0-9]\+\): \"\(.*\)\",.* add_time=\([0-9]\+\),.* inBytes=\([0-9]\+\),.* outBytes=\([0-9]\+\).*|libreswan_traffic_in[\"\1\"]=\"\4\"; libreswan_traffic_out[\"\1\"]=\"\5\"; libreswan_established_add_time[\"\1\"]=\"\3\";|p" - ) || return 1 - - # check we got some data - [ ${#libreswan_connected_tunnels[@]} -eq 0 ] && return 1 - - return 0 -} - -# _check is called once, to find out if this chart should be enabled or not -libreswan_check() { - # this should return: - # - 0 to enable the chart - # - 1 to disable the chart - - require_cmd ipsec || return 1 - - # make sure it is libreswan - if [ -z "$(ipsec --version | grep -i libreswan)" ] - then - error "ipsec command is not Libreswan. Disabling Libreswan plugin." - return 1 - fi - - # check that we can collect data - libreswan_get || return 1 - - return 0 -} - -# create the charts for an ipsec tunnel -libreswan_create_one() { - local n="${1}" name - - name="${libreswan_connected_tunnels[${n}]}" - - [ ! -z "${libreswan_tunnel_charts[${name}]}" ] && return 0 - - libreswan_tunnel_charts[${name}]="$(fixid "${name}")" - - cat <<EOF -CHART libreswan.${libreswan_tunnel_charts[${name}]}_net '${name}_net' "LibreSWAN Tunnel ${name} Traffic" "kilobits/s" "${name}" libreswan.net area $((libreswan_priority)) $libreswan_update_every -DIMENSION in '' incremental 8 1000 -DIMENSION out '' incremental -8 1000 -CHART libreswan.${libreswan_tunnel_charts[${name}]}_uptime '${name}_uptime' "LibreSWAN Tunnel ${name} Uptime" "seconds" "${name}" libreswan.uptime line $((libreswan_priority + 1)) $libreswan_update_every -DIMENSION uptime '' absolute 1 1 -EOF - - return 0 - -} - -# _create is called once, to create the charts -libreswan_create() { - local n - for n in "${!libreswan_connected_tunnels[@]}" - do - libreswan_create_one "${n}" - done - return 0 -} - -libreswan_now=$(date +%s) - -# send the values to netdata for an ipsec tunnel -libreswan_update_one() { - local n="${1}" microseconds="${2}" name id uptime - - name="${libreswan_connected_tunnels[${n}]}" - id="${libreswan_tunnel_charts[${name}]}" - - [ -z "${id}" ] && libreswan_create_one "${name}" - - uptime=$(( ${libreswan_now} - ${libreswan_established_add_time[${n}]} )) - [ ${uptime} -lt 0 ] && uptime=0 - - # write the result of the work. - cat <<VALUESEOF -BEGIN libreswan.${id}_net ${microseconds} -SET in = ${libreswan_traffic_in[${n}]} -SET out = ${libreswan_traffic_out[${n}]} -END -BEGIN libreswan.${id}_uptime ${microseconds} -SET uptime = ${uptime} -END -VALUESEOF -} - -# _update is called continiously, to collect the values -libreswan_update() { - # the first argument to this function is the microseconds since last update - # pass this parameter to the BEGIN statement (see bellow). - - libreswan_get || return 1 - libreswan_now=$(date +%s) - - local n - for n in "${!libreswan_connected_tunnels[@]}" - do - libreswan_update_one "${n}" "${@}" - done - - return 0 -} |