#!/usr/local/bin/python # Copyright (C) 2005 Krzysztof Kozlowski # License: GNU General Public License version 2 # http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License # version 2 as published by the Free Software Foundation. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # Ostatnia zmiana: 10.09.2005 # # Wykaz ruchu sieciowego na podstawie licznikow regul ipfw # Nie ma zadnego narzutu na system - po prostu odczytuje to, co zbiera ipfw, ale wymaga # sensownych regul firewalla import sys import re import os import time if len(sys.argv) == 2: FOUT_DIR = os.path.abspath(sys.argv[1]) if ((len(sys.argv) != 2) or (not(os.path.isdir(FOUT_DIR)))): print 'Wywolanie: ' print ' ' + sys.argv[0] + ' katalog_ze_statystykami' sys.exit() # Zapisanie wynikow do roznych plikow ; FOUT_NAME = FOUT_DIR+'/traffic_stats_' FOUT_NAME_RAW = FOUT_DIR+'/traffic_stats_raw_' # Nazwy uslug : SERVICE_NAMES=("POCZTA","FTP","SSH","WWW","DNS","STRANGE","OTHER_ME_HIGH","OTHER_BLOCK_ALL") # Numery regul dla roznych uslug : # Skladnia: # RULE_TO_SERVICES["numer_reguly"] = "NAZWA_USLUGI" # gdzie "numer_reguly" uzyskasz np. z "ipfw show" # a "NAZWA_USLUGI" pochodzi z tablicy "SERVICE_NAMES" powyzej RULE_TO_SERVICES = {} RULE_TO_SERVICES["00500"] = "POCZTA" RULE_TO_SERVICES["00510"] = "POCZTA" RULE_TO_SERVICES["00520"] = "POCZTA" RULE_TO_SERVICES["00530"] = "POCZTA" RULE_TO_SERVICES["00600"] = "FTP" RULE_TO_SERVICES["00610"] = "FTP" RULE_TO_SERVICES["00620"] = "FTP" RULE_TO_SERVICES["00700"] = "SSH" RULE_TO_SERVICES["00710"] = "SSH" RULE_TO_SERVICES["00720"] = "SSH" RULE_TO_SERVICES["00800"] = "WWW" RULE_TO_SERVICES["00810"] = "WWW" RULE_TO_SERVICES["00900"] = "DNS" RULE_TO_SERVICES["00910"] = "DNS" RULE_TO_SERVICES["01000"] = "STRANGE" RULE_TO_SERVICES["01010"] = "STRANGE" RULE_TO_SERVICES["65001"] = "OTHER_ME_HIGH" RULE_TO_SERVICES["65002"] = "OTHER_ME_HIGH" RULE_TO_SERVICES["65010"] = "OTHER_BLOCK_ALL" # Inicjalizacja innych zmiennych : OUT_SUM = {} OUT_PKTS = {} for i in SERVICE_NAMES: OUT_PKTS[i] = 0 OUT_SUM[i] = 0 # Wczytanie regul ze statystykami fstats = os.popen('ipfw show', 'r') # Przeczesanie danych wejsciowych od ipfw : reg = re.compile('(\d*)\s*(\d*)\s*(\d*)') ; while 1: linia = fstats.readline() if not(linia): break match = reg.search(linia) if not(match): continue RULE = match.group(1) PKTS = match.group(2) SUM = match.group(3) if not(RULE_TO_SERVICES.has_key(RULE)): continue OUT_SUM[RULE_TO_SERVICES[RULE]] += int(SUM) OUT_PKTS[RULE_TO_SERVICES[RULE]] += int(PKTS) fstats.close() for i in SERVICE_NAMES: fout = open(FOUT_NAME + i, 'a') fout_raw = open(FOUT_NAME_RAW + i, 'a') fout.write(time.strftime('%d.%m.%y - %H:%M')) fout_raw.write(time.strftime('%d.%m.%y - %H:%M')) if (int(OUT_SUM[i]) > 2097152): # 2 MB = 2 * 1024 * 1024 = 2097152 SUM_TMP = '%7.1f MB' % (float(OUT_SUM[i])/1024/1024) else: SUM_TMP = '%7.2f kB' % (float(OUT_SUM[i])/1024) if (int(OUT_PKTS[i]) > 4000): PKTS_TMP = '%5.1f tys. pakietow' % (float(OUT_PKTS[i])/1000) else: PKTS_TMP = '%5d pakietow' % (int(OUT_PKTS[i])) fout.write("\t\t" + SUM_TMP + "\t\t" + PKTS_TMP + "\n") fout_raw.write("\t\t" + str(OUT_SUM[i]) + "\t\t" + str(OUT_PKTS[i]) + "\n") fout.close() fout_raw.close() # Wywolanie tworzenia wykresu : os.system(os.path.dirname('"' + sys.argv[0])+'/traffic_make_chart" "' + FOUT_NAME_RAW + i + '" "' + FOUT_NAME + i + '.html" ' + i) # Czyscimy liczniki os.system('ipfw zero')