#!/usr/bin/env python
# shorewall_ v2.0 - 30 Aug 2008 - Tanguy Pruvot <tanguy.pruvot@gmail.com>
#
# A munin plugin for tracking traffic as recorded by shorewall accounting rules
#
# ex: ln -s /usr/share/munin/plugins/shorewall_ /etc/munin/plugins/shorewall_ftp
# will log ftp* rules like ftp, ftp_input, ftp_output etc...
#
# Basic Concept by Chris AtLee <chris@atlee.ca> Released under the GPL v2

import sys, commands, re
from sys import argv
from os.path import split

path,script_name = split(argv[0])
FilterExp = re.compile(r"^shorewall_(.*)$")
m = FilterExp.match(script_name)
if m is not None:
    filterName = " " + m.group(1)
    rFilter    = r"^" + m.group(1) + ".*$"
else:
    filterName = ""
    rFilter    = r"^.*$"

FilterExp = re.compile(rFilter)

# regex for "shorewall show xxxx" output lines
accountingLineExp = re.compile(r"^\s*\d+[KMG]*\s+(\d+)([KMGT]*)\s+(\w+).*$")

def getBytesByChain():
    trafficCmd = "shorewall"
    status, output = commands.getstatusoutput("/sbin/shorewall show accounting 2>/dev/null")
    if status != 0:
        raise OSError("Error running command (%s)[%i]: %s" % (trafficCmd, status, output))
    chains = {}
    for line in output.split("\n"):
        m = accountingLineExp.match(line)
        if m is not None:
            target = m.group(3)
            bytes = int(m.group(1))

            f = FilterExp.match(target)
            if f is not None:
                if m.group(2) == "K":
                    bytes *= 1024
                elif m.group(2) == "M":
                    bytes *= 1024 * 1024
                elif m.group(2) == "G":
                    bytes *= 1024 * 1024 * 1024
                elif m.group(2) == "T":
                    bytes *= 1024 * 1024 * 1024 * 1024

                if target in chains:
                    chains[target] += bytes
                else:
                    chains[target] = bytes

    retval = []
    chainNames = chains.keys()
    chainNames.sort()
    for name in chainNames:
        retval.append((name, chains[name]))
    return retval

if len(sys.argv) > 1:
    if sys.argv[1] == "autoconf":
        print "yes"
        sys.exit(0)
    elif sys.argv[1] == "config":
        print "graph_title Shorewall accounting%s" % filterName
        print "graph_category network"
        print "graph_vlabel bits per ${graph_period}"
        for chain,bytes in getBytesByChain():
            print "%s.min 0" % chain
            print "%s.type DERIVE" % chain
            print "%s.label %s" % (chain, chain)
            print "%s.cdef %s,8,*" % (chain, chain)
        sys.exit(0)

for chain, bytes in getBytesByChain():
    print "%s.value %i" % (chain, bytes)