From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 2/2] web UI: Add graph for connection tracking
Date: Fri, 21 Aug 2020 17:33:56 +0100 [thread overview]
Message-ID: <20200821163356.1678-2-michael.tremer@ipfire.org> (raw)
In-Reply-To: <20200821163356.1678-1-michael.tremer@ipfire.org>
[-- Attachment #1: Type: text/plain, Size: 20210 bytes --]
Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
config/cfgroot/graphs.pl | 28 ++++++++++++++++++++++++++++
doc/language_issues.de | 1 +
doc/language_issues.en | 4 +++-
doc/language_issues.es | 2 ++
doc/language_issues.fr | 2 ++
doc/language_issues.it | 2 ++
doc/language_issues.nl | 2 ++
doc/language_issues.pl | 2 ++
doc/language_issues.ru | 2 ++
doc/language_issues.tr | 2 ++
doc/language_missings | 15 +++++++++++++++
html/cgi-bin/netother.cgi | 10 +++++++++-
langs/de/cgi-bin/de.pl | 1 +
langs/en/cgi-bin/en.pl | 2 ++
14 files changed, 73 insertions(+), 2 deletions(-)
diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl
index a7b82fed3..5f146d226 100644
--- a/config/cfgroot/graphs.pl
+++ b/config/cfgroot/graphs.pl
@@ -1160,3 +1160,31 @@ sub updateentropygraph {
print "Error in RRD::graph for entropy: ".$ERROR."\n" if $ERROR;
}
+
+sub updateconntrackgraph {
+ my $period = $_[0];
+ my @command = (
+ @GRAPH_ARGS,
+ "-",
+ "--start",
+ "-1" . $period,
+ "-r",
+ "--lower-limit","0",
+ "-t $Lang::tr{'connection tracking'}",
+ "-v $Lang::tr{'open connections'}",
+ "DEF:conntrack=$mainsettings{'RRDLOG'}/collectd/localhost/conntrack/conntrack.rrd:entropy:AVERAGE",
+ "LINE3:conntrack#ff0000:" . sprintf("%-15s", $Lang::tr{'open connections'}),
+ "VDEF:ctmin=conntrack,MINIMUM",
+ "VDEF:ctmax=conntrack,MAXIMUM",
+ "VDEF:ctavg=conntrack,AVERAGE",
+ "GPRINT:ctmax:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'maximum'}),
+ "GPRINT:ctmin:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'minimum'}),
+ "GPRINT:ctavg:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'average'}) . "\\n",
+ "--color=BACK" . $color{"color21"},
+ );
+
+ RRDs::graph(@command);
+ $ERROR = RRDs::error;
+
+ print STDERR "Error in RRD::Graph for conntrack: " . $ERROR . "\n" if $ERROR;
+}
diff --git a/doc/language_issues.de b/doc/language_issues.de
index f2a7ba8ae..667b98b27 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -767,6 +767,7 @@ WARNING: translation string unused: zoneconf val ppp assignment error
WARNING: translation string unused: zoneconf val vlan amount assignment error
WARNING: translation string unused: zoneconf val vlan tag assignment error
WARNING: translation string unused: zoneconf val zoneslave amount error
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date!
WARNING: untranslated string: fwhost cust locationgrp = unknown string
WARNING: untranslated string: fwhost err hostip = unknown string
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 40cba2292..10b56af03 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -492,6 +492,7 @@ WARNING: untranslated string: connection type = Connection Type
WARNING: untranslated string: connection type is invalid = Connection type is invalid.
WARNING: untranslated string: connections = Connections
WARNING: untranslated string: connections are associated with this ca. deleting the ca will delete these connections as well. = connections are associated with this CA. Deleting the CA will delete these connections as well.
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: connscheduler = Connection Scheduler
WARNING: untranslated string: could not be opened = could not be opened.
WARNING: untranslated string: could not download latest updates = Could not download latest updates.
@@ -1113,7 +1114,7 @@ WARNING: untranslated string: invalid input for keepalive 1 = Invalid input for
WARNING: untranslated string: invalid input for keepalive 1:2 = Invalid input for Keepalive use at least a ratio of 1:2
WARNING: untranslated string: invalid input for keepalive 2 = Invalid input for Keepalive ping-restart
WARNING: untranslated string: invalid input for local ip address = Invalid input for local IP address
-WARNING: untranslated string: invalid input for max clients = Invalid input for Max Clients
+WARNING: untranslated string: invalid input for max clients = Invalid input for Max Clients. The maximum of 1024 clients has been exceeded
WARNING: untranslated string: invalid input for mode = Invalid input for mode
WARNING: untranslated string: invalid input for name = Invalid input for user's full name or system hostname
WARNING: untranslated string: invalid input for oink code = Invalid input for Oink code
@@ -1378,6 +1379,7 @@ WARNING: untranslated string: one year = One Year
WARNING: untranslated string: only digits allowed in holdoff field = Only digits allowed in holdoff field
WARNING: untranslated string: only digits allowed in max retries field = Only digits allowed in max retries field.
WARNING: untranslated string: only digits allowed in the idle timeout = Only digits allowed in the idle timeout.
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openssl produced an error = OpenSSL produced an error
WARNING: untranslated string: openvpn client = OpenVPN client
WARNING: untranslated string: openvpn default = Default
diff --git a/doc/language_issues.es b/doc/language_issues.es
index f7431f692..043df5c0f 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -793,6 +793,7 @@ WARNING: untranslated string: ccd routes = Routing:
WARNING: untranslated string: ccd subnet = Subnet
WARNING: untranslated string: ccd used = Used addresses
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: count = Count
WARNING: untranslated string: countries = Countries
WARNING: untranslated string: country codes and flags = Country Codes and Flags:
@@ -1199,6 +1200,7 @@ WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn default = Default
WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 597883693..1ebed2140 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -807,6 +807,7 @@ WARNING: translation string unused: zoneconf val ppp assignment error
WARNING: translation string unused: zoneconf val vlan amount assignment error
WARNING: translation string unused: zoneconf val vlan tag assignment error
WARNING: translation string unused: zoneconf val zoneslave amount error
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: fwhost cust locationgrp = unknown string
WARNING: untranslated string: fwhost err hostip = unknown string
WARNING: untranslated string: guardian block a host = unknown string
@@ -839,6 +840,7 @@ WARNING: untranslated string: guardian logtarget_syslog = unknown string
WARNING: untranslated string: guardian no entries = unknown string
WARNING: untranslated string: guardian service = unknown string
WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: pakfire ago = ago.
WARNING: untranslated string: route config changed = unknown string
WARNING: untranslated string: routing config added = unknown string
diff --git a/doc/language_issues.it b/doc/language_issues.it
index c943da739..f0790ed23 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -832,6 +832,7 @@ WARNING: untranslated string: block = Block
WARNING: untranslated string: broken = Broken
WARNING: untranslated string: bytes = unknown string
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: cpu frequency = CPU frequency
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
@@ -1012,6 +1013,7 @@ WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: outgoing compression in bytes per second = Outgoing compression
WARNING: untranslated string: outgoing overhead in bytes per second = Outgoing Overhead
WARNING: untranslated string: ovpn add conf = Additional configuration
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 7496d647c..2dfde5c5b 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -826,6 +826,7 @@ WARNING: untranslated string: broken = Broken
WARNING: untranslated string: bytes = unknown string
WARNING: untranslated string: capabilities = Capabilities
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: cpu frequency = CPU frequency
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
@@ -1037,6 +1038,7 @@ WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: outgoing compression in bytes per second = Outgoing compression
WARNING: untranslated string: outgoing overhead in bytes per second = Outgoing Overhead
WARNING: untranslated string: ovpn add conf = Additional configuration
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index f7431f692..043df5c0f 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -793,6 +793,7 @@ WARNING: untranslated string: ccd routes = Routing:
WARNING: untranslated string: ccd subnet = Subnet
WARNING: untranslated string: ccd used = Used addresses
WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: count = Count
WARNING: untranslated string: countries = Countries
WARNING: untranslated string: country codes and flags = Country Codes and Flags:
@@ -1199,6 +1200,7 @@ WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn default = Default
WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index a3eb33669..52de2e382 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -796,6 +796,7 @@ WARNING: untranslated string: ccd subnet = Subnet
WARNING: untranslated string: ccd used = Used addresses
WARNING: untranslated string: check all = Check all
WARNING: untranslated string: community rules = Snort/VRT GPLv2 Community Rules
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: count = Count
WARNING: untranslated string: countries = Countries
WARNING: untranslated string: country codes and flags = Country Codes and Flags:
@@ -1201,6 +1202,7 @@ WARNING: untranslated string: one hour = One Hour
WARNING: untranslated string: one month = One Month
WARNING: untranslated string: one week = One Week
WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: openvpn default = Default
WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 60a646e5f..e5792e08e 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -815,6 +815,7 @@ WARNING: untranslated string: advproxy wpad title = Web Proxy Auto-Discovery Pro
WARNING: untranslated string: advproxy wpad view pac = Open PAC File
WARNING: untranslated string: broken = Broken
WARNING: untranslated string: bytes = unknown string
+WARNING: untranslated string: connnection tracking = Connection Tracking
WARNING: untranslated string: cpu frequency = CPU frequency
WARNING: untranslated string: crypto error = Cryptographic error
WARNING: untranslated string: crypto warning = Cryptographic warning
@@ -925,6 +926,7 @@ WARNING: untranslated string: no data = unknown string
WARNING: untranslated string: no entries = No entries at the moment.
WARNING: untranslated string: not affected = Not Affected
WARNING: untranslated string: not validating = Not validating
+WARNING: untranslated string: open connections = Open Connections
WARNING: untranslated string: ovpn connection name = Connection Name
WARNING: untranslated string: ovpn error dh = The Diffie-Hellman parameter needs to be in minimum 2048 bit! <br>Please generate or upload a new Diffie-Hellman parameter, this can be made below in the section "Diffie-Hellman parameters options".</br>
WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
diff --git a/doc/language_missings b/doc/language_missings
index 3fbaad77b..c9c42d15a 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -25,6 +25,7 @@
< Captive invalid coupon
< Captive please enter a coupon code
< choose media
+< connnection tracking
< could not connect to www ipfire org
< cryptographic settings
< dhcp server disabled on blue interface
@@ -183,6 +184,7 @@
< ccd subnet
< ccd used
< check all
+< connnection tracking
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
@@ -626,6 +628,7 @@
< one month
< one week
< one year
+< open connections
< openvpn default
< openvpn destination port used
< openvpn disabled
@@ -920,9 +923,11 @@
< ansi t1.483
< bewan adsl pci st
< bewan adsl usb
+< connnection tracking
< g.dtm
< g.lite
< legacy architecture warning
+< open connections
< upload fcdsl.o
############################################################################
# Checking cgi-bin translations for language: it #
@@ -1001,6 +1006,7 @@
< Captive WiFi coupon
< Captive wrong ext
< check all
+< connnection tracking
< cpu frequency
< crypto error
< cryptographic settings
@@ -1163,6 +1169,7 @@
< one month
< one week
< one year
+< open connections
< outgoing compression in bytes per second
< outgoing overhead in bytes per second
< ovpn add conf
@@ -1357,6 +1364,7 @@
< Captive WiFi coupon
< Captive wrong ext
< check all
+< connnection tracking
< cpu frequency
< crypto error
< cryptographic settings
@@ -1555,6 +1563,7 @@
< one month
< one week
< one year
+< open connections
< outgoing compression in bytes per second
< outgoing overhead in bytes per second
< ovpn add conf
@@ -1820,6 +1829,7 @@
< ccd used
< check all
< community rules
+< connnection tracking
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
@@ -2265,6 +2275,7 @@
< one month
< one week
< one year
+< open connections
< openvpn default
< openvpn destination port used
< openvpn disabled
@@ -2671,6 +2682,7 @@
< ccd used
< check all
< community rules
+< connnection tracking
< ConnSched dial
< ConnSched hangup
< ConnSched reboot
@@ -3123,6 +3135,7 @@
< one month
< one week
< one year
+< open connections
< openvpn default
< openvpn destination port used
< openvpn disabled
@@ -3407,6 +3420,7 @@
< advproxy wpad view pac
< broken
< Captive delete logo
+< connnection tracking
< cpu frequency
< crypto error
< cryptographic settings
@@ -3489,6 +3503,7 @@
< not affected
< not validating
< okay
+< open connections
< ovpn connection name
< ovpn error dh
< ovpn error md5
diff --git a/html/cgi-bin/netother.cgi b/html/cgi-bin/netother.cgi
index 4f03c82e8..3256a0d6b 100755
--- a/html/cgi-bin/netother.cgi
+++ b/html/cgi-bin/netother.cgi
@@ -41,7 +41,11 @@ my @querry = split(/\?/,$ENV{'QUERY_STRING'});
$querry[0] = '' unless defined $querry[0];
$querry[1] = 'hour' unless defined $querry[1];
-if ( $querry[0] =~ "fwhits"){
+if ( $querry[0] eq "conntrack") {
+ print "Content-Type: image/png\n\n";
+ binmode(STDOUT);
+ &Graphs::updateconntrackgraph($querry[1]);
+} elsif ( $querry[0] =~ "fwhits"){
print "Content-type: image/png\n\n";
binmode(STDOUT);
&Graphs::updatefwhitsgraph($querry[1]);
@@ -67,6 +71,10 @@ if ( $querry[0] =~ "fwhits"){
&Header::closebox();
}
+ &Header::openbox('100%', 'center', $Lang::tr{'connnection tracking'});
+ &Graphs::makegraphbox("netother.cgi", "conntrack", "day");
+ &Header::closebox();
+
&Header::openbox('100%', 'center', "$Lang::tr{'firewallhits'} $Lang::tr{'graph'}");
&Graphs::makegraphbox("netother.cgi","fwhits","day");
&Header::closebox();
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index ef4e4e6c8..33c271f52 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1832,6 +1832,7 @@
'only digits allowed in max retries field' => 'Im Feld "Maximale Wiederholversuche" sind nur Ziffern erlaubt.',
'only digits allowed in the idle timeout' => 'Im Feld "Leerlauf-Wartezeit" sind nur Ziffern erlaubt.',
'only red' => 'Nur ROT',
+'open connections' => 'Offene Verbindungen',
'open to all' => 'Überschreibe externen Zugang zu ALL',
'openssl produced an error' => 'OpenSSL hat einen Fehler verursacht',
'openvpn client' => 'OpenVPN-Client',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 0b1b304a9..cfe0b6556 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -657,6 +657,7 @@
'connection type is invalid' => 'Connection type is invalid.',
'connections' => 'Connections',
'connections are associated with this ca. deleting the ca will delete these connections as well.' => 'connections are associated with this CA. Deleting the CA will delete these connections as well.',
+'connnection tracking' => 'Connection Tracking',
'connscheduler' => 'Connection Scheduler',
'core notice 1' => '<strong>Notice:</strong> There is an core-update from',
'core notice 2' => 'to',
@@ -1858,6 +1859,7 @@
'only digits allowed in max retries field' => 'Only digits allowed in max retries field.',
'only digits allowed in the idle timeout' => 'Only digits allowed in the idle timeout.',
'only red' => 'Only RED',
+'open connections' => 'Open Connections',
'open to all' => 'Override external access to ALL',
'openssl produced an error' => 'OpenSSL produced an error',
'openvpn client' => 'OpenVPN client',
--
2.12.2
prev parent reply other threads:[~2020-08-21 16:33 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-21 16:33 [PATCH 1/2] collectd: Enable conntrack plugin Michael Tremer
2020-08-21 16:33 ` Michael Tremer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200821163356.1678-2-michael.tremer@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox