From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH 2/2] web UI: Add graph for connection tracking
Date: Fri, 21 Aug 2020 17:33:56 +0100
Message-ID: <20200821163356.1678-2-michael.tremer@ipfire.org>
In-Reply-To: <20200821163356.1678-1-michael.tremer@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7367868162440138279=="
List-Id: <development.lists.ipfire.org>

--===============7367868162440138279==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Signed-off-by: Michael Tremer <michael.tremer(a)ipfire.org>
---
 config/cfgroot/graphs.pl  | 28 ++++++++++++++++++++++++++++
 doc/language_issues.de    |  1 +
 doc/language_issues.en    |  4 +++-
 doc/language_issues.es    |  2 ++
 doc/language_issues.fr    |  2 ++
 doc/language_issues.it    |  2 ++
 doc/language_issues.nl    |  2 ++
 doc/language_issues.pl    |  2 ++
 doc/language_issues.ru    |  2 ++
 doc/language_issues.tr    |  2 ++
 doc/language_missings     | 15 +++++++++++++++
 html/cgi-bin/netother.cgi | 10 +++++++++-
 langs/de/cgi-bin/de.pl    |  1 +
 langs/en/cgi-bin/en.pl    |  2 ++
 14 files changed, 73 insertions(+), 2 deletions(-)

diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl
index a7b82fed3..5f146d226 100644
--- a/config/cfgroot/graphs.pl
+++ b/config/cfgroot/graphs.pl
@@ -1160,3 +1160,31 @@ sub updateentropygraph {
=20
 	print "Error in RRD::graph for entropy: ".$ERROR."\n" if $ERROR;
 }
+
+sub updateconntrackgraph {
+	my $period =3D $_[0];
+	my @command =3D (
+		@GRAPH_ARGS,
+		"-",
+		"--start",
+		"-1" . $period,
+		"-r",
+		"--lower-limit","0",
+		"-t $Lang::tr{'connection tracking'}",
+		"-v $Lang::tr{'open connections'}",
+		"DEF:conntrack=3D$mainsettings{'RRDLOG'}/collectd/localhost/conntrack/conn=
track.rrd:entropy:AVERAGE",
+		"LINE3:conntrack#ff0000:" . sprintf("%-15s", $Lang::tr{'open connections'}=
),
+		"VDEF:ctmin=3Dconntrack,MINIMUM",
+		"VDEF:ctmax=3Dconntrack,MAXIMUM",
+		"VDEF:ctavg=3Dconntrack,AVERAGE",
+		"GPRINT:ctmax:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'maximum'}),
+		"GPRINT:ctmin:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'minimum'}),
+		"GPRINT:ctavg:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'average'}) . "\\n",
+		"--color=3DBACK" . $color{"color21"},
+	);
+
+	RRDs::graph(@command);
+	$ERROR =3D RRDs::error;
+
+	print STDERR "Error in RRD::Graph for conntrack: " . $ERROR . "\n" if $ERRO=
R;
+}
diff --git a/doc/language_issues.de b/doc/language_issues.de
index f2a7ba8ae..667b98b27 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -767,6 +767,7 @@ WARNING: translation string unused: zoneconf val ppp assi=
gnment error
 WARNING: translation string unused: zoneconf val vlan amount assignment error
 WARNING: translation string unused: zoneconf val vlan tag assignment error
 WARNING: translation string unused: zoneconf val zoneslave amount error
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: error the to date has to be later than the fro=
m date =3D The to date has to be later than the from date!
 WARNING: untranslated string: fwhost cust locationgrp =3D unknown string
 WARNING: untranslated string: fwhost err hostip =3D unknown string
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 40cba2292..10b56af03 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -492,6 +492,7 @@ WARNING: untranslated string: connection type =3D Connect=
ion Type
 WARNING: untranslated string: connection type is invalid =3D Connection type=
 is invalid.
 WARNING: untranslated string: connections =3D Connections
 WARNING: untranslated string: connections are associated with this ca.  dele=
ting the ca will delete these connections as well. =3D connections are associ=
ated with this CA. Deleting the CA will delete these connections as well.
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: connscheduler =3D Connection Scheduler
 WARNING: untranslated string: could not be opened =3D could not be opened.
 WARNING: untranslated string: could not download latest updates =3D Could no=
t download latest updates.
@@ -1113,7 +1114,7 @@ WARNING: untranslated string: invalid input for keepali=
ve 1 =3D Invalid input for
 WARNING: untranslated string: invalid input for keepalive 1:2 =3D Invalid in=
put for Keepalive use at least a ratio of 1:2
 WARNING: untranslated string: invalid input for keepalive 2 =3D Invalid inpu=
t for Keepalive ping-restart
 WARNING: untranslated string: invalid input for local ip address =3D Invalid=
 input for local IP address
-WARNING: untranslated string: invalid input for max clients =3D Invalid inpu=
t for Max Clients
+WARNING: untranslated string: invalid input for max clients =3D Invalid inpu=
t for Max Clients. The maximum of 1024 clients has been exceeded
 WARNING: untranslated string: invalid input for mode =3D Invalid input for m=
ode
 WARNING: untranslated string: invalid input for name =3D Invalid input for u=
ser's full name or system hostname
 WARNING: untranslated string: invalid input for oink code =3D Invalid input =
for Oink code
@@ -1378,6 +1379,7 @@ WARNING: untranslated string: one year =3D One Year
 WARNING: untranslated string: only digits allowed in holdoff field =3D Only =
digits allowed in holdoff field
 WARNING: untranslated string: only digits allowed in max retries field =3D O=
nly digits allowed in max retries field.
 WARNING: untranslated string: only digits allowed in the idle timeout =3D On=
ly digits allowed in the idle timeout.
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: openssl produced an error =3D OpenSSL produced=
 an error
 WARNING: untranslated string: openvpn client =3D OpenVPN client
 WARNING: untranslated string: openvpn default =3D Default
diff --git a/doc/language_issues.es b/doc/language_issues.es
index f7431f692..043df5c0f 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -793,6 +793,7 @@ WARNING: untranslated string: ccd routes =3D Routing:
 WARNING: untranslated string: ccd subnet =3D Subnet
 WARNING: untranslated string: ccd used =3D Used addresses
 WARNING: untranslated string: check all =3D Check all
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: count =3D Count
 WARNING: untranslated string: countries =3D Countries
 WARNING: untranslated string: country codes and flags =3D Country Codes and =
Flags:
@@ -1199,6 +1200,7 @@ WARNING: untranslated string: one hour =3D One Hour
 WARNING: untranslated string: one month =3D One Month
 WARNING: untranslated string: one week =3D One Week
 WARNING: untranslated string: one year =3D One Year
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: openvpn default =3D Default
 WARNING: untranslated string: openvpn destination port used =3D The destinat=
ion port is already used by another OpenVPN server.
 WARNING: untranslated string: openvpn fragment allowed with udp =3D Using fr=
agment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 597883693..1ebed2140 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -807,6 +807,7 @@ WARNING: translation string unused: zoneconf val ppp assi=
gnment error
 WARNING: translation string unused: zoneconf val vlan amount assignment error
 WARNING: translation string unused: zoneconf val vlan tag assignment error
 WARNING: translation string unused: zoneconf val zoneslave amount error
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: fwhost cust locationgrp =3D unknown string
 WARNING: untranslated string: fwhost err hostip =3D unknown string
 WARNING: untranslated string: guardian block a host =3D unknown string
@@ -839,6 +840,7 @@ WARNING: untranslated string: guardian logtarget_syslog =
=3D unknown string
 WARNING: untranslated string: guardian no entries =3D unknown string
 WARNING: untranslated string: guardian service =3D unknown string
 WARNING: untranslated string: legacy architecture warning =3D You are runnin=
g IPFire on a legacy architecture and it is recommended to upgrade
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: pakfire ago =3D ago.
 WARNING: untranslated string: route config changed =3D unknown string
 WARNING: untranslated string: routing config added =3D unknown string
diff --git a/doc/language_issues.it b/doc/language_issues.it
index c943da739..f0790ed23 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -832,6 +832,7 @@ WARNING: untranslated string: block =3D Block
 WARNING: untranslated string: broken =3D Broken
 WARNING: untranslated string: bytes =3D unknown string
 WARNING: untranslated string: check all =3D Check all
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: cpu frequency =3D CPU frequency
 WARNING: untranslated string: crypto error =3D Cryptographic error
 WARNING: untranslated string: crypto warning =3D Cryptographic warning
@@ -1012,6 +1013,7 @@ WARNING: untranslated string: one hour =3D One Hour
 WARNING: untranslated string: one month =3D One Month
 WARNING: untranslated string: one week =3D One Week
 WARNING: untranslated string: one year =3D One Year
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: outgoing compression in bytes per second =3D O=
utgoing compression
 WARNING: untranslated string: outgoing overhead in bytes per second =3D Outg=
oing Overhead
 WARNING: untranslated string: ovpn add conf =3D Additional configuration
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 7496d647c..2dfde5c5b 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -826,6 +826,7 @@ WARNING: untranslated string: broken =3D Broken
 WARNING: untranslated string: bytes =3D unknown string
 WARNING: untranslated string: capabilities =3D Capabilities
 WARNING: untranslated string: check all =3D Check all
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: cpu frequency =3D CPU frequency
 WARNING: untranslated string: crypto error =3D Cryptographic error
 WARNING: untranslated string: crypto warning =3D Cryptographic warning
@@ -1037,6 +1038,7 @@ WARNING: untranslated string: one hour =3D One Hour
 WARNING: untranslated string: one month =3D One Month
 WARNING: untranslated string: one week =3D One Week
 WARNING: untranslated string: one year =3D One Year
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: outgoing compression in bytes per second =3D O=
utgoing compression
 WARNING: untranslated string: outgoing overhead in bytes per second =3D Outg=
oing Overhead
 WARNING: untranslated string: ovpn add conf =3D Additional configuration
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index f7431f692..043df5c0f 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -793,6 +793,7 @@ WARNING: untranslated string: ccd routes =3D Routing:
 WARNING: untranslated string: ccd subnet =3D Subnet
 WARNING: untranslated string: ccd used =3D Used addresses
 WARNING: untranslated string: check all =3D Check all
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: count =3D Count
 WARNING: untranslated string: countries =3D Countries
 WARNING: untranslated string: country codes and flags =3D Country Codes and =
Flags:
@@ -1199,6 +1200,7 @@ WARNING: untranslated string: one hour =3D One Hour
 WARNING: untranslated string: one month =3D One Month
 WARNING: untranslated string: one week =3D One Week
 WARNING: untranslated string: one year =3D One Year
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: openvpn default =3D Default
 WARNING: untranslated string: openvpn destination port used =3D The destinat=
ion port is already used by another OpenVPN server.
 WARNING: untranslated string: openvpn fragment allowed with udp =3D Using fr=
agment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index a3eb33669..52de2e382 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -796,6 +796,7 @@ WARNING: untranslated string: ccd subnet =3D Subnet
 WARNING: untranslated string: ccd used =3D Used addresses
 WARNING: untranslated string: check all =3D Check all
 WARNING: untranslated string: community rules =3D Snort/VRT GPLv2 Community =
Rules
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: count =3D Count
 WARNING: untranslated string: countries =3D Countries
 WARNING: untranslated string: country codes and flags =3D Country Codes and =
Flags:
@@ -1201,6 +1202,7 @@ WARNING: untranslated string: one hour =3D One Hour
 WARNING: untranslated string: one month =3D One Month
 WARNING: untranslated string: one week =3D One Week
 WARNING: untranslated string: one year =3D One Year
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: openvpn default =3D Default
 WARNING: untranslated string: openvpn destination port used =3D The destinat=
ion port is already used by another OpenVPN server.
 WARNING: untranslated string: openvpn fragment allowed with udp =3D Using fr=
agment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 60a646e5f..e5792e08e 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -815,6 +815,7 @@ WARNING: untranslated string: advproxy wpad title =3D Web=
 Proxy Auto-Discovery Pro
 WARNING: untranslated string: advproxy wpad view pac =3D Open PAC File
 WARNING: untranslated string: broken =3D Broken
 WARNING: untranslated string: bytes =3D unknown string
+WARNING: untranslated string: connnection tracking =3D Connection Tracking
 WARNING: untranslated string: cpu frequency =3D CPU frequency
 WARNING: untranslated string: crypto error =3D Cryptographic error
 WARNING: untranslated string: crypto warning =3D Cryptographic warning
@@ -925,6 +926,7 @@ WARNING: untranslated string: no data =3D unknown string
 WARNING: untranslated string: no entries =3D No entries at the moment.
 WARNING: untranslated string: not affected =3D Not Affected
 WARNING: untranslated string: not validating =3D Not validating
+WARNING: untranslated string: open connections =3D Open Connections
 WARNING: untranslated string: ovpn connection name =3D Connection Name
 WARNING: untranslated string: ovpn error dh =3D The Diffie-Hellman parameter=
 needs to be in minimum 2048 bit! <br>Please generate or upload a new Diffie-=
Hellman parameter, this can be made below in the section "Diffie-Hellman para=
meters options".</br>
 WARNING: untranslated string: ovpn error md5 =3D You host certificate uses M=
D5 for the signature which is not accepted anymore. <br>Please update to the =
latest IPFire version and generate a new root and host certificate.</br><br>A=
ll OpenVPN clients needs then to be renewed!</br>
diff --git a/doc/language_missings b/doc/language_missings
index 3fbaad77b..c9c42d15a 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -25,6 +25,7 @@
 < Captive invalid coupon
 < Captive please enter a coupon code
 < choose media
+< connnection tracking
 < could not connect to www ipfire org
 < cryptographic settings
 < dhcp server disabled on blue interface
@@ -183,6 +184,7 @@
 < ccd subnet
 < ccd used
 < check all
+< connnection tracking
 < ConnSched dial
 < ConnSched hangup
 < ConnSched reboot
@@ -626,6 +628,7 @@
 < one month
 < one week
 < one year
+< open connections
 < openvpn default
 < openvpn destination port used
 < openvpn disabled
@@ -920,9 +923,11 @@
 < ansi t1.483
 < bewan adsl pci st
 < bewan adsl usb
+< connnection tracking
 < g.dtm
 < g.lite
 < legacy architecture warning
+< open connections
 < upload fcdsl.o
 ############################################################################
 # Checking cgi-bin translations for language: it                           #
@@ -1001,6 +1006,7 @@
 < Captive WiFi coupon
 < Captive wrong ext
 < check all
+< connnection tracking
 < cpu frequency
 < crypto error
 < cryptographic settings
@@ -1163,6 +1169,7 @@
 < one month
 < one week
 < one year
+< open connections
 < outgoing compression in bytes per second
 < outgoing overhead in bytes per second
 < ovpn add conf
@@ -1357,6 +1364,7 @@
 < Captive WiFi coupon
 < Captive wrong ext
 < check all
+< connnection tracking
 < cpu frequency
 < crypto error
 < cryptographic settings
@@ -1555,6 +1563,7 @@
 < one month
 < one week
 < one year
+< open connections
 < outgoing compression in bytes per second
 < outgoing overhead in bytes per second
 < ovpn add conf
@@ -1820,6 +1829,7 @@
 < ccd used
 < check all
 < community rules
+< connnection tracking
 < ConnSched dial
 < ConnSched hangup
 < ConnSched reboot
@@ -2265,6 +2275,7 @@
 < one month
 < one week
 < one year
+< open connections
 < openvpn default
 < openvpn destination port used
 < openvpn disabled
@@ -2671,6 +2682,7 @@
 < ccd used
 < check all
 < community rules
+< connnection tracking
 < ConnSched dial
 < ConnSched hangup
 < ConnSched reboot
@@ -3123,6 +3135,7 @@
 < one month
 < one week
 < one year
+< open connections
 < openvpn default
 < openvpn destination port used
 < openvpn disabled
@@ -3407,6 +3420,7 @@
 < advproxy wpad view pac
 < broken
 < Captive delete logo
+< connnection tracking
 < cpu frequency
 < crypto error
 < cryptographic settings
@@ -3489,6 +3503,7 @@
 < not affected
 < not validating
 < okay
+< open connections
 < ovpn connection name
 < ovpn error dh
 < ovpn error md5
diff --git a/html/cgi-bin/netother.cgi b/html/cgi-bin/netother.cgi
index 4f03c82e8..3256a0d6b 100755
--- a/html/cgi-bin/netother.cgi
+++ b/html/cgi-bin/netother.cgi
@@ -41,7 +41,11 @@ my @querry =3D split(/\?/,$ENV{'QUERY_STRING'});
 $querry[0] =3D '' unless defined $querry[0];
 $querry[1] =3D 'hour' unless defined $querry[1];
=20
-if ( $querry[0] =3D~ "fwhits"){
+if ( $querry[0] eq "conntrack") {
+	print "Content-Type: image/png\n\n";
+	binmode(STDOUT);
+	&Graphs::updateconntrackgraph($querry[1]);
+} elsif ( $querry[0] =3D~ "fwhits"){
 	print "Content-type: image/png\n\n";
 	binmode(STDOUT);
 	&Graphs::updatefwhitsgraph($querry[1]);
@@ -67,6 +71,10 @@ if ( $querry[0] =3D~ "fwhits"){
 		&Header::closebox();
 	}
=20
+	&Header::openbox('100%', 'center', $Lang::tr{'connnection tracking'});
+	&Graphs::makegraphbox("netother.cgi", "conntrack", "day");
+	&Header::closebox();
+
 	&Header::openbox('100%', 'center', "$Lang::tr{'firewallhits'} $Lang::tr{'gr=
aph'}");
 	&Graphs::makegraphbox("netother.cgi","fwhits","day");
 	&Header::closebox();
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index ef4e4e6c8..33c271f52 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1832,6 +1832,7 @@
 'only digits allowed in max retries field' =3D> 'Im Feld &quot;Maximale Wied=
erholversuche&quot; sind nur Ziffern erlaubt.',
 'only digits allowed in the idle timeout' =3D> 'Im Feld &quot;Leerlauf-Warte=
zeit&quot; sind nur Ziffern erlaubt.',
 'only red' =3D> 'Nur ROT',
+'open connections' =3D> 'Offene Verbindungen',
 'open to all' =3D> '=C3=9Cberschreibe externen Zugang zu ALL',
 'openssl produced an error' =3D> 'OpenSSL hat einen Fehler verursacht',
 'openvpn client' =3D> 'OpenVPN-Client',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 0b1b304a9..cfe0b6556 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -657,6 +657,7 @@
 'connection type is invalid' =3D> 'Connection type is invalid.',
 'connections' =3D> 'Connections',
 'connections are associated with this ca.  deleting the ca will delete these=
 connections as well.' =3D> 'connections are associated with this CA. Deletin=
g the CA will delete these connections as well.',
+'connnection tracking' =3D> 'Connection Tracking',
 'connscheduler' =3D> 'Connection Scheduler',
 'core notice 1' =3D> '<strong>Notice:</strong> There is an core-update from',
 'core notice 2' =3D> 'to',
@@ -1858,6 +1859,7 @@
 'only digits allowed in max retries field' =3D> 'Only digits allowed in max =
retries field.',
 'only digits allowed in the idle timeout' =3D> 'Only digits allowed in the i=
dle timeout.',
 'only red' =3D> 'Only RED',
+'open connections' =3D> 'Open Connections',
 'open to all' =3D> 'Override external access to ALL',
 'openssl produced an error' =3D> 'OpenSSL produced an error',
 'openvpn client' =3D> 'OpenVPN client',
--=20
2.12.2


--===============7367868162440138279==--