#!/usr/bin/perl -w
#
# Plugin to monitor the throuhgput of a firewall.
#
# Usage: copy or link into /etc/munin/node.d/
#
# Parameters:
#
#       config   (required)
#       autoconf (optional - used by munin-config)
#
# Config variables:
#
# $Log$
# Revision 1.8  2004/12/10 18:51:44  jimmyo
# linux/apt* has been forced to LANG=C, to get predictable output.
#
# Revision 1.7  2004/12/10 10:47:49  jimmyo
# Change name from ${scale} to ${graph_period}, to be more consistent.
#
# Revision 1.6  2004/12/09 22:12:56  jimmyo
# Added "graph_period" option, to make "graph_sums" usable.
#
# Revision 1.5  2004/11/21 00:17:12  jimmyo
# Changed a lot of plugins so they use DERIVE instead of COUNTER.
#
# Revision 1.4  2004/10/27 17:53:48  jimmyo
# Fixed typo in linux/fw_packets (Deb#275537).
#
# Revision 1.3  2004/05/20 19:02:37  jimmyo
# Set categories on a bunch of plugins
#
# Revision 1.2  2004/05/15 21:33:29  jimmyo
# "Upped" som plugins from contrib/manual to manual or auto.
#
# Revision 1.1  2004/05/09 19:12:08  jimmyo
# Cleanup of linux/fw*-plugins, by Nicolai Langfeldt
#
# Revision 1.0  2004/05/06 21:39:54  jimmyo
# fw_packets contributed by S. Banerian
#
# Magic markers (optional - used by munin-config and some installation
# scripts):
#
#%# family=manual
#%# capabilities=autoconf

if ( $ARGV[0] ) {

    if ( $ARGV[0] eq 'autoconf' ) {
	if (-f '/proc/net/snmp') {
	    print "yes\n";
	    exit 0;
	}
	print "no\n";
	exit 0;

    } elsif ( $ARGV[0] eq 'config' ) {
	print <<EOM;
graph_title Firewall Throughput
graph_args --base 1000 -l 0
graph_vlabel Packets/\${graph_period}
graph_category network
received.label Received
received.draw AREA
received.type DERIVE
received.min 0
forwarded.label Forwarded
forwarded.draw LINE2
forwarded.type DERIVE
forwarded.min 0
EOM
# Is LINE1 better I wonder?  The lines are meant to show how large a
# portion of the total received packets gets forwarded.
# rejected.label rejected
# rejected.draw LINE2
# rejected.type COUNTER
	exit 0;
    }
}

open(F, "/proc/net/snmp");

while (<F>) {
    if (/^Ip: \d/) {
	@ip = split;
	$forwarded = $ip[6];  #forwarded
	$received = $ip[3];   #received
	print "received.value $received\n";
	print "forwarded.value $forwarded\n";

	# This calculation is invalid, the packet may have been
	# destined for the firewall, then the difference is wrong.  If
	# you firewall does not receive traffic itself it is correct
	# though.
	# 
	# print "rejected.value ", $received - $forwarded,"\n";
	last;
    }
}
close(F);

# vim:syntax=perl
