"Fossies" - the Fresh Open Source Software Archive

Member "aif-2.1.1/share/arno-iptables-firewall/plugins/90traffic-accounting.plugin" (16 Sep 2020, 5541 Bytes) of package /linux/privat/aif-2.1.1.tar.gz:


As a special service "Fossies" has tried to format the requested text file into HTML format (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "90traffic-accounting.plugin": 2.1.0_vs_2.1.1.

    1 # ------------------------------------------------------------------------------
    2 #        -= Arno's Iptables Firewall(AIF) - Traffic Accounting plugin =-
    3 #
    4 PLUGIN_NAME="Traffic Accounting plugin"
    5 PLUGIN_VERSION="1.31"
    6 PLUGIN_CONF_FILE="traffic-accounting.conf"
    7 #
    8 # Last changed          : May 9, 2019
    9 # Requirements          : AIF 2.1.0 (or newer)
   10 # Comments              : This implements support for traffic accounting for
   11 #                         IPv4 & IPv6. It has support for dynamic host resolving
   12 #
   13 # Author                : (C) Copyright 2008-2019 by Arno van Amersfoort
   14 # Homepage              : https://rocky.eld.leidenuniv.nl/
   15 # Email                 : a r n o v a AT r o c k y DOT e l d DOT l e i d e n u n i v DOT n l
   16 #                         (note: you must remove all spaces and substitute the @ and the .
   17 #                         at the proper locations!)
   18 # ------------------------------------------------------------------------------
   19 # This program is free software; you can redistribute it and/or
   20 # modify it under the terms of the GNU General Public License
   21 # version 2 as published by the Free Software Foundation.
   22 #
   23 # This program is distributed in the hope that it will be useful,
   24 # but WITHOUT ANY WARRANTY; without even the implied warranty of
   25 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   26 # GNU General Public License for more details.
   27 #
   28 # You should have received a copy of the GNU General Public License
   29 # along with this program; if not, write to the Free Software
   30 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
   31 # ------------------------------------------------------------------------------
   32 
   33 # (Background) job name
   34 JOB_NAME="traffic-accounting"
   35 
   36 # (Background) job helper script
   37 JOB_HELPER_SCRIPT="$PLUGIN_BIN_PATH/traffic-accounting-helper"
   38 
   39 traffic_accounting_init()
   40 {
   41   # Flush accounting chains
   42   iptables -F ACCOUNTING_INPUT_CHAIN
   43   iptables -F ACCOUNTING_OUTPUT_CHAIN
   44 
   45   # (Re)insert rule in the INPUT chain
   46   iptables -I INPUT 1 -j ACCOUNTING_INPUT_CHAIN
   47 
   48   # (Re)insert rule in the OUTPUT chain
   49   # Insert rule in the OUTPUT chain
   50   iptables -I OUTPUT 1 -j ACCOUNTING_OUTPUT_CHAIN
   51 
   52   # Remove old cron job (this is in case a legacy plugin left it)
   53   rm -f /etc/cron.d/traffic-accounting
   54 
   55   # Create background job
   56   if ! job_add "$JOB_NAME" "${TRAFFIC_ACCOUNTING_TIME:-60}" "$JOB_HELPER_SCRIPT"; then
   57     return 1
   58   fi
   59 
   60   return 0
   61 }
   62 
   63 
   64 # Plugin start function
   65 plugin_start()
   66 {
   67   # Enable Conntrack Accounting (kernel config CONFIG_NF_CT_ACCT)
   68   # CONFIG_NF_CT_ACCT is deprecated and will be removed sometime after kernel 2.6.27
   69   sysctl net.netfilter.nf_conntrack_acct=1 2>/dev/null
   70 
   71   # Create new chains
   72   iptables -N ACCOUNTING_INPUT_CHAIN 2>/dev/null
   73   iptables -N ACCOUNTING_OUTPUT_CHAIN 2>/dev/null
   74 
   75   # Initialize
   76   if ! traffic_accounting_init; then
   77     return 1
   78   fi
   79 
   80   return 0
   81 }
   82 
   83 
   84 # Plugin restart function
   85 plugin_restart()
   86 {
   87   echo "${INDENT}Restarting..."
   88 
   89   # Store current values (NOTE: Ignore return value)
   90   job_run_once "$JOB_HELPER_SCRIPT"
   91 
   92   # Initialize
   93   if ! traffic_accounting_init; then
   94     return 1
   95   fi
   96 
   97   return 0
   98 }
   99 
  100 
  101 # Plugin stop function
  102 plugin_stop()
  103 {
  104   # Remove old cron job (this is in case a legacy plugin left it)
  105   rm -f /etc/cron.d/traffic-accounting
  106 
  107   # Store current values (NOTE: Ignore return value)
  108   job_run_once "$JOB_HELPER_SCRIPT"
  109 
  110   iptables -D INPUT -j ACCOUNTING_INPUT_CHAIN 2>/dev/null
  111   iptables -D OUTPUT -j ACCOUNTING_OUTPUT_CHAIN 2>/dev/null
  112 
  113   iptables -F ACCOUNTING_INPUT_CHAIN
  114   iptables -X ACCOUNTING_INPUT_CHAIN 2>/dev/null
  115   iptables -F ACCOUNTING_OUTPUT_CHAIN
  116   iptables -X ACCOUNTING_OUTPUT_CHAIN 2>/dev/null
  117 
  118   return 0
  119 }
  120 
  121 
  122 # Plugin status function
  123 plugin_status()
  124 {
  125   # Store current values (NOTE: Ignore return value)
  126   job_run_once "$JOB_HELPER_SCRIPT"
  127 
  128   # Call parse script
  129   "$PLUGIN_BIN_PATH/traffic-accounting-show"
  130 
  131   return 0
  132 }
  133 
  134 
  135 # Check sanity of eg. environment
  136 plugin_sanity_check()
  137 {
  138   if [ ! -f "$JOB_HELPER_SCRIPT" ]; then
  139     printf "\033[40m\033[1;31m${INDENT}ERROR: The job helper script($JOB_HELPER_SCRIPT) can not be found!\033[0m\n" >&2
  140     return 1
  141   fi
  142 
  143   return 0
  144 }
  145 
  146 
  147 ############
  148 # Mainline #
  149 ############
  150 
  151 # Check where to find the config file
  152 CONF_FILE=""
  153 if [ -n "$PLUGIN_CONF_PATH" ]; then
  154   CONF_FILE="$PLUGIN_CONF_PATH/$PLUGIN_CONF_FILE"
  155 fi
  156 
  157 # Preinit to success:
  158 PLUGIN_RET_VAL=0
  159 
  160 # Check if the config file exists
  161 if [ ! -f "$CONF_FILE" ]; then
  162   printf "NOTE: Config file \"$CONF_FILE\" not found!\n        Plugin \"$PLUGIN_NAME v$PLUGIN_VERSION\" ignored!\n" >&2
  163 else
  164   # Source the plugin config file
  165   . "$CONF_FILE"
  166 
  167   if [ "$ENABLED" = "1" -a "$PLUGIN_CMD" != "stop-restart" ] ||
  168      [ "$ENABLED" = "0" -a "$PLUGIN_CMD" = "stop-restart" ] ||
  169      [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "stop" ] ||
  170      [ -n "$PLUGIN_LOAD_FILE" -a "$PLUGIN_CMD" = "status" ]; then
  171     # Show who we are:
  172     echo "${INDENT}$PLUGIN_NAME v$PLUGIN_VERSION"
  173 
  174     # Increment indention
  175     INDENT="$INDENT "
  176 
  177     # Only proceed if environment ok
  178     if ! plugin_sanity_check; then
  179       PLUGIN_RET_VAL=1
  180     else
  181       case $PLUGIN_CMD in
  182         start|''         ) plugin_start; PLUGIN_RET_VAL=$? ;;
  183         restart          ) plugin_restart; PLUGIN_RET_VAL=$? ;;
  184         stop|stop-restart) plugin_stop; PLUGIN_RET_VAL=$? ;;
  185         status           ) plugin_status; PLUGIN_RET_VAL=$? ;;
  186         *                ) PLUGIN_RET_VAL=1; printf "\033[40m\033[1;31m${INDENT}ERROR: Invalid plugin option \"$PLUGIN_CMD\"!\033[0m\n" >&2 ;;
  187       esac
  188     fi
  189   fi
  190 fi