################################################## # Formatting functions for efficiency report ################################################## _LABELW=34 OUTFORM="%-34s : %8d %8d %8d %'15d\n" TOTFORM="%34s » %8d %8d %8d %'15d\n" DETFORM="%34s . %8d %8d %8d %'15d\n" COLFORM="%34s | %8s %8s %8s %15s\n" # Draw a section headline # $1 headline text # $2 character for line # $3 length (optional) headline() { local funtag="[${FUNCNAME[0]}]" #local total=60 local total=${3:-60} awk -v text="$1" -v tot_width=$total -v char="$2" ' BEGIN { prefixlen=5 for (i=1; i<=prefixlen; i++) { prefix = prefix char } strlen = length(text); suffixlen = tot_width - length(prefix) - strlen - 2; # "- 2" for spaces if (suffixlen < 0) suffixlen = 0; suffix = sprintf("%*s", suffixlen, ""); # Generiere leerzeichen-basiertes Padding gsub(" ", char, suffix); # Ersetze Leerzeichen mit "-" print "" print prefix " " text " " suffix; }' } # Draw a simple separation line # $1 character for line # $2 length (optional) sepline() { local funtag="[${FUNCNAME[0]}]" #local total=79 local total=${2:-79} awk -v tot_width=$total -v char="$1" ' BEGIN { for (i=1; i<=tot_width; i++) { line = line char } print line; }' } # Print a section headline sec_headline() { # $1 Section name # $2 character to use # $3 length (optional) local funtag="[${FUNCNAME[0]}]" #local total=53 local total=${3:-49} awk -v text="$1" -v tot_width=$total -v char="$2" ' BEGIN { prefixlen=5 for (i=1; i<=prefixlen; i++) { prefix = prefix char } strlen = length(text); suffixlen = tot_width - length(prefix) - strlen - 1; # "- 2" for spaces if (suffixlen < 0) suffixlen = 0; suffix = sprintf("%*s", suffixlen, ""); # Generate space-basad padding gsub(" ", char, suffix); # Replace spaces by dots print "" print prefix " " text " " suffix; }' } ################################################################################ # Caculation helpers ################################################################################ # # Cummulate packets from legal access taken from the WATCGCNT chain cummulate_passed_connections() { local funtag="[${FUNCNAME[0]}]" local report awk ' BEGIN { sum=0 } /(tcp dpt:)/ { sum += $1 } END { print sum } ' <<< $(iptables -vnL WATCHCNT) } cummulate_passthru_connections() { local funtag="[${FUNCNAME[0]}]" local report awk ' BEGIN { packets=0 } /^[1-9]/ { # Extract packet count ... match($0, /packets ([0-9]+)/, tmp) packets += tmp[1] } END { print packets } ' <<< $(ipset l passthru) } # Get IPset condidions # for a [table, chain, ipset name] combo get_set_conditions() { # $1 the table (raw, mangle, filter) # $2 the chain # $3 the ipset name local funtag="[${FUNCNAME[0]}]" # Return a tuple of (packets, bytes, jump-target) iptables -t "$1" -vxnL "$2" |\ awk -v ipsetname="$3" ' $0 ~ "match-set[[:space:]]+" ipsetname "([[:space:]]|$)" { print $1,$2,$3 } ' } get_ipset_names() { # $1 table name # $2 target name (DROP,ACCEPT) local funtag="[${FUNCNAME[0]}]" local names tmp_names tmp_names=$(iptables -t $1 -nL | grep $target) awk ' { # Pick word after "match-set" match($0,"match-set[[:space:]]+",tmp) name = tmp[1] names[name] = name print "»»»",name } END { for name in names { namelist = namelist names[name] } print namelist } ' <<< "$tmp_names" } # Calculate extended IPs from CIDR notations calc_xips() { local funtag="[${FUNCNAME[0]}]" awk ' BEGIN { total = 0 } { x = split($1, parts, "/" ) if ( parts[2] == "") next bits = (32 - parts[2]) range = 2^bits total += range } END { print total } ' <<< "$1" } resolve_records() { local funtag="[${FUNCNAME[0]}]" local ips xips tot_ips local cidrs cidrm # ips=$($SQL "select count(membertype) from ipsets where membertype='IP'") # cidrs=$($SQL "select count(membertype) from ipsets where membertype='CIDR'") # cidrm=$($SQL "select member from ipsets where membertype='CIDR'") ### This does _not_ differentiate between 'DROP' and 'ACCEPT!' # ips=$(ipset l | grep '^[1-9]' | awk '{print $1}'| grep -cv "/") # cidrs=$(ipset l | grep '^[1-9]' | awk '{print $1}'| grep -c "/") # cidrm=$(ipset l | grep '^[1-9]') ### DROPs ... printf "%35s\n" "» DROPs _________________" drop_ips=$($SQL "select count(membertype) from ipsets where membertype ='IP' and target ='DROP'" ) drop_cidrs=$($SQL "select count(membertype) from ipsets where membertype ='CIDR' and target ='DROP'" ) drop_cidrm=$($SQL "select member from ipsets where membertype ='CIDR' and target ='DROP'" ) xips=$(calc_xips "$drop_cidrm") printf "%35s:%14d\n" "................ nIPs" $drop_ips printf "%35s:%14d\n" "............... CIDRs" $drop_cidrs printf "%35s:%'14d\n" "................ xIPs" $xips printf "%35s:%'14d\n" ".... Total DROPed IPs" $(( drop_ips + xips )) ### ACCEPTs ... printf "%35s\n" "» ACCEPTs _______________" accept_ips=$($SQL "select count(membertype) from ipsets where membertype ='IP' and target ='ACCEPT'" ) accept_cidrs=$($SQL "select count(membertype) from ipsets where membertype ='CIDR' and target ='ACCEPT'" ) accept_cidrm=$($SQL "select member from ipsets where membertype ='CIDR' and target ='ACCEPT'" ) xips=$(calc_xips "$accept_cidrm") printf "%35s:%14d\n" "................ nIPs" $accept_ips printf "%35s:%14d\n" "............... CIDRs" $accept_cidrs printf "%35s:%'14d\n" "................ xIPs" $xips printf "%35s:%'14d\n" ".. Total ACCEPTed IPs" $(( accept_ips + xips )) } # vim: set filetype=sh noexpandtab tabstop=8 shiftwidth=8 autoindent smartindent :