diff mbox series

[2/2] web UI: Add graph for connection tracking

Message ID	20200821163356.1678-2-michael.tremer@ipfire.org
State	Accepted
Headers	From: Michael Tremer <michael.tremer@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH 2/2] web UI: Add graph for connection tracking Date: Fri, 21 Aug 2020 17:33:56 +0100 Message-Id: <20200821163356.1678-2-michael.tremer@ipfire.org> In-Reply-To: <20200821163356.1678-1-michael.tremer@ipfire.org> References: <20200821163356.1678-1-michael.tremer@ipfire.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: list Cc: Michael Tremer <michael.tremer@ipfire.org> Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org>
Series	[1/2] collectd: Enable conntrack plugin \| [1/2] collectd: Enable conntrack plugin [2/2] web UI: Add graph for connection tracking

Commit Message

Michael Tremer Aug. 21, 2020, 4:33 p.m. UTC

  Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/cfgroot/graphs.pl  | 28 ++++++++++++++++++++++++++++
 doc/language_issues.de    |  1 +
 doc/language_issues.en    |  4 +++-
 doc/language_issues.es    |  2 ++
 doc/language_issues.fr    |  2 ++
 doc/language_issues.it    |  2 ++
 doc/language_issues.nl    |  2 ++
 doc/language_issues.pl    |  2 ++
 doc/language_issues.ru    |  2 ++
 doc/language_issues.tr    |  2 ++
 doc/language_missings     | 15 +++++++++++++++
 html/cgi-bin/netother.cgi | 10 +++++++++-
 langs/de/cgi-bin/de.pl    |  1 +
 langs/en/cgi-bin/en.pl    |  2 ++
 14 files changed, 73 insertions(+), 2 deletions(-)

diff mbox series

Patch

diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl
index a7b82fed3..5f146d226 100644
--- a/config/cfgroot/graphs.pl
+++ b/config/cfgroot/graphs.pl
@@ -1160,3 +1160,31 @@  sub updateentropygraph {
 
 	print "Error in RRD::graph for entropy: ".$ERROR."\n" if $ERROR;
 }
+
+sub updateconntrackgraph {
+	my $period = $_[0];
+	my @command = (
+		@GRAPH_ARGS,
+		"-",
+		"--start",
+		"-1" . $period,
+		"-r",
+		"--lower-limit","0",
+		"-t $Lang::tr{'connection tracking'}",
+		"-v $Lang::tr{'open connections'}",
+		"DEF:conntrack=$mainsettings{'RRDLOG'}/collectd/localhost/conntrack/conntrack.rrd:entropy:AVERAGE",
+		"LINE3:conntrack#ff0000:" . sprintf("%-15s", $Lang::tr{'open connections'}),
+		"VDEF:ctmin=conntrack,MINIMUM",
+		"VDEF:ctmax=conntrack,MAXIMUM",
+		"VDEF:ctavg=conntrack,AVERAGE",
+		"GPRINT:ctmax:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'maximum'}),
+		"GPRINT:ctmin:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'minimum'}),
+		"GPRINT:ctavg:" . sprintf("%15s\\: %%5.0lf", $Lang::tr{'average'}) . "\\n",
+		"--color=BACK" . $color{"color21"},
+	);
+
+	RRDs::graph(@command);
+	$ERROR = RRDs::error;
+
+	print STDERR "Error in RRD::Graph for conntrack: " . $ERROR . "\n" if $ERROR;
+}
diff --git a/doc/language_issues.de b/doc/language_issues.de
index f2a7ba8ae..667b98b27 100644
--- a/doc/language_issues.de
+++ b/doc/language_issues.de
@@ -767,6 +767,7 @@  WARNING: translation string unused: zoneconf val ppp assignment error
 WARNING: translation string unused: zoneconf val vlan amount assignment error
 WARNING: translation string unused: zoneconf val vlan tag assignment error
 WARNING: translation string unused: zoneconf val zoneslave amount error
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: error the to date has to be later than the from date = The to date has to be later than the from date!
 WARNING: untranslated string: fwhost cust locationgrp = unknown string
 WARNING: untranslated string: fwhost err hostip = unknown string
diff --git a/doc/language_issues.en b/doc/language_issues.en
index 40cba2292..10b56af03 100644
--- a/doc/language_issues.en
+++ b/doc/language_issues.en
@@ -492,6 +492,7 @@  WARNING: untranslated string: connection type = Connection Type
 WARNING: untranslated string: connection type is invalid = Connection type is invalid.
 WARNING: untranslated string: connections = Connections
 WARNING: untranslated string: connections are associated with this ca.  deleting the ca will delete these connections as well. = connections are associated with this CA. Deleting the CA will delete these connections as well.
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: connscheduler = Connection Scheduler
 WARNING: untranslated string: could not be opened = could not be opened.
 WARNING: untranslated string: could not download latest updates = Could not download latest updates.
@@ -1113,7 +1114,7 @@  WARNING: untranslated string: invalid input for keepalive 1 = Invalid input for
 WARNING: untranslated string: invalid input for keepalive 1:2 = Invalid input for Keepalive use at least a ratio of 1:2
 WARNING: untranslated string: invalid input for keepalive 2 = Invalid input for Keepalive ping-restart
 WARNING: untranslated string: invalid input for local ip address = Invalid input for local IP address
-WARNING: untranslated string: invalid input for max clients = Invalid input for Max Clients
+WARNING: untranslated string: invalid input for max clients = Invalid input for Max Clients. The maximum of 1024 clients has been exceeded
 WARNING: untranslated string: invalid input for mode = Invalid input for mode
 WARNING: untranslated string: invalid input for name = Invalid input for user's full name or system hostname
 WARNING: untranslated string: invalid input for oink code = Invalid input for Oink code
@@ -1378,6 +1379,7 @@  WARNING: untranslated string: one year = One Year
 WARNING: untranslated string: only digits allowed in holdoff field = Only digits allowed in holdoff field
 WARNING: untranslated string: only digits allowed in max retries field = Only digits allowed in max retries field.
 WARNING: untranslated string: only digits allowed in the idle timeout = Only digits allowed in the idle timeout.
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: openssl produced an error = OpenSSL produced an error
 WARNING: untranslated string: openvpn client = OpenVPN client
 WARNING: untranslated string: openvpn default = Default
diff --git a/doc/language_issues.es b/doc/language_issues.es
index f7431f692..043df5c0f 100644
--- a/doc/language_issues.es
+++ b/doc/language_issues.es
@@ -793,6 +793,7 @@  WARNING: untranslated string: ccd routes = Routing:
 WARNING: untranslated string: ccd subnet = Subnet
 WARNING: untranslated string: ccd used = Used addresses
 WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: count = Count
 WARNING: untranslated string: countries = Countries
 WARNING: untranslated string: country codes and flags = Country Codes and Flags:
@@ -1199,6 +1200,7 @@  WARNING: untranslated string: one hour = One Hour
 WARNING: untranslated string: one month = One Month
 WARNING: untranslated string: one week = One Week
 WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: openvpn default = Default
 WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
 WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.fr b/doc/language_issues.fr
index 597883693..1ebed2140 100644
--- a/doc/language_issues.fr
+++ b/doc/language_issues.fr
@@ -807,6 +807,7 @@  WARNING: translation string unused: zoneconf val ppp assignment error
 WARNING: translation string unused: zoneconf val vlan amount assignment error
 WARNING: translation string unused: zoneconf val vlan tag assignment error
 WARNING: translation string unused: zoneconf val zoneslave amount error
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: fwhost cust locationgrp = unknown string
 WARNING: untranslated string: fwhost err hostip = unknown string
 WARNING: untranslated string: guardian block a host = unknown string
@@ -839,6 +840,7 @@  WARNING: untranslated string: guardian logtarget_syslog = unknown string
 WARNING: untranslated string: guardian no entries = unknown string
 WARNING: untranslated string: guardian service = unknown string
 WARNING: untranslated string: legacy architecture warning = You are running IPFire on a legacy architecture and it is recommended to upgrade
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: pakfire ago = ago.
 WARNING: untranslated string: route config changed = unknown string
 WARNING: untranslated string: routing config added = unknown string
diff --git a/doc/language_issues.it b/doc/language_issues.it
index c943da739..f0790ed23 100644
--- a/doc/language_issues.it
+++ b/doc/language_issues.it
@@ -832,6 +832,7 @@  WARNING: untranslated string: block = Block
 WARNING: untranslated string: broken = Broken
 WARNING: untranslated string: bytes = unknown string
 WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: cpu frequency = CPU frequency
 WARNING: untranslated string: crypto error = Cryptographic error
 WARNING: untranslated string: crypto warning = Cryptographic warning
@@ -1012,6 +1013,7 @@  WARNING: untranslated string: one hour = One Hour
 WARNING: untranslated string: one month = One Month
 WARNING: untranslated string: one week = One Week
 WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: outgoing compression in bytes per second = Outgoing compression
 WARNING: untranslated string: outgoing overhead in bytes per second = Outgoing Overhead
 WARNING: untranslated string: ovpn add conf = Additional configuration
diff --git a/doc/language_issues.nl b/doc/language_issues.nl
index 7496d647c..2dfde5c5b 100644
--- a/doc/language_issues.nl
+++ b/doc/language_issues.nl
@@ -826,6 +826,7 @@  WARNING: untranslated string: broken = Broken
 WARNING: untranslated string: bytes = unknown string
 WARNING: untranslated string: capabilities = Capabilities
 WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: cpu frequency = CPU frequency
 WARNING: untranslated string: crypto error = Cryptographic error
 WARNING: untranslated string: crypto warning = Cryptographic warning
@@ -1037,6 +1038,7 @@  WARNING: untranslated string: one hour = One Hour
 WARNING: untranslated string: one month = One Month
 WARNING: untranslated string: one week = One Week
 WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: outgoing compression in bytes per second = Outgoing compression
 WARNING: untranslated string: outgoing overhead in bytes per second = Outgoing Overhead
 WARNING: untranslated string: ovpn add conf = Additional configuration
diff --git a/doc/language_issues.pl b/doc/language_issues.pl
index f7431f692..043df5c0f 100644
--- a/doc/language_issues.pl
+++ b/doc/language_issues.pl
@@ -793,6 +793,7 @@  WARNING: untranslated string: ccd routes = Routing:
 WARNING: untranslated string: ccd subnet = Subnet
 WARNING: untranslated string: ccd used = Used addresses
 WARNING: untranslated string: check all = Check all
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: count = Count
 WARNING: untranslated string: countries = Countries
 WARNING: untranslated string: country codes and flags = Country Codes and Flags:
@@ -1199,6 +1200,7 @@  WARNING: untranslated string: one hour = One Hour
 WARNING: untranslated string: one month = One Month
 WARNING: untranslated string: one week = One Week
 WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: openvpn default = Default
 WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
 WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.ru b/doc/language_issues.ru
index a3eb33669..52de2e382 100644
--- a/doc/language_issues.ru
+++ b/doc/language_issues.ru
@@ -796,6 +796,7 @@  WARNING: untranslated string: ccd subnet = Subnet
 WARNING: untranslated string: ccd used = Used addresses
 WARNING: untranslated string: check all = Check all
 WARNING: untranslated string: community rules = Snort/VRT GPLv2 Community Rules
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: count = Count
 WARNING: untranslated string: countries = Countries
 WARNING: untranslated string: country codes and flags = Country Codes and Flags:
@@ -1201,6 +1202,7 @@  WARNING: untranslated string: one hour = One Hour
 WARNING: untranslated string: one month = One Month
 WARNING: untranslated string: one week = One Week
 WARNING: untranslated string: one year = One Year
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: openvpn default = Default
 WARNING: untranslated string: openvpn destination port used = The destination port is already used by another OpenVPN server.
 WARNING: untranslated string: openvpn fragment allowed with udp = Using fragment is only allowed when using the UDP protocol.
diff --git a/doc/language_issues.tr b/doc/language_issues.tr
index 60a646e5f..e5792e08e 100644
--- a/doc/language_issues.tr
+++ b/doc/language_issues.tr
@@ -815,6 +815,7 @@  WARNING: untranslated string: advproxy wpad title = Web Proxy Auto-Discovery Pro
 WARNING: untranslated string: advproxy wpad view pac = Open PAC File
 WARNING: untranslated string: broken = Broken
 WARNING: untranslated string: bytes = unknown string
+WARNING: untranslated string: connnection tracking = Connection Tracking
 WARNING: untranslated string: cpu frequency = CPU frequency
 WARNING: untranslated string: crypto error = Cryptographic error
 WARNING: untranslated string: crypto warning = Cryptographic warning
@@ -925,6 +926,7 @@  WARNING: untranslated string: no data = unknown string
 WARNING: untranslated string: no entries = No entries at the moment.
 WARNING: untranslated string: not affected = Not Affected
 WARNING: untranslated string: not validating = Not validating
+WARNING: untranslated string: open connections = Open Connections
 WARNING: untranslated string: ovpn connection name = Connection Name
 WARNING: untranslated string: ovpn error dh = The Diffie-Hellman parameter needs to be in minimum 2048 bit! <br>Please generate or upload a new Diffie-Hellman parameter, this can be made below in the section "Diffie-Hellman parameters options".</br>
 WARNING: untranslated string: ovpn error md5 = You host certificate uses MD5 for the signature which is not accepted anymore. <br>Please update to the latest IPFire version and generate a new root and host certificate.</br><br>All OpenVPN clients needs then to be renewed!</br>
diff --git a/doc/language_missings b/doc/language_missings
index 3fbaad77b..c9c42d15a 100644
--- a/doc/language_missings
+++ b/doc/language_missings
@@ -25,6 +25,7 @@ 
 < Captive invalid coupon
 < Captive please enter a coupon code
 < choose media
+< connnection tracking
 < could not connect to www ipfire org
 < cryptographic settings
 < dhcp server disabled on blue interface
@@ -183,6 +184,7 @@ 
 < ccd subnet
 < ccd used
 < check all
+< connnection tracking
 < ConnSched dial
 < ConnSched hangup
 < ConnSched reboot
@@ -626,6 +628,7 @@ 
 < one month
 < one week
 < one year
+< open connections
 < openvpn default
 < openvpn destination port used
 < openvpn disabled
@@ -920,9 +923,11 @@ 
 < ansi t1.483
 < bewan adsl pci st
 < bewan adsl usb
+< connnection tracking
 < g.dtm
 < g.lite
 < legacy architecture warning
+< open connections
 < upload fcdsl.o
 ############################################################################
 # Checking cgi-bin translations for language: it                           #
@@ -1001,6 +1006,7 @@ 
 < Captive WiFi coupon
 < Captive wrong ext
 < check all
+< connnection tracking
 < cpu frequency
 < crypto error
 < cryptographic settings
@@ -1163,6 +1169,7 @@ 
 < one month
 < one week
 < one year
+< open connections
 < outgoing compression in bytes per second
 < outgoing overhead in bytes per second
 < ovpn add conf
@@ -1357,6 +1364,7 @@ 
 < Captive WiFi coupon
 < Captive wrong ext
 < check all
+< connnection tracking
 < cpu frequency
 < crypto error
 < cryptographic settings
@@ -1555,6 +1563,7 @@ 
 < one month
 < one week
 < one year
+< open connections
 < outgoing compression in bytes per second
 < outgoing overhead in bytes per second
 < ovpn add conf
@@ -1820,6 +1829,7 @@ 
 < ccd used
 < check all
 < community rules
+< connnection tracking
 < ConnSched dial
 < ConnSched hangup
 < ConnSched reboot
@@ -2265,6 +2275,7 @@ 
 < one month
 < one week
 < one year
+< open connections
 < openvpn default
 < openvpn destination port used
 < openvpn disabled
@@ -2671,6 +2682,7 @@ 
 < ccd used
 < check all
 < community rules
+< connnection tracking
 < ConnSched dial
 < ConnSched hangup
 < ConnSched reboot
@@ -3123,6 +3135,7 @@ 
 < one month
 < one week
 < one year
+< open connections
 < openvpn default
 < openvpn destination port used
 < openvpn disabled
@@ -3407,6 +3420,7 @@ 
 < advproxy wpad view pac
 < broken
 < Captive delete logo
+< connnection tracking
 < cpu frequency
 < crypto error
 < cryptographic settings
@@ -3489,6 +3503,7 @@ 
 < not affected
 < not validating
 < okay
+< open connections
 < ovpn connection name
 < ovpn error dh
 < ovpn error md5
diff --git a/html/cgi-bin/netother.cgi b/html/cgi-bin/netother.cgi
index 4f03c82e8..3256a0d6b 100755
--- a/html/cgi-bin/netother.cgi
+++ b/html/cgi-bin/netother.cgi
@@ -41,7 +41,11 @@  my @querry = split(/\?/,$ENV{'QUERY_STRING'});
 $querry[0] = '' unless defined $querry[0];
 $querry[1] = 'hour' unless defined $querry[1];
 
-if ( $querry[0] =~ "fwhits"){
+if ( $querry[0] eq "conntrack") {
+	print "Content-Type: image/png\n\n";
+	binmode(STDOUT);
+	&Graphs::updateconntrackgraph($querry[1]);
+} elsif ( $querry[0] =~ "fwhits"){
 	print "Content-type: image/png\n\n";
 	binmode(STDOUT);
 	&Graphs::updatefwhitsgraph($querry[1]);
@@ -67,6 +71,10 @@  if ( $querry[0] =~ "fwhits"){
 		&Header::closebox();
 	}
 
+	&Header::openbox('100%', 'center', $Lang::tr{'connnection tracking'});
+	&Graphs::makegraphbox("netother.cgi", "conntrack", "day");
+	&Header::closebox();
+
 	&Header::openbox('100%', 'center', "$Lang::tr{'firewallhits'} $Lang::tr{'graph'}");
 	&Graphs::makegraphbox("netother.cgi","fwhits","day");
 	&Header::closebox();
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index ef4e4e6c8..33c271f52 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1832,6 +1832,7 @@ 
 'only digits allowed in max retries field' => 'Im Feld &quot;Maximale Wiederholversuche&quot; sind nur Ziffern erlaubt.',
 'only digits allowed in the idle timeout' => 'Im Feld &quot;Leerlauf-Wartezeit&quot; sind nur Ziffern erlaubt.',
 'only red' => 'Nur ROT',
+'open connections' => 'Offene Verbindungen',
 'open to all' => 'Überschreibe externen Zugang zu ALL',
 'openssl produced an error' => 'OpenSSL hat einen Fehler verursacht',
 'openvpn client' => 'OpenVPN-Client',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 0b1b304a9..cfe0b6556 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -657,6 +657,7 @@ 
 'connection type is invalid' => 'Connection type is invalid.',
 'connections' => 'Connections',
 'connections are associated with this ca.  deleting the ca will delete these connections as well.' => 'connections are associated with this CA. Deleting the CA will delete these connections as well.',
+'connnection tracking' => 'Connection Tracking',
 'connscheduler' => 'Connection Scheduler',
 'core notice 1' => '<strong>Notice:</strong> There is an core-update from',
 'core notice 2' => 'to',
@@ -1858,6 +1859,7 @@ 
 'only digits allowed in max retries field' => 'Only digits allowed in max retries field.',
 'only digits allowed in the idle timeout' => 'Only digits allowed in the idle timeout.',
 'only red' => 'Only RED',
+'open connections' => 'Open Connections',
 'open to all' => 'Override external access to ALL',
 'openssl produced an error' => 'OpenSSL produced an error',
 'openvpn client' => 'OpenVPN client',