From patchwork Wed Feb 14 10:34:36 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7547 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature ECDSA (secp384r1) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4TZZMb5PKfz3wvr for ; Wed, 14 Feb 2024 10:35:07 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4TZZMV5QXYz2Tk; Wed, 14 Feb 2024 10:35:02 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4TZZMV2SVxz2y2B; Wed, 14 Feb 2024 10:35:02 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature ECDSA (secp384r1)) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4TZZMR4B7Pz2xdy for ; Wed, 14 Feb 2024 10:34:59 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4TZZMQ5BXRz5f2; Wed, 14 Feb 2024 10:34:58 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1707906898; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=9CmLmEECwYmsraxDfOuAQ51hq6GYbKNBP0m+2E+JDU0=; b=ZH2+8waUi+AMo0OSWfJeyy24eFTr2MmlidEBzwnNFM9jKHhWEYqO52exRUJFx3HkscVYrO 9GvNpc+hEr3RG3CQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1707906898; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=9CmLmEECwYmsraxDfOuAQ51hq6GYbKNBP0m+2E+JDU0=; b=h1vjKWt2S2dn+1JUsFdf1G4OUBKWwEKvaBNsWNatO5JDmdOmIpOSuDOKDnhYIbN2RRywP8 jtAqaMfecJEO3DMpeoRMvF/hgpdMsh0uLjyqw3lTAusWg+EkwASpIik0Dc8f8wWCiNy4Yc or2jASxSBNfzN9FUAzIYaQ/pbYwQK73xeCEWNdNEpVVfu3YTfU32I8m3RlgyuVFVcaDBw2 sJrymWR36PhbWEK897lHYqceuYtiHlq1+NJNQ/KEplNy+J08Sth91xgg4uG3/bfbi34WCm dDpN0gwR5sxTvwzVeuY/vLoAr9Vdk9ufqaOesNCKVaUVawBJ/dwmDiDj07kmgw== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] graphs.pl: Fixes graph failure when the DROP_HOSTILE directory is missing Date: Wed, 14 Feb 2024 11:34:36 +0100 Message-ID: <20240214103436.2878-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: QIIIF342AIEENB33HMS7UJI674RDEJYY X-Message-ID-Hash: QIIIF342AIEENB33HMS7UJI674RDEJYY X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - If a fresh install is done then only the DROP_HOSTILE_IN & DROP_HOSTILE_OUT rrd directories are created. - With the DROP_HOSTILE directory missing then when the fwhits graph is updated an error message is caused by the inability to open the required files. - This patch adds an if/else loop into the fwhits graph code to deal with the two cases of the DROP_HOSTILE being present or not depending on the history and if a backup with logs has been restored from when DROP_HOSTILE was in use. - Tested on vm testbed and created a historical line for the hostile data when it was not split - There might be a simpler or better approach than this but it was the only option I could identify. I couldn't find anything about being able to use if loops within the RRD::Graph loop Tested-by: Adolf Belka Signed-off-by: Adolf Belka --- config/cfgroot/graphs.pl | 237 ++++++++++++++++++++++++++------------- 1 file changed, 158 insertions(+), 79 deletions(-) diff --git a/config/cfgroot/graphs.pl b/config/cfgroot/graphs.pl index a23e49c98..96c6c26ea 100644 --- a/config/cfgroot/graphs.pl +++ b/config/cfgroot/graphs.pl @@ -13,7 +13,7 @@ # This program is distributed in the hope that it will be useful, # # but WITHOUT ANY WARRANTY; without even the implied warranty of # # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # -# GNU General Public License for more details. # +# GNU General Public License for more details. #update.sh # # # You should have received a copy of the GNU General Public License # # along with this program. If not, see . # @@ -676,84 +676,163 @@ sub updatevpnn2ngraph { sub updatefwhitsgraph { my $period = $_[0]; - RRDs::graph( - @GRAPH_ARGS, - "-", - "--start", - "-1".$period, - "-r", - "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"}, - "-v ".$Lang::tr{'bytes per second'}, - "--color=SHADEA".$color{"color19"}, - "--color=SHADEB".$color{"color19"}, - "--color=BACK".$color{"color21"}, - "DEF:output=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYOUT/ipt_bytes-DROP_OUTPUT.rrd:value:AVERAGE", - "DEF:input=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYIN/ipt_bytes-DROP_INPUT.rrd:value:AVERAGE", - "DEF:forward=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYFWD/ipt_bytes-DROP_FORWARD.rrd:value:AVERAGE", - "DEF:newnotsyn=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-NEWNOTSYN/ipt_bytes-DROP_NEWNOTSYN.rrd:value:AVERAGE", - "DEF:portscan=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-PSCAN/ipt_bytes-DROP_PScan.rrd:value:AVERAGE", - "DEF:spoofedmartian=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-SPOOFED_MARTIAN/ipt_bytes-DROP_SPOOFED_MARTIAN.rrd:value:AVERAGE", - "DEF:hostilein=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_IN/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", - "DEF:hostileout=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_OUT/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", - "DEF:hostilelegacy=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", - - # This creates a new combined hostile segment. - # Previously we did not split into incoming/outgoing, but we cannot go back in time. This CDEF will take the values - # from the old RRD database unless those are UNKNOWN (i.e. we started collected IN/OUT). If the values are unknown, - # we replace them with them sum of IN + OUT. - "CDEF:hostile=hostilelegacy,UN,hostilein,hostileout,+,hostilelegacy,IF", - - "COMMENT:".sprintf("%-26s",$Lang::tr{'caption'}), - "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}), - "COMMENT:".sprintf("%15s",$Lang::tr{'average'}), - "COMMENT:".sprintf("%14s",$Lang::tr{'minimal'}), - "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j", - "AREA:output".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (OUTPUT)"), - "GPRINT:output:MAX:%8.1lf %sBps", - "GPRINT:output:AVERAGE:%8.1lf %sBps", - "GPRINT:output:MIN:%8.1lf %sBps", - "GPRINT:output:LAST:%8.1lf %sBps\\j", - "STACK:forward".$color{"color23"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (FORWARD)"), - "GPRINT:forward:MAX:%8.1lf %sBps", - "GPRINT:forward:AVERAGE:%8.1lf %sBps", - "GPRINT:forward:MIN:%8.1lf %sBps", - "GPRINT:forward:LAST:%8.1lf %sBps\\j", - "STACK:input".$color{"color24"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (INPUT)"), - "GPRINT:input:MAX:%8.1lf %sBps", - "GPRINT:input:AVERAGE:%8.1lf %sBps", - "GPRINT:input:MIN:%8.1lf %sBps", - "GPRINT:input:LAST:%8.1lf %sBps\\j", - "STACK:newnotsyn".$color{"color14"}."A0:".sprintf("%-25s","NewNotSYN"), - "GPRINT:newnotsyn:MAX:%8.1lf %sBps", - "GPRINT:newnotsyn:AVERAGE:%8.1lf %sBps", - "GPRINT:newnotsyn:MIN:%8.1lf %sBps", - "GPRINT:newnotsyn:LAST:%8.1lf %sBps\\j", - "STACK:portscan".$color{"color16"}."A0:".sprintf("%-25s",$Lang::tr{'portscans'}), - "GPRINT:portscan:MAX:%8.1lf %sBps", - "GPRINT:portscan:AVERAGE:%8.1lf %sBps", - "GPRINT:portscan:MIN:%8.1lf %sBps", - "GPRINT:portscan:LAST:%8.1lf %sBps\\j", - "STACK:spoofedmartian".$color{"color12"}."A0:".sprintf("%-25s",$Lang::tr{'spoofed or martians'}), - "GPRINT:spoofedmartian:MAX:%8.1lf %sBps", - "GPRINT:spoofedmartian:AVERAGE:%8.1lf %sBps", - "GPRINT:spoofedmartian:MIN:%8.1lf %sBps", - "GPRINT:spoofedmartian:LAST:%8.1lf %sBps\\j", - "STACK:hostilein".$color{"color13"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks in'}), - "GPRINT:hostilein:MAX:%8.1lf %sBps", - "GPRINT:hostilein:AVERAGE:%8.1lf %sBps", - "GPRINT:hostilein:MIN:%8.1lf %sBps", - "GPRINT:hostilein:LAST:%8.1lf %sBps\\j", - "STACK:hostileout".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks out'}), - "GPRINT:hostileout:MAX:%8.1lf %sBps", - "GPRINT:hostileout:AVERAGE:%8.1lf %sBps", - "GPRINT:hostileout:MIN:%8.1lf %sBps", - "GPRINT:hostileout:LAST:%8.1lf %sBps\\j", - "LINE:hostile#000000A0:".sprintf("%-25s",$Lang::tr{'hostile networks total'}), - "GPRINT:hostile:MAX:%8.1lf %sBps", - "GPRINT:hostile:AVERAGE:%8.1lf %sBps", - "GPRINT:hostile:MIN:%8.1lf %sBps", - "GPRINT:hostile:LAST:%8.1lf %sBps\\j", - ); + if ( -e "$mainsettings{'RRDLOG'}/collectd/localhost/iptables-filter-HOSTILE_DROP/ipt_bytes-DROP_HOSTILE.rrd" ) { + RRDs::graph( + @GRAPH_ARGS, + "-", + "--start", + "-1".$period, + "-r", + "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"}, + "-v ".$Lang::tr{'bytes per second'}, + "--color=SHADEA".$color{"color19"}, + "--color=SHADEB".$color{"color19"}, + "--color=BACK".$color{"color21"}, + "DEF:output=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYOUT/ipt_bytes-DROP_OUTPUT.rrd:value:AVERAGE", + "DEF:input=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYIN/ipt_bytes-DROP_INPUT.rrd:value:AVERAGE", + "DEF:forward=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYFWD/ipt_bytes-DROP_FORWARD.rrd:value:AVERAGE", + "DEF:newnotsyn=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-NEWNOTSYN/ipt_bytes-DROP_NEWNOTSYN.rrd:value:AVERAGE", + "DEF:portscan=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-PSCAN/ipt_bytes-DROP_PScan.rrd:value:AVERAGE", + "DEF:spoofedmartian=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-SPOOFED_MARTIAN/ipt_bytes-DROP_SPOOFED_MARTIAN.rrd:value:AVERAGE", + "DEF:hostilein=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_IN/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", + "DEF:hostileout=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_OUT/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", + "DEF:hostilelegacy=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", + + # This creates a new combined hostile segment. + # Previously we did not split into incoming/outgoing, but we cannot go back in time. This CDEF will take the values + # from the old RRD database if it exists and if those values are UNKNOWN (time period after Hostile was split into In and Out), + # we replace them with the sum of IN + OUT. + "CDEF:hostile=hostilelegacy,UN,hostilein,hostileout,+,hostilelegacy,IF", + + "COMMENT:".sprintf("%-26s",$Lang::tr{'caption'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'average'}), + "COMMENT:".sprintf("%14s",$Lang::tr{'minimal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j", + "AREA:output".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (OUTPUT)"), + "GPRINT:output:MAX:%8.1lf %sBps", + "GPRINT:output:AVERAGE:%8.1lf %sBps", + "GPRINT:output:MIN:%8.1lf %sBps", + "GPRINT:output:LAST:%8.1lf %sBps\\j", + "STACK:forward".$color{"color23"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (FORWARD)"), + "GPRINT:forward:MAX:%8.1lf %sBps", + "GPRINT:forward:AVERAGE:%8.1lf %sBps", + "GPRINT:forward:MIN:%8.1lf %sBps", + "GPRINT:forward:LAST:%8.1lf %sBps\\j", + "STACK:input".$color{"color24"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (INPUT)"), + "GPRINT:input:MAX:%8.1lf %sBps", + "GPRINT:input:AVERAGE:%8.1lf %sBps", + "GPRINT:input:MIN:%8.1lf %sBps", + "GPRINT:input:LAST:%8.1lf %sBps\\j", + "STACK:newnotsyn".$color{"color14"}."A0:".sprintf("%-25s","NewNotSYN"), + "GPRINT:newnotsyn:MAX:%8.1lf %sBps", + "GPRINT:newnotsyn:AVERAGE:%8.1lf %sBps", + "GPRINT:newnotsyn:MIN:%8.1lf %sBps", + "GPRINT:newnotsyn:LAST:%8.1lf %sBps\\j", + "STACK:portscan".$color{"color16"}."A0:".sprintf("%-25s",$Lang::tr{'portscans'}), + "GPRINT:portscan:MAX:%8.1lf %sBps", + "GPRINT:portscan:AVERAGE:%8.1lf %sBps", + "GPRINT:portscan:MIN:%8.1lf %sBps", + "GPRINT:portscan:LAST:%8.1lf %sBps\\j", + "STACK:spoofedmartian".$color{"color12"}."A0:".sprintf("%-25s",$Lang::tr{'spoofed or martians'}), + "GPRINT:spoofedmartian:MAX:%8.1lf %sBps", + "GPRINT:spoofedmartian:AVERAGE:%8.1lf %sBps", + "GPRINT:spoofedmartian:MIN:%8.1lf %sBps", + "GPRINT:spoofedmartian:LAST:%8.1lf %sBps\\j", + "STACK:hostilein".$color{"color13"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks in'}), + "GPRINT:hostilein:MAX:%8.1lf %sBps", + "GPRINT:hostilein:AVERAGE:%8.1lf %sBps", + "GPRINT:hostilein:MIN:%8.1lf %sBps", + "GPRINT:hostilein:LAST:%8.1lf %sBps\\j", + "STACK:hostileout".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks out'}), + "GPRINT:hostileout:MAX:%8.1lf %sBps", + "GPRINT:hostileout:AVERAGE:%8.1lf %sBps", + "GPRINT:hostileout:MIN:%8.1lf %sBps", + "GPRINT:hostileout:LAST:%8.1lf %sBps\\j", + "LINE:hostile#000000A0:".sprintf("%-25s",$Lang::tr{'hostile networks total'}), + "GPRINT:hostile:MAX:%8.1lf %sBps", + "GPRINT:hostile:AVERAGE:%8.1lf %sBps", + "GPRINT:hostile:MIN:%8.1lf %sBps", + "GPRINT:hostile:LAST:%8.1lf %sBps\\j", + ); + }else{ + RRDs::graph( + @GRAPH_ARGS, + "-", + "--start", + "-1".$period, + "-r", + "-t ".$Lang::tr{'firewall hits per'}." ".$Lang::tr{$period."-graph"}, + "-v ".$Lang::tr{'bytes per second'}, + "--color=SHADEA".$color{"color19"}, + "--color=SHADEB".$color{"color19"}, + "--color=BACK".$color{"color21"}, + "DEF:output=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYOUT/ipt_bytes-DROP_OUTPUT.rrd:value:AVERAGE", + "DEF:input=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYIN/ipt_bytes-DROP_INPUT.rrd:value:AVERAGE", + "DEF:forward=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-POLICYFWD/ipt_bytes-DROP_FORWARD.rrd:value:AVERAGE", + "DEF:newnotsyn=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-NEWNOTSYN/ipt_bytes-DROP_NEWNOTSYN.rrd:value:AVERAGE", + "DEF:portscan=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-PSCAN/ipt_bytes-DROP_PScan.rrd:value:AVERAGE", + "DEF:spoofedmartian=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-SPOOFED_MARTIAN/ipt_bytes-DROP_SPOOFED_MARTIAN.rrd:value:AVERAGE", + "DEF:hostilein=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_IN/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", + "DEF:hostileout=".$mainsettings{'RRDLOG'}."/collectd/localhost/iptables-filter-HOSTILE_DROP_OUT/ipt_bytes-DROP_HOSTILE.rrd:value:AVERAGE", + + # This creates a new combined hostile segment. + # If we started collecting IN/OUT, ie the old single Hostile RRD database is not available then this CDEF will take the values + # from the sum of IN + OUT. + "CDEF:hostile=hostilein,hostileout,+", + + "COMMENT:".sprintf("%-26s",$Lang::tr{'caption'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'maximal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'average'}), + "COMMENT:".sprintf("%14s",$Lang::tr{'minimal'}), + "COMMENT:".sprintf("%15s",$Lang::tr{'current'})."\\j", + "AREA:output".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (OUTPUT)"), + "GPRINT:output:MAX:%8.1lf %sBps", + "GPRINT:output:AVERAGE:%8.1lf %sBps", + "GPRINT:output:MIN:%8.1lf %sBps", + "GPRINT:output:LAST:%8.1lf %sBps\\j", + "STACK:forward".$color{"color23"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (FORWARD)"), + "GPRINT:forward:MAX:%8.1lf %sBps", + "GPRINT:forward:AVERAGE:%8.1lf %sBps", + "GPRINT:forward:MIN:%8.1lf %sBps", + "GPRINT:forward:LAST:%8.1lf %sBps\\j", + "STACK:input".$color{"color24"}."A0:".sprintf("%-25s",$Lang::tr{'firewallhits'}." (INPUT)"), + "GPRINT:input:MAX:%8.1lf %sBps", + "GPRINT:input:AVERAGE:%8.1lf %sBps", + "GPRINT:input:MIN:%8.1lf %sBps", + "GPRINT:input:LAST:%8.1lf %sBps\\j", + "STACK:newnotsyn".$color{"color14"}."A0:".sprintf("%-25s","NewNotSYN"), + "GPRINT:newnotsyn:MAX:%8.1lf %sBps", + "GPRINT:newnotsyn:AVERAGE:%8.1lf %sBps", + "GPRINT:newnotsyn:MIN:%8.1lf %sBps", + "GPRINT:newnotsyn:LAST:%8.1lf %sBps\\j", + "STACK:portscan".$color{"color16"}."A0:".sprintf("%-25s",$Lang::tr{'portscans'}), + "GPRINT:portscan:MAX:%8.1lf %sBps", + "GPRINT:portscan:AVERAGE:%8.1lf %sBps", + "GPRINT:portscan:MIN:%8.1lf %sBps", + "GPRINT:portscan:LAST:%8.1lf %sBps\\j", + "STACK:spoofedmartian".$color{"color12"}."A0:".sprintf("%-25s",$Lang::tr{'spoofed or martians'}), + "GPRINT:spoofedmartian:MAX:%8.1lf %sBps", + "GPRINT:spoofedmartian:AVERAGE:%8.1lf %sBps", + "GPRINT:spoofedmartian:MIN:%8.1lf %sBps", + "GPRINT:spoofedmartian:LAST:%8.1lf %sBps\\j", + "STACK:hostilein".$color{"color13"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks in'}), + "GPRINT:hostilein:MAX:%8.1lf %sBps", + "GPRINT:hostilein:AVERAGE:%8.1lf %sBps", + "GPRINT:hostilein:MIN:%8.1lf %sBps", + "GPRINT:hostilein:LAST:%8.1lf %sBps\\j", + "STACK:hostileout".$color{"color25"}."A0:".sprintf("%-25s",$Lang::tr{'hostile networks out'}), + "GPRINT:hostileout:MAX:%8.1lf %sBps", + "GPRINT:hostileout:AVERAGE:%8.1lf %sBps", + "GPRINT:hostileout:MIN:%8.1lf %sBps", + "GPRINT:hostileout:LAST:%8.1lf %sBps\\j", + "LINE:hostile#000000A0:".sprintf("%-25s",$Lang::tr{'hostile networks total'}), + "GPRINT:hostile:MAX:%8.1lf %sBps", + "GPRINT:hostile:AVERAGE:%8.1lf %sBps", + "GPRINT:hostile:MIN:%8.1lf %sBps", + "GPRINT:hostile:LAST:%8.1lf %sBps\\j", + ); + } $ERROR = RRDs::error; return "Error in RRD::graph for firewallhits: ".$ERROR."\n" if $ERROR; }