Icon

Partager Envoyer

(Logiciel informatique) pf BSD

fw: Firewall graphs (distributed by AURORÆ Solutions)

fw est l'interface web distribuée par Aurorae Solutions qui permet la consultation des graphes d'un pare-feu pf.

Capture d'écran des graphes du jour

 

Configuration

Dans /etc/rc.conf :

pfstatd_enable="YES"

Dans /usr/local/etc/pfstat.conf :

# $Id: pfstat.conf.example,v 1.2 2006/05/17 13:50:44 dhartmei Exp $
#
# /etc/pfstat.conf example
#

# collect
#   global
#     states entries|searches|inserts|removals [diff]
#     counters match|bad-offset|fragment|...|synproxy [diff]
#              (see pfctl -si output, same strings)
#   interface name pass|block packets|bytes in|out v4|v6 [diff]
#   queue name passed|dropped|other packets|bytes|number [diff]

collect 1 = interface "msk0" pass bytes in ipv4 diff
collect 2 = interface "msk0" pass bytes out ipv4 diff
collect 3 = global states entries

image "/usr/local/www/fw/pfstat-day-small.jpg" {
        from 24 hours to now
        width 300 height 200
        left
                graph 1 bps "in" "bits/s" color 0 192 0 filled,
                graph 2 bps "out" "bits/s" color 0 0 255
        right
                graph 3 "states" "entries" color 192 192 0
}

root@le75:~ # cat /usr/local/etc/pfstat.conf
# $Id: pfstat.conf.example,v 1.2 2006/05/17 13:50:44 dhartmei Exp $
#
# /etc/pfstat.conf example
#

# collect
#   global
#     states entries|searches|inserts|removals [diff]
#     counters match|bad-offset|fragment|...|synproxy [diff]
#              (see pfctl -si output, same strings)
#   interface name pass|block packets|bytes in|out v4|v6 [diff]
#   queue name passed|dropped|other packets|bytes|number [diff]

collect 1 = interface "msk0" pass bytes in ipv4 diff
collect 2 = interface "msk0" pass bytes out ipv4 diff
collect 3 = global states entries

image "/usr/local/www/fw/pfstat-day-small.jpg" {
	from 24 hours to now
	width 300 height 200
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

image "/usr/local/www/fw/pfstat-day-large.jpg" {
	from 24 hours to now
	width 980 height 300
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

image "/usr/local/www/fw/pfstat-week-small.jpg" {
	from 7 days to now
	width 300 height 200
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

image "/usr/local/www/fw/pfstat-week-large.jpg" {
	from 7 days to now
	width 980 height 300
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

image "/usr/local/www/fw/pfstat-month-small.jpg" {
	from 4 weeks to now
	width 300 height 200
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

image "/usr/local/www/fw/pfstat-month-large.jpg" {
	from 4 weeks to now
	width 980 height 300
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

image "/usr/local/www/fw/pfstat-year-small.jpg" {
	from 12 months to now
	width 300 height 200
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

image "/usr/local/www/fw/pfstat-year-large.jpg" {
	from 12 months to now
	width 980 height 300
	left
		graph 1 bps "in" "bits/s" color 0 192 0 filled,
		graph 2 bps "out" "bits/s" color 0 0 255
	right
		graph 3 "states" "entries" color 192 192 0
}

collect 4 = interface "vr0" pass packets in ipv4 diff
collect 5 = interface "vr0" pass packets out ipv4 diff
collect 6 = interface "vr0" block packets in ipv4 diff
collect 7 = interface "vr0" block packets out ipv4 diff

image "/usr/local/www/fw/pfstat-packets-day-small.jpg" {
	from 24 hours to now
	width 300 height 200
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

image "/usr/local/www/fw/pfstat-packets-day-large.jpg" {
	from 24 hours to now
	width 980 height 300
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

image "/usr/local/www/fw/pfstat-packets-week-small.jpg" {
	from 7 days to now
	width 300 height 200
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

image "/usr/local/www/fw/pfstat-packets-week-large.jpg" {
	from 7 days to now
	width 980 height 300
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

image "/usr/local/www/fw/pfstat-packets-month-small.jpg" {
	from 4 weeks to now
	width 300 height 200
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

image "/usr/local/www/fw/pfstat-packets-month-large.jpg" {
	from 4 weeks to now
	width 980 height 300
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

image "/usr/local/www/fw/pfstat-packets-year-small.jpg" {
	from 12 months to now
	width 300 height 200
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

image "/usr/local/www/fw/pfstat-packets-year-large.jpg" {
	from 12 months to now
	width 980 height 300
	left
		graph 4 "pass in"   "packets/s" color 0 192 0 filled,
		graph 5 "pass out"  "packets/s" color 0 0 255
	right
		graph 6 "block in"  "packets/s" color 255 0 0,
		graph 7 "block out" "packets/s" color 192 192 0
}

collect  8 = global states inserts  diff
collect  9 = global states removals diff
collect 10 = global states searches diff

image "/usr/local/www/fw/pfstat-states-day-small.jpg" {
	from 24 hours to now
	width 300 height 200
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

image "/usr/local/www/fw/pfstat-states-day-large.jpg" {
	from 24 hours to now
	width 980 height 300
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

image "/usr/local/www/fw/pfstat-states-week-small.jpg" {
	from 7 days to now
	width 300 height 200
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

image "/usr/local/www/fw/pfstat-states-week-large.jpg" {
	from 7 days to now
	width 980 height 300
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

image "/usr/local/www/fw/pfstat-states-month-small.jpg" {
	from 4 weeks to now
	width 300 height 200
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

image "/usr/local/www/fw/pfstat-states-month-large.jpg" {
	from 4 weeks to now
	width 980 height 300
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

image "/usr/local/www/fw/pfstat-states-year-small.jpg" {
	from 12 months to now
	width 300 height 200
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

image "/usr/local/www/fw/pfstat-states-year-large.jpg" {
	from 12 months to now
	width 980 height 300
        left
		graph 8 "inserts" "states/s" color 0 192 0 filled,
		graph 9 "removals" "states/s" color 0 0 255
        right
		graph 10 "searches" "states/s" color 255 0 0
}

collect 11 = queue "q_max" pass bytes diff
collect 12 = queue "q_hig" pass bytes diff
collect 13 = queue "q_def" pass bytes diff
collect 14 = queue "q_low" pass bytes diff

image "/usr/local/www/fw/pfstat-queues-day-small.jpg" {
	from 24 hours to now
	width 300 height 200
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

image "/usr/local/www/fw/pfstat-queues-day-large.jpg" {
	from 24 hours to now
	width 980 height 300
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

image "/usr/local/www/fw/pfstat-queues-week-small.jpg" {
	from 7 days to now
	width 300 height 200
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

image "/usr/local/www/fw/pfstat-queues-week-large.jpg" {
	from 7 days to now
	width 980 height 300
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

image "/usr/local/www/fw/pfstat-queues-month-small.jpg" {
	from 4 weeks to now
	width 300 height 200
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

image "/usr/local/www/fw/pfstat-queues-month-large.jpg" {
	from 4 weeks to now
	width 980 height 300
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

image "/usr/local/www/fw/pfstat-queues-year-small.jpg" {
	from 12 months to now
	width 300 height 200
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

image "/usr/local/www/fw/pfstat-queues-year-large.jpg" {
	from 12 months to now
	width 980 height 300
        left
		graph 11 bps "max" "bits/s" color 255 0 0,
		graph 12 bps "hig" "bits/s" color 192 192 0,
		graph 13 bps "def" "bits/s" color 0 192 0,
		graph 14 bps "low" "bits/s" color 0 0 255 
}

collect 15 = global counters match          diff
collect 16 = global counters bad-offset     diff
collect 17 = global counters fragment       diff
collect 18 = global counters short          diff
collect 19 = global counters normalize      diff
collect 20 = global counters memory         diff
collect 21 = global counters bad-timestamp  diff
collect 22 = global counters congestion     diff
collect 23 = global counters ip-option      diff
collect 24 = global counters proto-cksum    diff
collect 25 = global counters state-mismatch diff
collect 26 = global counters state-insert   diff
collect 27 = global counters state-limit    diff
collect 28 = global counters src-limit      diff
collect 29 = global counters synproxy       diff

image "/usr/local/www/fw/pfstat-errors-day-small.jpg" {
	from 24 hours to now
	width 300 height 200
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

image "/usr/local/www/fw/pfstat-errors-day-large.jpg" {
	from 24 hours to now
	width 980 height 300
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

image "/usr/local/www/fw/pfstat-errors-week-small.jpg" {
	from 7 days to now
	width 300 height 200
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

image "/usr/local/www/fw/pfstat-errors-week-large.jpg" {
	from 7 days to now
	width 980 height 300
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

image "/usr/local/www/fw/pfstat-errors-month-small.jpg" {
	from 4 weeks to now
	width 300 height 200
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

image "/usr/local/www/fw/pfstat-errors-month-large.jpg" {
	from 4 weeks to now
	width 980 height 300
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

image "/usr/local/www/fw/pfstat-errors-year-small.jpg" {
	from 12 months to now
	width 300 height 200
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

image "/usr/local/www/fw/pfstat-errors-year-large.jpg" {
	from 12 months to now
	width 980 height 300
        left
		graph 17 "frag" "/s" color 192 0 192,
		graph 22 "cong" "/s" color 0 192 192,
		graph 23 "iopt" "/s" color 0 0 255,
		graph 24 "csum" "/s" color 192 192 0,
		graph 25 "mism" "/s" color 255 0 0
	right
		graph 15 "match" "/s" color 0 192 0
}

Il faut avoir activé le logging sur l'interface graphée (ici msk0) dans /etc/pf.conf :

set loginterface msk0

Les graphes sont créées dans /usr/local/www/fw/ dans l'exemple ci-dessus :

mkdir /usr/local/www/fw

Ajouter une page web pour les visualiser dans un navigateur (/usr/local/www/fw/index.html) :

<html><head><title>Pf statistics</title></head>
	<body>

		<div>
			<h2>Day</h2>
			<p>
			<a href="pfstat-day-large.jpg"><img src="pfstat-day-small.jpg"/></a>
			<a href="pfstat-errors-day-large.jpg"><img src="pfstat-day-small.jpg"/></a>
			<a href="pfstat-packets-day-large.jpg"><img src="pfstat-day-small.jpg"/></a>
			<a href="pfstat-queues-day-large.jpg"><img src="pfstat-day-small.jpg"/></a>
			<a href="pfstat-states-day-large.jpg"><img src="pfstat-day-small.jpg"/></a>
			</p>
		</div>
		<p><br/></p>

		<div>
			<h2>Week</h2>
			<p>
			<a href="pfstat-week-large.jpg"><img src="pfstat-week-small.jpg"/></a>
			<a href="pfstat-errors-week-large.jpg"><img src="pfstat-week-small.jpg"/></a>
			<a href="pfstat-packets-week-large.jpg"><img src="pfstat-week-small.jpg"/></a>
			<a href="pfstat-queues-week-large.jpg"><img src="pfstat-week-small.jpg"/></a>
			<a href="pfstat-states-week-large.jpg"><img src="pfstat-week-small.jpg"/></a>
			</p>
		</div>
		<p><br/></p>

		<div>
			<h2>Month</h2>
			<p>
			<a href="pfstat-month-large.jpg"><img src="pfstat-month-small.jpg" title="All"/></a>
			<a href="pfstat-errors-month-large.jpg"><img src="pfstat-month-small.jpg" title="Errors"/></a>
			<a href="pfstat-packets-month-large.jpg"><img src="pfstat-month-small.jpg" title="Packets"/></a>
			<a href="pfstat-queues-month-large.jpg"><img src="pfstat-month-small.jpg" title="Queues"/></a>
			<a href="pfstat-states-month-large.jpg"><img src="pfstat-month-small.jpg" title="States"/></a>
			</p>
		</div>
		<p><br/></p>

		<div>
			<h2>Year</h2>
			<p>
			<a href="pfstat-year-large.jpg"><img src="pfstat-year-small.jpg"/></a>
			<a href="pfstat-errors-year-large.jpg"><img src="pfstat-year-small.jpg"/></a>
			<a href="pfstat-packets-year-large.jpg"><img src="pfstat-year-small.jpg"/></a>
			<a href="pfstat-queues-year-large.jpg"><img src="pfstat-year-small.jpg"/></a>
			<a href="pfstat-states-year-large.jpg"><img src="pfstat-year-small.jpg"/></a>
			</p>
		</div>
		<p><br/></p>
	</body>

</html>

Lancer pfstatd avec :

/usr/local/etc/rc.d/pfstatd start

Mettre en cron (crontab -e) :

#minute (0-59)
#|   hour (0-23)
#|   |    day of the month (1-31)
#|   |    |   month of the year (1-12)
#|   |    |   |   day of the week (0-6 with 0=Sun)
#|   |    |   |   |   commands
#|   |    |   |   |   |
*    *    *   *   *   /usr/local/bin/pfstat -q -d /var/db/pfstat.db
10   6-19 *   *   *   /usr/local/bin/pfstat -p -d /var/db/pfstat.db
25   3    *   *   *   /usr/local/bin/pfstat -t 30 -d /var/db/pfstat.db

Références pfstat : voir [1], [2] et [3].


Ce document a été publié le 2018-06-28 14:25:35. (Dernière mise à jour : 2020-09-02 15:36:17.)

Icon (Sujet) Sujets » Sécurité



This website uses 'cookies' to enhance user experience and provide authentification. You may change which cookies are set at any time by clicking on more info. Accept
x