2 |
|
|
3 |
# based on work of Eric Wong <eric@taedium.net> |
# based on work of Eric Wong <eric@taedium.net> |
4 |
# available at http://www.taedium.net/rrd-iptraf/ [iptraf.txt] |
# available at http://www.taedium.net/rrd-iptraf/ [iptraf.txt] |
5 |
|
# |
6 |
|
# Dobrica Pavlinusic <dpavlin@rot13.org> |
7 |
|
# http://www.rot13.org/~dpavlin/sysadm.html |
8 |
|
# |
9 |
|
# Usage: parse_iptraf.pl [name of iptraf logfile] |
10 |
|
|
11 |
use strict; |
use strict; |
12 |
use warnings; |
use warnings; |
13 |
|
|
|
use Time::Local; |
|
|
|
|
14 |
my @PORTS = qw ( |
my @PORTS = qw ( |
15 |
TCP/22 TCP/25 TCP/20 TCP/21 UDP/53 |
TCP/22 TCP/25 TCP/20 TCP/21 UDP/53 |
16 |
TCP/80 TCP/110 TCP/113 TCP/119 UDP/137 UDP/138 |
TCP/80 TCP/110 TCP/113 TCP/119 UDP/137 UDP/138 |
17 |
TCP/210 TCP/443 UDP/514 ); |
TCP/210 TCP/443 UDP/514 ); |
18 |
|
|
19 |
my $log = '/var/log/iptraf/tcp_udp_services-eth1.log'; |
my $log = '/var/log/iptraf/tcp_udp_services-eth1.log'; |
20 |
|
#my $log = '/home/dpavlin/iptraf/tcp_udp_services-eth1.log'; |
21 |
|
|
22 |
|
$log = $ARGV[0] if ($ARGV[0] && -r $ARGV[0]); |
23 |
|
|
24 |
open(LOG,$log) || die "Can't open logfile '$log': $!"; |
open(LOG,$log) || die "Can't open logfile '$log': $!"; |
25 |
|
|
26 |
|
my $delta="/var/tmp/"; |
27 |
|
my $tmp_log=$log; |
28 |
|
$tmp_log=~s/\W/_/g; |
29 |
|
$delta.=$tmp_log.".offset"; |
30 |
|
|
31 |
|
if (-e $delta) { |
32 |
|
open(D,$delta) || die "can't open delta file '$delta' for log '$log': $!"; |
33 |
|
my $offset=<D>; |
34 |
|
chomp $offset; |
35 |
|
close(D); |
36 |
|
my $log_size = -s $log; |
37 |
|
if ($offset <= $log_size) { |
38 |
|
seek(LOG,$offset,0); |
39 |
|
} |
40 |
|
} |
41 |
|
|
42 |
my %hash; |
my %hash; |
43 |
|
|
44 |
while (<LOG>) { |
while (<LOG>) { |
55 |
} |
} |
56 |
} |
} |
57 |
|
|
58 |
|
open(D,"> $delta") || die "can't open delta file '$delta' for log '$log': $!"; |
59 |
|
print D tell(LOG); |
60 |
|
close(D); |
61 |
|
|
62 |
close(LOG); |
close(LOG); |
63 |
|
|
64 |
foreach my $port (@PORTS) { |
foreach my $port (@PORTS) { |
65 |
print @{$hash{$port}}[0] || 0,"\n",@{$hash{$port}}[1] || 0,"\n"; |
print @{$hash{$port}}[0] || "U","\n",@{$hash{$port}}[1] || "U","\n"; |
66 |
|
delete $hash{$port}; |
67 |
} |
} |
68 |
|
|
69 |
|
my ($sum_in,$sum_out) = (0,0); |
70 |
|
|
71 |
|
foreach my $port (keys %hash) { |
72 |
|
$sum_in+=@{$hash{$port}}[0]; |
73 |
|
$sum_out+=@{$hash{$port}}[1]; |
74 |
|
} |
75 |
|
|
76 |
|
$sum_in = "U" if ($sum_in == 0); |
77 |
|
$sum_out = "U" if ($sum_out == 0); |
78 |
|
print "$sum_in\n$sum_out\n"; |