LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
Reload this Page Bash-scripting for iptables/munin
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices


Reply
  Search this Thread
Old 10-07-2009, 12:12 PM   #1
XCayenne
LQ Newbie
 
Registered: Mar 2009
Posts: 7

Rep: Reputation: 0
Bash-scripting for iptables/munin

Hi,
I am trying to write this munin script to log all the accepted TCP/UDP/ICMP packets that are comming trough my iptable firewall.I then need a bash-script that will collect the packets that are comming trough the firewall.

The IPtable output could briefly looks like this:
Quote:
Chain INPUT:
pktg bytes target prot
3 254 accept tcp
What I need is a script that fetches i.e. accepted tcp connections, where the packet state is 1<=. I need a way to "look" at the pktg-colum to determind if the value is at least 1.

This is what i got for now:
Quote:
#!/bin/bash

if [ "$1" = "config" ]; then

echo munin-graph info.......................
echo munin-graph info.......................
echo munin-graph info.......................


exit 0;
fi


echo -n "tcp.value ";iptables -vxL | grep tcp | grep ACCEPT | awk '{print $1}'
echo -n "udp.value ";iptables -vxL | grep udp | grep ACCEPT | awk '{print $1}'
echo -n "icmp.value ";iptables -vxL | grep icmp | grep ACCEPT | awk '{print $1}'
echo -n "total.value ";iptables -vxL | grep ACCEPT | awk '{print $1}'
Last edited by XCayenne; 10-07-2009 at 12:44 PM.
 
Old 10-09-2009, 06:03 AM   #2
carltm
Member
 
Registered: Jan 2007
Location: Canton, MI
Distribution: CentOS, SuSE, Red Hat, Debian, etc.
Posts: 703

Rep: Reputation: 99
Quote:
Originally Posted by XCayenne View Post
What I need is a script that fetches i.e. accepted tcp connections, where the packet state is 1<=. I need a way to "look" at the pktg-colum to determind if the value is at least 1.
I'm not sure what you mean by "the packet state is 1<=."
It seems to me that you'd want to know the current value
whether it is 0 or not.

Incidentally, here is an easier/quicker way to get a line of output
for your script.

Quote:
echo tcp.value `iptables -vxL | grep 'ACCEPT.*tcp' | cut -c1-8`
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Reading a bash variable in bash scripting problem freeindy Programming 3 11-27-2008 02:29 AM
iptables scripting help.. HopelessLinuxNewbie Linux - Networking 11 07-25-2005 10:40 PM
BASH Scripting akilles Linux - Newbie 5 11-10-2004 07:26 PM
Bash Scripting Darklight451 Programming 1 10-07-2004 01:48 AM
Bash scripting JonCooperUK Programming 3 03-04-2004 08:55 PM

LinuxQuestions.org > Forums > Non-*NIX Forums > Programming

All times are GMT -5. The time now is 07:47 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration