m0n0wall + Soekris 4801 Graphing Information

Adding Traffic and Enviromental Statistics Graphing to a
m0n0wall + Soekris net4801

A powerful freebsd based firewall can be assembled using the m0n0wall embedded firewall package running on a Soekris net4801 board. Squires Engineering Inc. has run this combination in its own offices and decided to add a few graphs of traffic and enviromental data to the system. This page provides notes on how that task was achieved by SEI.

The method described below uses a fixed size "round robin" database of approximately 1MB. Other files used require an additional 2MB or so. The data collected is persisted across powerdowns by periodically (in the code below, once per hour) updating a copy of the database to CompactFlash storage. The data itself is collected once per minute.

These notes are released to the public domain. SEI does not support this software in any shape or form. Use at your own risk.

Screenshots

Network Traffic Data for Current Week. Individual graph per net4801 network interface. Data displayed for each interface: Average Bandwidth In and Out and Last Bandwidth In and Out.	Enviromental Data for Current Week. net4801 Temperature, Vcc, Vpower, and Load Average each get a graph displaying Minimum, Maximum, Average, and Last values.
(click image for fullscreen)	(click image for fullscreen)
Above graph retrieved using: http://monowall/stats.php?t=thisweek	Above graph retrieved using: http://monowall/statst.php?t=thisweek
Other time periods supported by name in the above URLs are: thishour (default), lasthour, today, yesterday, thisweek, lastweek, thismonth, lastmonth, thisyear, lastyear (example: http://monowall/statst.php?t=yesterday)

Graphs built using

The following existing m0n0wall files were modified to use the new functionality:

Filename

Modification Notes and diff output

/etc/rc

Add startup for cron and initialize net4801 enviromental monitor:

30a31
> /usr/local/bin/env4801 -i
39a41,43
>
> # start cron daemon
> /usr/sbin/cron

The following files were added to the standard m0n0wall pb27r630 release to provide graphing support:
(unless otherwise indicated by a link or source code, these files came from standard FreeBSD 4.9 distribution built with dynamic libraries)

Filename

Size (bytes)

Notes

/var/net4801.rrd

1059716

Fixed size round robin database. Created by cron job if not present. Periodically copied to /cf/net4801.rrd by cronjob for persistence.

/usr/sbin/cron

30280

binary for processing crontab

/usr/local/bin/rrdtool

12576

round robin database tool for creating database

/usr/local/bin/rrdupdate

10712

round robin database tool for updated database

/usr/local/bin/snmpget

5676

used to gather network statistics from network interfaces

/usr/local/lib/libnetsnmp.so.5

486689

required by snmpget

/usr/local/lib/librrd.so.0

644326

required by rrdtool, rrdupdate

/usr/local/share/snmp/mibs/*

0-1MB

copied over the MIB files, such as IF-MIB.txt so that snmpget can understand names such as IF-MIB::ifOutOctets.1 for processing.

/usr/bin/cut

6824

used to parse data gathering output

/usr/bin/head

5156

used to parse data gathering output

/usr/bin/tr

11984

used to parse data gathering output

/usr/lib/libdevstat.so.2

12104

required by snmpget

/usr/local/bin/env4801

8155

utility used to read net4801 temperature and voltages. Poul-Henning Kamp website for env4801.

/etc/crontab

218

used to schedule statistics collection, contents:

/usr/local/bin/gatherstats.sh

2411

used to create (if necessary RRD database), and collect and add new data to database:

#!/bin/sh # if database doesn't exist, make it...
if [ ! -r /var/net4801.rrd ]; then
# if we have a CF version, copy it over to start with
if [ -r /cf/net4801.rrd ]; then
cp /cf/net4801.rrd /var/net4801.rrd
# none on CF, start from scratch
else
/usr/local/bin/rrdtool create /var/net4801.rrd -s 60 --start N \
DS:in1:COUNTER:130:U:U \
DS:out1:COUNTER:130:U:U \
DS:in2:COUNTER:130:U:U \
DS:out2:COUNTER:130:U:U \
DS:in3:COUNTER:130:U:U \
DS:out3:COUNTER:130:U:U \
DS:in4:COUNTER:130:U:U \
DS:out4:COUNTER:130:U:U \
DS:in5:COUNTER:130:U:U \
DS:out5:COUNTER:130:U:U \
DS:in6:COUNTER:130:U:U \
DS:out6:COUNTER:130:U:U \
DS:in7:COUNTER:130:U:U \
DS:out7:COUNTER:130:U:U \
DS:temp:GAUGE:130:U:U \
DS:vcc:GAUGE:130:U:U \
DS:vpower:GAUGE:130:U:U \
DS:loadavg:GAUGE:130:U:U \
RRA:AVERAGE:0.5:1:600 \
RRA:AVERAGE:0.5:20:600 \
RRA:AVERAGE:0.5:100:600 \
RRA:AVERAGE:0.5:900:600 \
RRA:MAX:0.5:1:600 \
RRA:MAX:0.5:20:600 \
RRA:MAX:0.5:100:600 \
RRA:MAX:0.5:900:600 \
RRA:MIN:0.5:1:600 \
RRA:MIN:0.5:20:600 \
RRA:MIN:0.5:100:600 \
RRA:MIN:0.5:900:600
fi
fi
v1thru14=`/usr/local/bin/snmpget -v 1 -c public -Oqv localhost \
IF-MIB::ifInOctets.1 IF-MIB::ifOutOctets.1 \
IF-MIB::ifInOctets.2 IF-MIB::ifOutOctets.2 \
IF-MIB::ifInOctets.3 IF-MIB::ifOutOctets.3 \
IF-MIB::ifInOctets.4 IF-MIB::ifOutOctets.4 \
IF-MIB::ifInOctets.5 IF-MIB::ifOutOctets.5 \
IF-MIB::ifInOctets.6 IF-MIB::ifOutOctets.6 \
IF-MIB::ifInOctets.7 IF-MIB::ifOutOctets.7 | tr "\n" : `
#temp
v15=`/usr/local/bin/env4801 | head -3 | tail -1 | tr -s " " : | cut -f 4 -d":"`
#vcc
v16=`/usr/local/bin/env4801 | head -6 | tail -1 | tr -s " " : | cut -f 9 -d":"`
#vpower
v17=`/usr/local/bin/env4801 | head -7 | tail -1 | tr -s " " : | cut -f 9 -d":"`
#loadavg
v18=`uptime | cut -dv -f2 | cut -d" " -f2 | cut -d"," -f1`

/usr/local/bin/rrdtool update /var/net4801.rrd N:$v1thru14$v15:$v16:$v17:$v18

# every hour at half past copy our db back to the flash for long term keeping
mins=`date +%MM | tr M " "`
if [ $mins -eq 30 ]; then
/sbin/umount -f /cf
/sbin/mount -w -o noatime /cf
cp /var/net4801.rrd /cf
/sbin/umount -f /cf
/sbin/mount -r /cf
fi

/usr/local/www/stats.php

2240

Simple web page to display network interface stats. Calls graph.php to generate each graph.

#!/usr/local/bin/php
<HTML>
<head>
</head>
<body>
<img src=graph.php?if=1&t=<?php echo($_GET['t']); ?>> 
<img src=graph.php?if=2&t=<?php echo($_GET['t']); ?>> 
<img src=graph.php?if=3&t=<?php echo($_GET['t']); ?>> 
<img src=graph.php?if=4&t=<?php echo($_GET['t']); ?>> 
<img src=graph.php?if=5&t=<?php echo($_GET['t']); ?>> 
<img src=graph.php?if=6&t=<?php echo($_GET['t']); ?>> 
<img src=graph.php?if=7&t=<?php echo($_GET['t']); ?>> 
</body>
</HTML>

/usr/local/www/statst.php

2240

Simple web page to display enviromental stats. Calls grapht.php to generate each graph.

#!/usr/local/bin/php
<HTML>
<head>
</head>
<body>
<img src=grapht.php?n=temp&t=<?php echo($_GET['t']); ?>> 
<img src=grapht.php?n=vcc&t=<?php echo($_GET['t']); ?>> 
<img src=grapht.php?n=vpower&t=<?php echo($_GET['t']); ?>> 
<img src=grapht.php?n=loadavg&t=<?php echo($_GET['t']); ?>> 
</body>
</HTML>

/usr/local/www/graph.php

2240

PHP script to generate PNG image using rrdtool for given network interface and timeframe

#!/usr/local/bin/php
<?php
header("Content-Type: image/png");
if(!isset($_GET['if'])){
$if = "1";
}
else {
$if = $_GET['if'];
}
$name1 = "in" . $if;
$name2 = "out" . $if;
$title = "Interface $if Bandwidth";
$units = "KBytes/sec";
switch($_GET['t']){
case "today":
$starttimesecs = 0-(24*60*60);
$endtimesecs = 0-1;
$title= $title . " Current Day";
break;
default:
case "thishour":
$starttimesecs = 0-(60*60);
$endtimesecs = 0-1;
$title= $title . " Current Hour";
break;
case "lasthour":
$endtimesecs = 0-(60*60);
$starttimesecs = $endtimesecs - (60*60);
$title= $title . " Previous Hour";
break;
case "yesterday":
$endtimesecs = 0-(24*60*60);
$starttimesecs = $endtimesecs - (24*60*60);
$title= $title . " Previous Day";
break;
case "thisweek":
$starttimesecs = 0-(24*60*60*7);
$endtimesecs = 0-1;
$title = $title . " Current Week";
break;
case "lastweek":
$endtimesecs = 0-(24*60*60*7);
$starttimesecs = $endtimesecs - (24*60*60*7);
$title = $title . " Previous Week";
break;
case "thismonth":
$starttimesecs = 0-(24*60*60*30);
$endtimesecs = 0-1;
$title = $title . " Current Month";
break;
case "lastmonth":
$endtimesecs = 0-(24*60*60*30);
$starttimesecs = $endtimesecs - (24*60*60*30);
$title = $title . " Previous Month";
break;
case "thisyear":
$starttimesecs = 0-(24*60*60*365);
$endtimesecs = 0-1;
$title = $title . " Current Year";
break;
case "lastyear":
$endtimesecs = 0-(24*60*60*365);
$starttimesecs = $endtimesecs - (24*60*60*365);
$title = $title . " Previous Year";
break;
}
$arg = ("graph - -a PNG -h 125 -s $starttimesecs -e $endtimesecs "
. " -v \"$units\" "
. " -t \"$title\" "
. " DEF:V1=/var/net4801.rrd:$name1:AVERAGE "
. " DEF:V2=/var/net4801.rrd:$name2:MAX "
. " CDEF:kbin=V1,1024,/ "
. " CDEF:kbout=V2,1024,/ "
. " AREA:V1#00FF00:\"Bandwidth In\""
. " LINE1:V2#FF0000:\"Bandwidth Out\"\\\j"
. " GPRINT:kbin:LAST:\"Last Bandwidth In\: %3.2lf KBps\" "
. " GPRINT:kbout:LAST:\"Last Bandwidth Out\: %3.2lf KBps\"\\\j "
. " GPRINT:kbin:AVERAGE:\"Average Bandwidth In\: %3.2lf KBps\" "
. " GPRINT:kbout:AVERAGE:\"Average Bandwidth Out\: %3.2lf KBps\"\\\j");
passthru("/usr/local/bin/rrdtool $arg");
?>

/usr/local/www/grapht.php

2365

PHP script to generate PNG image using rrdtool for given enviromental data (temp, vcc, vpower, loadavg) and timeframe

#!/usr/local/bin/php
<?php
header("Content-Type: image/png");
switch($_GET['n']){
default:
case "temp":
$name = "temp";
$title = "Temperature";
$units = "Degrees C";
$abrv = "C";
break;
case "vcc":
$name = "vcc";
$title = "VCC";
$units = "Volts";
$abrv = "V";
break;
case "vpower":
$name = "vpower";
$title = "VPower";
$units = "Volts";
$abrv = "V";
break;
case "loadavg":
$name = "loadavg";
$title = "Load Average";
$units = "Units";
$abrv = " ";
break;
}
switch($_GET['t']){
case "today":
$starttimesecs = 0-(24*60*60);
$endtimesecs = 0-1;
$title= $title . " Current Day";
break;
default:
case "thishour":
$starttimesecs = 0-(60*60);
$endtimesecs = 0-1;
$title= $title . " Current Hour";
break;
case "lasthour":
$endtimesecs = 0-(60*60);
$starttimesecs = $endtimesecs - (60*60);
$title= $title . " Previous Hour";
break;
case "yesterday":
$endtimesecs = 0-(24*60*60);
$starttimesecs = $endtimesecs - (24*60*60);
$title= $title . " Previous Day";
break;
case "thisweek":
$starttimesecs = 0-(24*60*60*7);
$endtimesecs = 0-1;
$title = $title . " Current Week";
break;
case "lastweek":
$endtimesecs = 0-(24*60*60*7);
$starttimesecs = $endtimesecs - (24*60*60*7);
$title = $title . " Previous Week";
break;
case "thismonth":
$starttimesecs = 0-(24*60*60*30);
$endtimesecs = 0-1;
$title = $title . " Current Month";
break;
case "lastmonth":
$endtimesecs = 0-(24*60*60*30);
$starttimesecs = $endtimesecs - (24*60*60*30);
$title = $title . " Previous Month";
break;
case "thisyear":
$starttimesecs = 0-(24*60*60*365);
$endtimesecs = 0-1;
$title = $title . " Current Year";
break;
case "lastyear":
$endtimesecs = 0-(24*60*60*365);
$starttimesecs = $endtimesecs - (24*60*60*365);
$title = $title . " Previous Year";
break;
}
$arg = ("graph - -a PNG -h 125 -s $starttimesecs -e $endtimesecs "
. " -v \"$units\" "
. " -t \"$title\" "
. " DEF:V=/var/net4801.rrd:$name:AVERAGE "
. " DEF:maxV=/var/net4801.rrd:$name:MAX "
. " AREA:V#00FF00:\"Average\""
. " LINE1:maxV#FF0000:\"Maximum\"\\\j"
. " GPRINT:V:MIN:\"Min\: %3.2lf $abrv\" "
. " GPRINT:V:AVERAGE:\"Avg\: %3.2lf $abrv\" "
. " GPRINT:V:LAST:\"Last\: %3.2lf $abrv\" "
. " GPRINT:maxV:MAX:\"Max\: %3.2lf $abrv\"\\\j");
passthru("/usr/local/bin/rrdtool $arg");
?>