Allow iptable entries with trailing text (#3060)

This commit is contained in:
Daniel Nelson 2017-07-27 15:21:06 -07:00 committed by GitHub
parent 2cae419783
commit 25df7dcd8d
2 changed files with 56 additions and 9 deletions

View File

@ -95,7 +95,7 @@ const measurement = "iptables"
var errParse = errors.New("Cannot parse iptables list information") var errParse = errors.New("Cannot parse iptables list information")
var chainNameRe = regexp.MustCompile(`^Chain\s+(\S+)`) var chainNameRe = regexp.MustCompile(`^Chain\s+(\S+)`)
var fieldsHeaderRe = regexp.MustCompile(`^\s*pkts\s+bytes\s+`) var fieldsHeaderRe = regexp.MustCompile(`^\s*pkts\s+bytes\s+`)
var valuesRe = regexp.MustCompile(`^\s*([0-9]+)\s+([0-9]+)\s+.*?(/\*\s(.*)\s\*/)?$`) var commentRe = regexp.MustCompile(`\s*/\*\s*(.+?)\s*\*/\s*`)
func (ipt *Iptables) parseAndGather(data string, acc telegraf.Accumulator) error { func (ipt *Iptables) parseAndGather(data string, acc telegraf.Accumulator) error {
lines := strings.Split(data, "\n") lines := strings.Split(data, "\n")
@ -110,17 +110,34 @@ func (ipt *Iptables) parseAndGather(data string, acc telegraf.Accumulator) error
return errParse return errParse
} }
for _, line := range lines[2:] { for _, line := range lines[2:] {
mv := valuesRe.FindAllStringSubmatch(line, -1) tokens := strings.Fields(line)
// best effort : if line does not match or rule is not commented forget about it if len(tokens) < 10 {
if len(mv) == 0 || len(mv[0]) != 5 || mv[0][4] == "" {
continue continue
} }
tags := map[string]string{"table": ipt.Table, "chain": mchain[1], "ruleid": mv[0][4]}
pkts := tokens[0]
bytes := tokens[1]
end := strings.Join(tokens[9:], " ")
matches := commentRe.FindStringSubmatch(end)
if matches == nil {
continue
}
comment := matches[1]
tags := map[string]string{"table": ipt.Table, "chain": mchain[1], "ruleid": comment}
fields := make(map[string]interface{}) fields := make(map[string]interface{})
// since parse error is already catched by the regexp,
// we never enter ther error case here => no error check (but still need a test to cover the case) var err error
fields["pkts"], _ = strconv.ParseUint(mv[0][1], 10, 64) fields["pkts"], err = strconv.ParseUint(pkts, 10, 64)
fields["bytes"], _ = strconv.ParseUint(mv[0][2], 10, 64) if err != nil {
continue
}
fields["bytes"], err = strconv.ParseUint(bytes, 10, 64)
if err != nil {
continue
}
acc.AddFields(measurement, fields, tags) acc.AddFields(measurement, fields, tags)
} }
return nil return nil

View File

@ -124,6 +124,36 @@ func TestIptables_Gather(t *testing.T) {
{map[string]interface{}{"pkts": uint64(57), "bytes": uint64(4520)}}, {map[string]interface{}{"pkts": uint64(57), "bytes": uint64(4520)}},
}, },
}, },
{ // 10 - allow trailing text
table: "mangle",
chains: []string{"SHAPER"},
values: []string{
`Chain SHAPER (policy ACCEPT 58 packets, 5096 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 1.3.5.7 0.0.0.0/0 /* test */
0 0 CLASSIFY all -- * * 1.3.5.7 0.0.0.0/0 /* test2 */ CLASSIFY set 1:4
`},
tags: []map[string]string{
map[string]string{"table": "mangle", "chain": "SHAPER", "ruleid": "test"},
map[string]string{"table": "mangle", "chain": "SHAPER", "ruleid": "test2"},
},
fields: [][]map[string]interface{}{
{map[string]interface{}{"pkts": uint64(0), "bytes": uint64(0)}},
{map[string]interface{}{"pkts": uint64(0), "bytes": uint64(0)}},
},
},
{ // 11 - invalid pkts/bytes
table: "mangle",
chains: []string{"SHAPER"},
values: []string{
`Chain SHAPER (policy ACCEPT 58 packets, 5096 bytes)
pkts bytes target prot opt in out source destination
a a ACCEPT all -- * * 1.3.5.7 0.0.0.0/0 /* test */
a a CLASSIFY all -- * * 1.3.5.7 0.0.0.0/0 /* test2 */ CLASSIFY set 1:4
`},
tags: []map[string]string{},
fields: [][]map[string]interface{}{},
},
} }
for i, tt := range tests { for i, tt := range tests {