Allow iptable entries with trailing text (#3060)
This commit is contained in:
parent
2cae419783
commit
25df7dcd8d
|
@ -95,7 +95,7 @@ const measurement = "iptables"
|
||||||
var errParse = errors.New("Cannot parse iptables list information")
|
var errParse = errors.New("Cannot parse iptables list information")
|
||||||
var chainNameRe = regexp.MustCompile(`^Chain\s+(\S+)`)
|
var chainNameRe = regexp.MustCompile(`^Chain\s+(\S+)`)
|
||||||
var fieldsHeaderRe = regexp.MustCompile(`^\s*pkts\s+bytes\s+`)
|
var fieldsHeaderRe = regexp.MustCompile(`^\s*pkts\s+bytes\s+`)
|
||||||
var valuesRe = regexp.MustCompile(`^\s*([0-9]+)\s+([0-9]+)\s+.*?(/\*\s(.*)\s\*/)?$`)
|
var commentRe = regexp.MustCompile(`\s*/\*\s*(.+?)\s*\*/\s*`)
|
||||||
|
|
||||||
func (ipt *Iptables) parseAndGather(data string, acc telegraf.Accumulator) error {
|
func (ipt *Iptables) parseAndGather(data string, acc telegraf.Accumulator) error {
|
||||||
lines := strings.Split(data, "\n")
|
lines := strings.Split(data, "\n")
|
||||||
|
@ -110,17 +110,34 @@ func (ipt *Iptables) parseAndGather(data string, acc telegraf.Accumulator) error
|
||||||
return errParse
|
return errParse
|
||||||
}
|
}
|
||||||
for _, line := range lines[2:] {
|
for _, line := range lines[2:] {
|
||||||
mv := valuesRe.FindAllStringSubmatch(line, -1)
|
tokens := strings.Fields(line)
|
||||||
// best effort : if line does not match or rule is not commented forget about it
|
if len(tokens) < 10 {
|
||||||
if len(mv) == 0 || len(mv[0]) != 5 || mv[0][4] == "" {
|
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
tags := map[string]string{"table": ipt.Table, "chain": mchain[1], "ruleid": mv[0][4]}
|
|
||||||
|
pkts := tokens[0]
|
||||||
|
bytes := tokens[1]
|
||||||
|
end := strings.Join(tokens[9:], " ")
|
||||||
|
|
||||||
|
matches := commentRe.FindStringSubmatch(end)
|
||||||
|
if matches == nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
|
||||||
|
comment := matches[1]
|
||||||
|
|
||||||
|
tags := map[string]string{"table": ipt.Table, "chain": mchain[1], "ruleid": comment}
|
||||||
fields := make(map[string]interface{})
|
fields := make(map[string]interface{})
|
||||||
// since parse error is already catched by the regexp,
|
|
||||||
// we never enter ther error case here => no error check (but still need a test to cover the case)
|
var err error
|
||||||
fields["pkts"], _ = strconv.ParseUint(mv[0][1], 10, 64)
|
fields["pkts"], err = strconv.ParseUint(pkts, 10, 64)
|
||||||
fields["bytes"], _ = strconv.ParseUint(mv[0][2], 10, 64)
|
if err != nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
|
fields["bytes"], err = strconv.ParseUint(bytes, 10, 64)
|
||||||
|
if err != nil {
|
||||||
|
continue
|
||||||
|
}
|
||||||
acc.AddFields(measurement, fields, tags)
|
acc.AddFields(measurement, fields, tags)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
|
|
@ -124,6 +124,36 @@ func TestIptables_Gather(t *testing.T) {
|
||||||
{map[string]interface{}{"pkts": uint64(57), "bytes": uint64(4520)}},
|
{map[string]interface{}{"pkts": uint64(57), "bytes": uint64(4520)}},
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
{ // 10 - allow trailing text
|
||||||
|
table: "mangle",
|
||||||
|
chains: []string{"SHAPER"},
|
||||||
|
values: []string{
|
||||||
|
`Chain SHAPER (policy ACCEPT 58 packets, 5096 bytes)
|
||||||
|
pkts bytes target prot opt in out source destination
|
||||||
|
0 0 ACCEPT all -- * * 1.3.5.7 0.0.0.0/0 /* test */
|
||||||
|
0 0 CLASSIFY all -- * * 1.3.5.7 0.0.0.0/0 /* test2 */ CLASSIFY set 1:4
|
||||||
|
`},
|
||||||
|
tags: []map[string]string{
|
||||||
|
map[string]string{"table": "mangle", "chain": "SHAPER", "ruleid": "test"},
|
||||||
|
map[string]string{"table": "mangle", "chain": "SHAPER", "ruleid": "test2"},
|
||||||
|
},
|
||||||
|
fields: [][]map[string]interface{}{
|
||||||
|
{map[string]interface{}{"pkts": uint64(0), "bytes": uint64(0)}},
|
||||||
|
{map[string]interface{}{"pkts": uint64(0), "bytes": uint64(0)}},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{ // 11 - invalid pkts/bytes
|
||||||
|
table: "mangle",
|
||||||
|
chains: []string{"SHAPER"},
|
||||||
|
values: []string{
|
||||||
|
`Chain SHAPER (policy ACCEPT 58 packets, 5096 bytes)
|
||||||
|
pkts bytes target prot opt in out source destination
|
||||||
|
a a ACCEPT all -- * * 1.3.5.7 0.0.0.0/0 /* test */
|
||||||
|
a a CLASSIFY all -- * * 1.3.5.7 0.0.0.0/0 /* test2 */ CLASSIFY set 1:4
|
||||||
|
`},
|
||||||
|
tags: []map[string]string{},
|
||||||
|
fields: [][]map[string]interface{}{},
|
||||||
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
for i, tt := range tests {
|
for i, tt := range tests {
|
||||||
|
|
Loading…
Reference in New Issue