Firewall Usage

From MikroTik Wiki
Revision as of 10:36, 7 May 2013 by SergejsB (talk | contribs) (Fix document)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Summary

The idea behind the following few script are to log and report statistic usage of Firewall items. The script set consist of 3 scripts. • Update statistic • Report Statistics • Reset Statistic


Update Statistics

The update script makes use of the comment fields to store items descriptions and statistics (Bytes Used) A example comment filed for IP Firewall Filter looks like: 

  

add action=passthrough chain=input comment="statistics - input traffic*43525369" disabled=no
add action=passthrough chain=output comment="statistics - output traffic*63367747" disabled=no
add action=passthrough chain=forward comment="statistics - forward traffic*421026065" disabled=no

The character * is used as a delimiter for the description and data portion.

The update script will update the combined total of tx and rx bytes for any item in ip firewall filter which has a * in the comment filed. Please note the original comet should have *0 The statistic stored are in bytes.


The Update Script

  


      :local content
       :local i

       :local bytestotal
       :local megstotal

       :local bytescurrent       
       :local megscurrent

       :local bytessaved
       :local megssaved
       
       :local ena
       
       :local pos1
       :local pos2
       
       :log info "******************** starting - firewall filter usage update********************"
       
       :foreach i  in=[ /ip firewall filter find] do={
       
              :set ena [/ip firewall filter get $i disabled]
              :set content [/ip firewall filter get $i comment]
       
              :if ($ena = false) do={
                            
                     :if ([:find $content "*"] != "") do={

                            :local pos1 [:find $content "*"]
                            :local pos2 [:len $content]

                            :set bytessaved ([:pick $content ($pos1+1) $pos2])
                            :set megssaved ($bytessaved  / 1048576)

                            :set bytescurrent [/ip firewall filter get $i bytes]
                            :set megscurrent ($bytescurrent / 1048576)
             
                            :set megstotal ($megscurrent + $megssaved)
                            :set bytestotal ($bytescurrent + $bytessaved)

                            :log info "-"
                                            
                                           
                             /ip firewall filter set $i comment="$[:pick $content 0 ($pos1)]*$bytestotal"
                             /ip firewall filter reset-counters $i
                      }                                                        
               }
       }
       
       :log info "******************** ending - firewall filter usage update ********************"


The report script.

The report script will look for items in the ip firewall filter which has a * in the comment field. The reported unit would be un MB. 

 
       

       :local content
       :local i
       :local sitename
       
       :local bytessaved
       :local megssaved

       :local logcontenttemp ""       
       :local logcontent ""          

       :set logcontenttemp "Good Day \n\r"
       :set logcontent ("$logcontent
" ."$logcontenttemp")
       
       :set logcontenttemp "This is an automated notification, please do not reply to this email"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :set logcontenttemp "Please see below the usage stats for your ip firewall:"
       :set logcontent ("$logcontent
" ."$logcontenttemp" ."\n\r")
                     
       :set logcontenttemp "**************************************Firewall Filter*************************************"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :foreach i in=[/ip firewall filter  find comment !=""] do={
       
              :set content [/ip firewall filter get $i comment]
       
                     :if ([:find $content "*"] != "") do={

                            :local pos1 [:find $content "*"]
                            :local pos2 [:len $content]

                            :set sitename [:pick $content 0 ($pos1)]

                            :set bytessaved ([:pick $content ($pos1+1) $pos2])
                            :set megssaved ($bytessaved  / 1048576)       

                            :set logcontenttemp "$sitename"

                            :for x from=1 to=( 55 - [:len $logcontenttemp]) step=1 do={ 
                                   :set logcontenttemp ("$logcontenttemp" . " ")
                            }
                            
                            :set logcontenttemp ("$logcontenttemp" . " Used: " . "$megssaved" . "mb") 
                            :set logcontent ("$logcontent
" ."$logcontenttemp")         
            
              }
       }    

       :set logcontenttemp "\n\r" 
       :set logcontent ("$logcontent
" ."$logcontenttemp")          
                 
       :set logcontenttemp  "***************************************Firewall Nat**************************************"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :foreach i in=[/ip firewall nat find comment !=""] do={
       
              :set content [/ip firewall nat get $i comment]
       
              :if ([:find $content "*"] != "") do={

                     :local pos1 [:find $content "*"]
                     :local pos2 [:len $content]
       
                     :set sitename [:pick $content 0 ($pos1)]
       
                     :set bytessaved ([:pick $content ($pos1+1) $pos2])
                     :set megssaved ($bytessaved  / 1048576)

                     :set logcontenttemp "$sitename"

                            :for x from=1 to=( 55 - [:len $logcontenttemp]) step=1 do={ 
                                   :set logcontenttemp ("$logcontenttemp" . " ")
                            }
                            
                            :set logcontenttemp ("$logcontenttemp" . " Used: " . "$megssaved" . "mb") 
                            :set logcontent ("$logcontent
" ."$logcontenttemp")       

              }
       }    

       :set logcontenttemp "\n\r" 
       :set logcontent ("$logcontent
" ."$logcontenttemp")         

       :set logcontenttemp "************************************Firewall Mangle************************************"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :foreach i in=[/ip firewall mangle find comment !=""] do={
       
              :set content [/ip firewall mangle get $i comment]
       
              :if ([:find $content "*"] != "") do={

                     :local pos1 [:find $content "*"]
                     :local pos2 [:len $content]
       
                     :set sitename [:pick $content 0 ($pos1)]
       
                     :set bytessaved ([:pick $content ($pos1+1) $pos2])
                     :set megssaved ($bytessaved  / 1048576)       

                     :set logcontenttemp "$sitename"

                            :for x from=1 to=( 55 - [:len $logcontenttemp]) step=1 do={ 
                                   :set logcontenttemp ("$logcontenttemp" . " ")
                            }
                            
                            :set logcontenttemp ("$logcontenttemp" . " Used: " . "$megssaved" . "mb") 
                            :set logcontent ("$logcontent
" ."$logcontenttemp")       

            
              }
       }         

       :set logcontenttemp "\n\r" 
       :set logcontent ("$logcontent
" ."$logcontenttemp")         

       :set logcontenttemp "***************************************************************************************"                                         
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :set logcontenttemp "KEY:"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :set logcontenttemp "1 Megabyte (Mb) = 1000000 bytes (b)"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :set logcontenttemp "1 Gigabyte (Gb) = 1000 Megabytes (Mb) \n\r"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :set logcontenttemp "Should you have any queries, please contact your account manager"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

       :set logcontenttemp "\n\r" 
       :set logcontent ("$logcontent
" ."$logcontenttemp")         

       :set logcontenttemp "Kind Regrads"
       :set logcontent ("$logcontent
" ."$logcontenttemp")

        /tool e-mail send to=someone@test.com  subject="$[/system identity get name] firewall usage report"  body="$logcontent" tls=yes

The Reset Script

The reset script will reset all counters back to a *0 

 
       

       :local i
       :local content
       
       :local ena
       
       :local pos1
       :local pos2
       
       :log info "******************** starting - firewall- filter usage reset********************"
       
       :foreach i  in=[ /ip firewall filter find] do={
       
              :set ena [/ip firewall filter get $i disabled]
              :set content [/ip firewall filter get $i comment]

              :if ($ena = false) do={

                     :if ([:find $content "*"] != "") do={                           

                            :local pos1 [:find $content "*"]
                            :local pos2 [:len $content]

                            /ip firewall filter set $i comment="$[:pick $content 0 ($pos1)]*0"
                            /ip firewall filter reset-counters $i

                     }
              }
       }
       
       :log info "********************ending -  -firewall-filter usage reset ********************"
Retrieved from "https://wiki.mikrotik.com/index.php?title=Firewall_Usage&oldid=25320"