User:Wcsnet

From MikroTik Wiki
Revision as of 13:02, 29 April 2013 by Wcsnet (talk | contribs) (The idea behind the following few script are to log and report statistic usage of Firewall items.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Summary

The idea behind the following few script are to log and report statistic usage of Firewall items. The script set consist of 3 scripts. • Update statistic • Report Statistics • Reset Statistic

Update Statistics

The update script makes use of the comment fields to store items descriptions and statistics (Bytes Used) A example comment filed for IP Firewall Filter looks like:

add action=passthrough chain=input comment="statistics - input traffic*43525369" disabled=no add action=passthrough chain=output comment="statistics - output traffic*63367747" disabled=no add action=passthrough chain=forward comment="statistics - forward traffic*421026065" disabled=no

The character * is used as a delimiter for the description and data portion.

The update script will update the combined total of tx and rx bytes for any item in ip firewall filter which has a * in the comment filed. Please note the original comet should have *0 The statistic stored are in bytes.

The Update Script 


      :local content
      :local i

      :local bytestotal
      :local megstotal

      :local bytescurrent       
      :local megscurrent

      :local bytessaved
      :local megssaved
      
      :local ena
      
      :local pos1
      :local pos2
      
      :log info "******************** starting - firewall filter usage update********************"
      
      :foreach i  in=[ /ip firewall filter find] do={
      
             :set ena [/ip firewall filter get $i disabled]
             :set content [/ip firewall filter get $i comment]
      
             :if ($ena = false) do={
                           
                    :if ([:find $content "*"] != "") do={

                           :local pos1 [:find $content "*"]
                           :local pos2 [:len $content]

                           :set bytessaved ([:pick $content ($pos1+1) $pos2])
                           :set megssaved ($bytessaved  / 1048576)

                           :set bytescurrent [/ip firewall filter get $i bytes]
                           :set megscurrent ($bytescurrent / 1048576)
            
                           :set megstotal ($megscurrent + $megssaved)
                           :set bytestotal ($bytescurrent + $bytessaved)

                           :log info "-"
                                           
                                          
                            /ip firewall filter set $i comment="$[:pick $content 0 ($pos1)]*$bytestotal"
                            /ip firewall filter reset-counters $i
                     }                                                        
              }
      }
      
      :log info "******************** ending - firewall filter usage update ********************"

The report script.

The report script will look for items in the ip firewall filter which has a * in the comment field. The reported unit would be un MB. 


      :local content
      :local i
      :local sitename
      
      :local bytessaved
      :local megssaved

      :local logcontenttemp ""       
      :local logcontent ""          

      :set logcontenttemp "Good Day \n\r"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "This is an automated notification, please do not reply to this email"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "Please see below the usage stats for your ip firewall:"
      :set logcontent ("$logcontent

" ."$logcontenttemp" ."\n\r") 

      :set logcontenttemp "**************************************Firewall Filter*************************************"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :foreach i in=[/ip firewall filter  find comment !=""] do={
      
             :set content [/ip firewall filter get $i comment]
      
                    :if ([:find $content "*"] != "") do={

                           :local pos1 [:find $content "*"]
                           :local pos2 [:len $content]

                           :set sitename [:pick $content 0 ($pos1)]

                           :set bytessaved ([:pick $content ($pos1+1) $pos2])
                           :set megssaved ($bytessaved  / 1048576)       

                           :set logcontenttemp "$sitename"

                           :for x from=1 to=( 55 - [:len $logcontenttemp]) step=1 do={ 
                                  :set logcontenttemp ("$logcontenttemp" . " ")
                           }
                           
                           :set logcontenttemp ("$logcontenttemp" . " Used: " . "$megssaved" . "mb") 
                           :set logcontent ("$logcontent

" ."$logcontenttemp") 

             }
      }    

      :set logcontenttemp "\n\r" 
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp  "***************************************Firewall Nat**************************************"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :foreach i in=[/ip firewall nat find comment !=""] do={
      
             :set content [/ip firewall nat get $i comment]
      
             :if ([:find $content "*"] != "") do={

                    :local pos1 [:find $content "*"]
                    :local pos2 [:len $content]
      
                    :set sitename [:pick $content 0 ($pos1)]
      
                    :set bytessaved ([:pick $content ($pos1+1) $pos2])
                    :set megssaved ($bytessaved  / 1048576)

                    :set logcontenttemp "$sitename"

                           :for x from=1 to=( 55 - [:len $logcontenttemp]) step=1 do={ 
                                  :set logcontenttemp ("$logcontenttemp" . " ")
                           }
                           
                           :set logcontenttemp ("$logcontenttemp" . " Used: " . "$megssaved" . "mb") 
                           :set logcontent ("$logcontent

" ."$logcontenttemp") 

             }
      }    

      :set logcontenttemp "\n\r" 
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "************************************Firewall Mangle************************************"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :foreach i in=[/ip firewall mangle find comment !=""] do={
      
             :set content [/ip firewall mangle get $i comment]
      
             :if ([:find $content "*"] != "") do={

                    :local pos1 [:find $content "*"]
                    :local pos2 [:len $content]
      
                    :set sitename [:pick $content 0 ($pos1)]
      
                    :set bytessaved ([:pick $content ($pos1+1) $pos2])
                    :set megssaved ($bytessaved  / 1048576)       

                    :set logcontenttemp "$sitename"

                           :for x from=1 to=( 55 - [:len $logcontenttemp]) step=1 do={ 
                                  :set logcontenttemp ("$logcontenttemp" . " ")
                           }
                           
                           :set logcontenttemp ("$logcontenttemp" . " Used: " . "$megssaved" . "mb") 
                           :set logcontent ("$logcontent

" ."$logcontenttemp") 


             }
      }         

      :set logcontenttemp "\n\r" 
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "***************************************************************************************"                                         
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "KEY:"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "1 Megabyte (Mb) = 1000000 bytes (b)"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "1 Gigabyte (Gb) = 1000 Megabytes (Mb) \n\r"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "Should you have any queries, please contact your account manager"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "\n\r" 
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

      :set logcontenttemp "Kind Regrads"
      :set logcontent ("$logcontent

" ."$logcontenttemp") 

       /tool e-mail send to=someone@test.com  subject="$[/system identity get name] firewall usage report"  body="$logcontent" tls=yes

The Reset Script

The reset script will reset all counters back to a *0 


      :local i
      :local content
      
      :local ena
      
      :local pos1
      :local pos2
      
      :log info "******************** starting - firewall- filter usage reset********************"
      
      :foreach i  in=[ /ip firewall filter find] do={
      
             :set ena [/ip firewall filter get $i disabled]
             :set content [/ip firewall filter get $i comment]

             :if ($ena = false) do={

                    :if ([:find $content "*"] != "") do={                           

                           :local pos1 [:find $content "*"]
                           :local pos2 [:len $content]

                           /ip firewall filter set $i comment="$[:pick $content 0 ($pos1)]*0"
                           /ip firewall filter reset-counters $i

                    }
             }
      }
      
      :log info "******************** ending -  -firewall-filter usage reset ********************"


I have matching scripts for the following firewall items

Filter Nat Mangle

Please send me a email and I will send you the full script export

Werner.venter.mail@gmail.com

Retrieved from "https://wiki.mikrotik.com/index.php?title=User:Wcsnet&oldid=25278"