Github Mirror / telegraf-plugins: 83116151

verified

Collect stats on exit policies (utilities/telegraf-plugins#4)

Collect stats on exit policies (utilities/telegraf-plugins#4)

This collects aggregate statistics on the number of policies, what they relate to and what action they specify

Commit 83116151.

Authored 2022-05-14T12:22:28.000+01:00 by B Tasker in project Github Mirror / telegraf-plugins

+143 lines -0 lines

Commit Signature

Changes

diff --git a/tor-daemon/README.md b/tor-daemon/README.md
--- a/tor-daemon/README.md
+++ b/tor-daemon/README.md
# @@ -94,6 +94,26 @@ The plugin creates the following tags
# - `tor_version`: current tor version string
# - `uptime`: seconds since last daemon restart
#
# +For relays/exit nodes:
# +
# +- `ipv4_exit_policy_num_total`: Total number of exit policies
# +- `ipv4_exit_policy_num_accept`: Total number of accept exit policies
# +- `ipv4_exit_policy_num_reject`: Total number of reject exit policies
# +- `ipv4_exit_policy_num_wildcard`: Total number of policies that use a `*` for host
# +- `ipv4_exit_policy_num_specific`: Total number of exit policies that refer to a specific host
# +- `ipv4_exit_policy_num_unique_hosts`: Number of unique hosts in exit policies
# +- `ipv4_exit_policy_num_unique_ports`: Number of unique ports in exit policies
# +- `ipv4_exit_policy_num_wildcard_port`: Number of policies with wildcarded ports
# +- `ipv4_exit_policy_num_specific_port`: Number of policies mentioning specific port
# +- `ipv6_exit_policy_num_total`: Total number of exit policies
# +- `ipv6_exit_policy_num_accept`: Total number of accept exit policies
# +- `ipv6_exit_policy_num_reject`: Total number of reject exit policies
# +- `ipv6_exit_policy_num_wildcard`: Total number of policies that use a `*` for host
# +- `ipv6_exit_policy_num_specific`: Total number of exit policies that refer to a specific host
# +- `ipv6_exit_policy_num_unique_hosts`: Number of unique hosts in exit policies
# +- `ipv6_exit_policy_num_unique_ports`: Number of unique ports in exit policies
# +- `ipv6_exit_policy_num_wildcard_port`: Number of policies with wildcarded ports
# +- `ipv6_exit_policy_num_specific_port`: Number of policies mentioning specific port
#
#
# ----
#
diff --git a/tor-daemon/tor-daemon.py b/tor-daemon/tor-daemon.py
--- a/tor-daemon/tor-daemon.py
+++ b/tor-daemon/tor-daemon.py
# @@ -84,7 +84,125 @@ def get_guard_counts(s):
# counters["total"] += 1
#
# return counters
# +
# +
# +def get_exit_policy_stats(s):
# + ''' Get exit policies (if set) and generate stats based on them
# +
# + Returns a list of statistics
# +
# + utilities/telegraf-plugins#4
# + '''
# +
# + stats = []
# + is_relay = {
# + "name" : "server_mode_enabled",
# + "type" : "string",
# + "value" : "1",
# + "fieldtype" : "tag"
# + }
# +
# + # Fetch the ipv4 policy
# + res = send_and_respond(s, "GETINFO exit-policy/ipv4")
# + if len(res) < 1 or not res[0].startswith("250-"):
# + # We're not a relay
# + is_relay["value"] = "0"
# + stats.append(is_relay)
# + return stats
# +
# +
# + # We have exit policies of some form
# + stats.append(is_relay)
# +
# + val = res[0].split("=")[1]
# + ipv4_stats = process_exit_policy(val)
# +
# + for stat in ipv4_stats:
# + p = {
# + "name" : "ipv4_exit_policy_num_" + stat,
# + "type" : "int",
# + "value" : ipv4_stats[stat],
# + "fieldtype" : "field"
# + }
# + stats.append(p)
# +
# + # Now do the same for ipv6 policies
# + res = send_and_respond(s, "GETINFO exit-policy/ipv6")
# + if len(res) < 1 or not res[0].startswith("250-"):
# + # can't proceed, so return what we've got
# + return stats
# +
# + val = res[0].split("=")[1]
# + ipv6_stats = process_exit_policy(val)
# + for stat in ipv6_stats:
# + p = {
# + "name" : "ipv6_exit_policy_num_" + stat,
# + "type" : "int",
# + "value" : ipv6_stats[stat],
# + "fieldtype" : "field"
# + }
# + stats.append(p)
#
# + return stats
# +
# +
# +def process_exit_policy(policy_line):
# + ''' Take a policy response line and derive stats from it
# +
# + Returns a counters dict
# +
# + utilities/telegraf-plugins#4
# + '''
# +
# + # The policies are comma delimited
# + policies = policy_line.split(",")
# + counters = {
# + "total" : len(policies),
# + "accept" : 0,
# + "reject" : 0,
# + "wildcard" : 0,
# + "specific" : 0,
# + "unique_hosts" : 0,
# + "unique_ports" : 0,
# + "wildcard_port" : 0,
# + "specific_port" : 0
# + }
# +
# + hosts = []
# + ports = []
# +
# + # iterate over the policies and update counters
# + for policy in policies:
# + parts = policy.split(" ")
# + if parts[0].startswith("accept"):
# + counters["accept"] += 1
# + else:
# + counters["reject"] += 1
# +
# + if parts[1].startswith("*"):
# + counters["wildcard"] += 1
# + elif parts[1].startswith("1") or parts[1].startswith("2"):
# + counters["specific"] += 1
# +
# + # ipv6 complicates this a touch
# + ip = ":".join(parts[1].split(":")[0:-1])
# + hosts.append(ip)
# +
# + port = parts[1].split(":")[-1]
# + ports.append(port)
# +
# + if port == "*":
# + counters['wildcard_port'] += 1
# + else:
# + counters['specific_port'] += 1
# +
# + # Calculate the unique counts
# + counters["unique_hosts"] = len(set(hosts))
# + counters["unique_ports"] = len(set(ports))
# +
# + return counters
# +
# +
# def get_accounting_info(s):
#
# byte_fields = [
# @@ -324,5 +442,10 @@ state["counters"].append(["guards", get_guard_counts(s)])
# for v in get_accounting_info(s):
# state["stats"].append(v)
#
# +
# +# Get exit policy info
# +for v in get_exit_policy_stats(s):
# + state["stats"].append(v)
# +
# #print(state)
# print(build_lp(MEASUREMENT, state))
#