178 lines
6.5 KiB
Python
178 lines
6.5 KiB
Python
# -*- coding: utf-8 -*-
|
|
# Description: freeradius netdata python.d module
|
|
# Author: l2isbad
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
|
|
import re
|
|
from subprocess import Popen, PIPE
|
|
|
|
from bases.collection import find_binary
|
|
from bases.FrameworkServices.SimpleService import SimpleService
|
|
|
|
update_every = 15
|
|
|
|
PARSER = re.compile(r'((?<=-)[AP][a-zA-Z-]+) = (\d+)')
|
|
|
|
RADIUS_MSG = 'Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 15, Response-Packet-Type = Access-Accept'
|
|
|
|
RADCLIENT_RETRIES = 1
|
|
RADCLIENT_TIMEOUT = 1
|
|
|
|
DEFAULT_HOST = 'localhost'
|
|
DEFAULT_PORT = 18121
|
|
DEFAULT_DO_ACCT = False
|
|
DEFAULT_DO_PROXY_AUTH = False
|
|
DEFAULT_DO_PROXY_ACCT = False
|
|
|
|
ORDER = [
|
|
'authentication',
|
|
'accounting',
|
|
'proxy-auth',
|
|
'proxy-acct',
|
|
]
|
|
|
|
CHARTS = {
|
|
'authentication': {
|
|
'options': [None, 'Authentication', 'packets/s', 'authentication', 'freerad.auth', 'line'],
|
|
'lines': [
|
|
['access-accepts', None, 'incremental'],
|
|
['access-rejects', None, 'incremental'],
|
|
['auth-dropped-requests', 'dropped-requests', 'incremental'],
|
|
['auth-duplicate-requests', 'duplicate-requests', 'incremental'],
|
|
['auth-invalid-requests', 'invalid-requests', 'incremental'],
|
|
['auth-malformed-requests', 'malformed-requests', 'incremental'],
|
|
['auth-unknown-types', 'unknown-types', 'incremental']
|
|
]
|
|
},
|
|
'accounting': {
|
|
'options': [None, 'Accounting', 'packets/s', 'accounting', 'freerad.acct', 'line'],
|
|
'lines': [
|
|
['accounting-requests', 'requests', 'incremental'],
|
|
['accounting-responses', 'responses', 'incremental'],
|
|
['acct-dropped-requests', 'dropped-requests', 'incremental'],
|
|
['acct-duplicate-requests', 'duplicate-requests', 'incremental'],
|
|
['acct-invalid-requests', 'invalid-requests', 'incremental'],
|
|
['acct-malformed-requests', 'malformed-requests', 'incremental'],
|
|
['acct-unknown-types', 'unknown-types', 'incremental']
|
|
]
|
|
},
|
|
'proxy-auth': {
|
|
'options': [None, 'Proxy Authentication', 'packets/s', 'authentication', 'freerad.proxy.auth', 'line'],
|
|
'lines': [
|
|
['proxy-access-accepts', 'access-accepts', 'incremental'],
|
|
['proxy-access-rejects', 'access-rejects', 'incremental'],
|
|
['proxy-auth-dropped-requests', 'dropped-requests', 'incremental'],
|
|
['proxy-auth-duplicate-requests', 'duplicate-requests', 'incremental'],
|
|
['proxy-auth-invalid-requests', 'invalid-requests', 'incremental'],
|
|
['proxy-auth-malformed-requests', 'malformed-requests', 'incremental'],
|
|
['proxy-auth-unknown-types', 'unknown-types', 'incremental']
|
|
]
|
|
},
|
|
'proxy-acct': {
|
|
'options': [None, 'Proxy Accounting', 'packets/s', 'accounting', 'freerad.proxy.acct', 'line'],
|
|
'lines': [
|
|
['proxy-accounting-requests', 'requests', 'incremental'],
|
|
['proxy-accounting-responses', 'responses', 'incremental'],
|
|
['proxy-acct-dropped-requests', 'dropped-requests', 'incremental'],
|
|
['proxy-acct-duplicate-requests', 'duplicate-requests', 'incremental'],
|
|
['proxy-acct-invalid-requests', 'invalid-requests', 'incremental'],
|
|
['proxy-acct-malformed-requests', 'malformed-requests', 'incremental'],
|
|
['proxy-acct-unknown-types', 'unknown-types', 'incremental']
|
|
]
|
|
}
|
|
}
|
|
|
|
|
|
def radclient_status(radclient, retries, timeout, host, port, secret):
|
|
# radclient -r 1 -t 1 -x 127.0.0.1:18121 status secret
|
|
|
|
return '{radclient} -r {num_retries} -t {timeout} -x {host}:{port} status {secret}'.format(
|
|
radclient=radclient,
|
|
num_retries=retries,
|
|
timeout=timeout,
|
|
host=host,
|
|
port=port,
|
|
secret=secret,
|
|
).split()
|
|
|
|
|
|
class Service(SimpleService):
|
|
def __init__(self, configuration=None, name=None):
|
|
SimpleService.__init__(self, configuration=configuration, name=name)
|
|
self.order = ORDER
|
|
self.definitions = CHARTS
|
|
self.host = self.configuration.get('host', DEFAULT_HOST)
|
|
self.port = self.configuration.get('port', DEFAULT_PORT)
|
|
self.secret = self.configuration.get('secret')
|
|
self.do_acct = self.configuration.get('acct', DEFAULT_DO_ACCT)
|
|
self.do_proxy_auth = self.configuration.get('proxy_auth', DEFAULT_DO_PROXY_AUTH)
|
|
self.do_proxy_acct = self.configuration.get('proxy_acct', DEFAULT_DO_PROXY_ACCT)
|
|
self.echo = find_binary('echo')
|
|
self.radclient = find_binary('radclient')
|
|
self.sub_echo = [self.echo, RADIUS_MSG]
|
|
self.sub_radclient = radclient_status(
|
|
self.radclient, RADCLIENT_RETRIES, RADCLIENT_TIMEOUT, self.host, self.port, self.secret,
|
|
)
|
|
|
|
def check(self):
|
|
if not self.radclient:
|
|
self.error("Can't locate 'radclient' binary or binary is not executable by netdata user")
|
|
return False
|
|
|
|
if not self.echo:
|
|
self.error("Can't locate 'echo' binary or binary is not executable by netdata user")
|
|
return None
|
|
|
|
if not self.secret:
|
|
self.error("'secret' isn't set")
|
|
return None
|
|
|
|
if not self.get_raw_data():
|
|
self.error('Request returned no data. Is server alive?')
|
|
return False
|
|
|
|
if not self.do_acct:
|
|
self.order.remove('accounting')
|
|
|
|
if not self.do_proxy_auth:
|
|
self.order.remove('proxy-auth')
|
|
|
|
if not self.do_proxy_acct:
|
|
self.order.remove('proxy-acct')
|
|
|
|
return True
|
|
|
|
def get_data(self):
|
|
"""
|
|
Format data received from shell command
|
|
:return: dict
|
|
"""
|
|
result = self.get_raw_data()
|
|
|
|
if not result:
|
|
return None
|
|
|
|
return dict(
|
|
(key.lower(), value) for key, value in PARSER.findall(result)
|
|
)
|
|
|
|
def get_raw_data(self):
|
|
"""
|
|
The following code is equivalent to
|
|
'echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 15, Response-Packet-Type = Access-Accept"
|
|
| radclient -t 1 -r 1 host:port status secret'
|
|
:return: str
|
|
"""
|
|
try:
|
|
process_echo = Popen(self.sub_echo, stdout=PIPE, stderr=PIPE, shell=False)
|
|
process_rad = Popen(self.sub_radclient, stdin=process_echo.stdout, stdout=PIPE, stderr=PIPE, shell=False)
|
|
process_echo.stdout.close()
|
|
raw_result = process_rad.communicate()[0]
|
|
except OSError:
|
|
return None
|
|
|
|
if process_rad.returncode is 0:
|
|
return raw_result.decode()
|
|
|
|
return None
|