On 2021/03/31 13:47, Frank Wunderlich wrote:
Hi,
i want to read counters defined in nftables, but have not found a solid way to do this
nft list table ip filter
shows me the rules from specific table with all chains, rules and counters, e.g.
chain voip1 {
counter packets 3226 bytes 780864 accept
}
chain voip2 {
counter packets 1640 bytes 119449 accept
}
this needs to be parsed with grep/sed/awk, so maybe there is an easier way to read the counters. found nothing in manpage or google, so i just ask here. maybe there is a way to show the last x min traffic. i need this to check if connections is "alive"
regards Frank
Hi Frank,
Just some quick ideas:
Using nft JSON output could work better for parsing:
https://wiki.nftables.org/wiki-nftables/index.php/Output_text_modifiers
You could use nftables from within a Python program to do your monitoring:
https://wiki.nftables.org/wiki-nftables/index.php/Scripting#Using_nftables_from_Python
If you don't care about actual values of packets/bytes but only that
packets are matching certain rules at a minimum rate, you could use a
log statement, perhaps with a limit, to log to syslog or userspace nflog
and monitor the appropriate log file(s).
https://wiki.nftables.org/wiki-nftables/index.php/Logging_traffic
https://wiki.nftables.org/wiki-nftables/index.php/Rate_limiting_matchings
Best Wishes,
Frank
