telegraf/plugins/inputs/pf/pf.go

//go:generate ../../../tools/readme_config_includer/generator
package pf

import (
	"bufio"
	_ "embed"
	"errors"
	"fmt"
	"os/exec"
	"regexp"
	"strconv"
	"strings"

	"github.com/influxdata/telegraf"
	"github.com/influxdata/telegraf/plugins/inputs"
)

//go:embed sample.conf
var sampleConfig string

var (
	errParseHeader     = fmt.Errorf("cannot find header in %s output", pfctlCommand)
	anyTableHeaderRE   = regexp.MustCompile("^[A-Z]")
	stateTableRE       = regexp.MustCompile(`^  (.*?)\s+(\d+)`)
	counterTableRE     = regexp.MustCompile(`^  (.*?)\s+(\d+)`)
	execLookPath       = exec.LookPath
	execCommand        = exec.Command
	pfctlOutputStanzas = []*pfctlOutputStanza{
		{
			headerRE:  regexp.MustCompile("^State Table"),
			parseFunc: parseStateTable,
		},
		{
			headerRE:  regexp.MustCompile("^Counters"),
			parseFunc: parseCounterTable,
		},
	}
	stateTable = []*entry{
		{"entries", "current entries", -1},
		{"searches", "searches", -1},
		{"inserts", "inserts", -1},
		{"removals", "removals", -1},
	}
	counterTable = []*entry{
		{"match", "match", -1},
		{"bad-offset", "bad-offset", -1},
		{"fragment", "fragment", -1},
		{"short", "short", -1},
		{"normalize", "normalize", -1},
		{"memory", "memory", -1},
		{"bad-timestamp", "bad-timestamp", -1},
		{"congestion", "congestion", -1},
		{"ip-option", "ip-option", -1},
		{"proto-cksum", "proto-cksum", -1},
		{"state-mismatch", "state-mismatch", -1},
		{"state-insert", "state-insert", -1},
		{"state-limit", "state-limit", -1},
		{"src-limit", "src-limit", -1},
		{"synproxy", "synproxy", -1},
	}
)

const (
	measurement  = "pf"
	pfctlCommand = "pfctl"
)

type PF struct {
	UseSudo bool `toml:"use_sudo"`

	pfctlCommand string
	pfctlArgs    []string
	infoFunc     func() (string, error)
}

type pfctlOutputStanza struct {
	headerRE  *regexp.Regexp
	parseFunc func([]string, map[string]interface{}) error
	found     bool
}

type entry struct {
	field      string
	pfctlTitle string
	value      int64
}

func (*PF) SampleConfig() string {
	return sampleConfig
}

func (pf *PF) Gather(acc telegraf.Accumulator) error {
	if pf.pfctlCommand == "" {
		var err error
		if pf.pfctlCommand, pf.pfctlArgs, err = pf.buildPfctlCmd(); err != nil {
			acc.AddError(fmt.Errorf("can't construct pfctl commandline: %w", err))
			return nil
		}
	}

	o, err := pf.infoFunc()
	if err != nil {
		acc.AddError(err)
		return nil
	}

	if perr := parsePfctlOutput(o, acc); perr != nil {
		acc.AddError(perr)
	}
	return nil
}

func errMissingData(tag string) error {
	return fmt.Errorf("struct data for tag %q not found in %s output", tag, pfctlCommand)
}

func parsePfctlOutput(pfoutput string, acc telegraf.Accumulator) error {
	fields := make(map[string]interface{})
	scanner := bufio.NewScanner(strings.NewReader(pfoutput))
	for scanner.Scan() {
		line := scanner.Text()
		for _, s := range pfctlOutputStanzas {
			if s.headerRE.MatchString(line) {
				var stanzaLines []string
				scanner.Scan()
				line = scanner.Text()
				for !anyTableHeaderRE.MatchString(line) {
					stanzaLines = append(stanzaLines, line)
					more := scanner.Scan()
					if !more {
						break
					}
					line = scanner.Text()
				}
				if perr := s.parseFunc(stanzaLines, fields); perr != nil {
					return perr
				}
				s.found = true
			}
		}
	}
	for _, s := range pfctlOutputStanzas {
		if !s.found {
			return errParseHeader
		}
	}

	acc.AddFields(measurement, fields, make(map[string]string))
	return nil
}

func parseStateTable(lines []string, fields map[string]interface{}) error {
	return storeFieldValues(lines, stateTableRE, fields, stateTable)
}

func parseCounterTable(lines []string, fields map[string]interface{}) error {
	return storeFieldValues(lines, counterTableRE, fields, counterTable)
}

func storeFieldValues(lines []string, regex *regexp.Regexp, fields map[string]interface{}, entryTable []*entry) error {
	for _, v := range lines {
		entries := regex.FindStringSubmatch(v)
		if entries != nil {
			for _, f := range entryTable {
				if f.pfctlTitle == entries[1] {
					var err error
					if f.value, err = strconv.ParseInt(entries[2], 10, 64); err != nil {
						return err
					}
				}
			}
		}
	}

	for _, v := range entryTable {
		if v.value == -1 {
			return errMissingData(v.pfctlTitle)
		}
		fields[v.field] = v.value
	}

	return nil
}

func (pf *PF) callPfctl() (string, error) {
	cmd := execCommand(pf.pfctlCommand, pf.pfctlArgs...)
	out, oerr := cmd.Output()
	if oerr != nil {
		var ee *exec.ExitError
		if !errors.As(oerr, &ee) {
			return string(out), fmt.Errorf("error running %q: %w: (unable to get stderr)", pfctlCommand, oerr)
		}
		return string(out), fmt.Errorf("error running %q: %w - %s", pfctlCommand, oerr, ee.Stderr)
	}
	return string(out), oerr
}

func (pf *PF) buildPfctlCmd() (string, []string, error) {
	cmd, err := execLookPath(pfctlCommand)
	if err != nil {
		return "", nil, fmt.Errorf("can't locate %q: %w", pfctlCommand, err)
	}
	args := []string{"-s", "info"}
	if pf.UseSudo {
		args = append([]string{cmd}, args...)
		cmd, err = execLookPath("sudo")
		if err != nil {
			return "", nil, fmt.Errorf("can't locate sudo: %w", err)
		}
	}
	return cmd, args, nil
}

func init() {
	inputs.Add("pf", func() telegraf.Input {
		pf := &PF{}
		pf.infoFunc = pf.callPfctl
		return pf
	})
}
Adding upstream version 1.34.4. Signed-off-by: Daniel Baumann <daniel@debian.org> 2025-05-24 07:26:29 +02:00			`//go:generate ../../../tools/readme_config_includer/generator`
			`package pf`

			`import (`
			`"bufio"`
			`_ "embed"`
			`"errors"`
			`"fmt"`
			`"os/exec"`
			`"regexp"`
			`"strconv"`
			`"strings"`

			`"github.com/influxdata/telegraf"`
			`"github.com/influxdata/telegraf/plugins/inputs"`
			`)`

			`//go:embed sample.conf`
			`var sampleConfig string`

			`var (`
			`errParseHeader = fmt.Errorf("cannot find header in %s output", pfctlCommand)`
			`anyTableHeaderRE = regexp.MustCompile("^[A-Z]")`
			stateTableRE = regexp.MustCompile(`^ (.*?)\s+(\d+)`)
			counterTableRE = regexp.MustCompile(`^ (.*?)\s+(\d+)`)
			`execLookPath = exec.LookPath`
			`execCommand = exec.Command`
			`pfctlOutputStanzas = []*pfctlOutputStanza{`
			`{`
			`headerRE: regexp.MustCompile("^State Table"),`
			`parseFunc: parseStateTable,`
			`},`
			`{`
			`headerRE: regexp.MustCompile("^Counters"),`
			`parseFunc: parseCounterTable,`
			`},`
			`}`
			`stateTable = []*entry{`
			`{"entries", "current entries", -1},`
			`{"searches", "searches", -1},`
			`{"inserts", "inserts", -1},`
			`{"removals", "removals", -1},`
			`}`
			`counterTable = []*entry{`
			`{"match", "match", -1},`
			`{"bad-offset", "bad-offset", -1},`
			`{"fragment", "fragment", -1},`
			`{"short", "short", -1},`
			`{"normalize", "normalize", -1},`
			`{"memory", "memory", -1},`
			`{"bad-timestamp", "bad-timestamp", -1},`
			`{"congestion", "congestion", -1},`
			`{"ip-option", "ip-option", -1},`
			`{"proto-cksum", "proto-cksum", -1},`
			`{"state-mismatch", "state-mismatch", -1},`
			`{"state-insert", "state-insert", -1},`
			`{"state-limit", "state-limit", -1},`
			`{"src-limit", "src-limit", -1},`
			`{"synproxy", "synproxy", -1},`
			`}`
			`)`

			`const (`
			`measurement = "pf"`
			`pfctlCommand = "pfctl"`
			`)`

			`type PF struct {`
			UseSudo bool `toml:"use_sudo"`

			`pfctlCommand string`
			`pfctlArgs []string`
			`infoFunc func() (string, error)`
			`}`

			`type pfctlOutputStanza struct {`
			`headerRE *regexp.Regexp`
			`parseFunc func([]string, map[string]interface{}) error`
			`found bool`
			`}`

			`type entry struct {`
			`field string`
			`pfctlTitle string`
			`value int64`
			`}`

			`func (*PF) SampleConfig() string {`
			`return sampleConfig`
			`}`

			`func (pf *PF) Gather(acc telegraf.Accumulator) error {`
			`if pf.pfctlCommand == "" {`
			`var err error`
			`if pf.pfctlCommand, pf.pfctlArgs, err = pf.buildPfctlCmd(); err != nil {`
			`acc.AddError(fmt.Errorf("can't construct pfctl commandline: %w", err))`
			`return nil`
			`}`
			`}`

			`o, err := pf.infoFunc()`
			`if err != nil {`
			`acc.AddError(err)`
			`return nil`
			`}`

			`if perr := parsePfctlOutput(o, acc); perr != nil {`
			`acc.AddError(perr)`
			`}`
			`return nil`
			`}`

			`func errMissingData(tag string) error {`
			`return fmt.Errorf("struct data for tag %q not found in %s output", tag, pfctlCommand)`
			`}`

			`func parsePfctlOutput(pfoutput string, acc telegraf.Accumulator) error {`
			`fields := make(map[string]interface{})`
			`scanner := bufio.NewScanner(strings.NewReader(pfoutput))`
			`for scanner.Scan() {`
			`line := scanner.Text()`
			`for _, s := range pfctlOutputStanzas {`
			`if s.headerRE.MatchString(line) {`
			`var stanzaLines []string`
			`scanner.Scan()`
			`line = scanner.Text()`
			`for !anyTableHeaderRE.MatchString(line) {`
			`stanzaLines = append(stanzaLines, line)`
			`more := scanner.Scan()`
			`if !more {`
			`break`
			`}`
			`line = scanner.Text()`
			`}`
			`if perr := s.parseFunc(stanzaLines, fields); perr != nil {`
			`return perr`
			`}`
			`s.found = true`
			`}`
			`}`
			`}`
			`for _, s := range pfctlOutputStanzas {`
			`if !s.found {`
			`return errParseHeader`
			`}`
			`}`

			`acc.AddFields(measurement, fields, make(map[string]string))`
			`return nil`
			`}`

			`func parseStateTable(lines []string, fields map[string]interface{}) error {`
			`return storeFieldValues(lines, stateTableRE, fields, stateTable)`
			`}`

			`func parseCounterTable(lines []string, fields map[string]interface{}) error {`
			`return storeFieldValues(lines, counterTableRE, fields, counterTable)`
			`}`

			`func storeFieldValues(lines []string, regex regexp.Regexp, fields map[string]interface{}, entryTable []entry) error {`
			`for _, v := range lines {`
			`entries := regex.FindStringSubmatch(v)`
			`if entries != nil {`
			`for _, f := range entryTable {`
			`if f.pfctlTitle == entries[1] {`
			`var err error`
			`if f.value, err = strconv.ParseInt(entries[2], 10, 64); err != nil {`
			`return err`
			`}`
			`}`
			`}`
			`}`
			`}`

			`for _, v := range entryTable {`
			`if v.value == -1 {`
			`return errMissingData(v.pfctlTitle)`
			`}`
			`fields[v.field] = v.value`
			`}`

			`return nil`
			`}`

			`func (pf *PF) callPfctl() (string, error) {`
			`cmd := execCommand(pf.pfctlCommand, pf.pfctlArgs...)`
			`out, oerr := cmd.Output()`
			`if oerr != nil {`
			`var ee *exec.ExitError`
			`if !errors.As(oerr, &ee) {`
			`return string(out), fmt.Errorf("error running %q: %w: (unable to get stderr)", pfctlCommand, oerr)`
			`}`
			`return string(out), fmt.Errorf("error running %q: %w - %s", pfctlCommand, oerr, ee.Stderr)`
			`}`
			`return string(out), oerr`
			`}`

			`func (pf *PF) buildPfctlCmd() (string, []string, error) {`
			`cmd, err := execLookPath(pfctlCommand)`
			`if err != nil {`
			`return "", nil, fmt.Errorf("can't locate %q: %w", pfctlCommand, err)`
			`}`
			`args := []string{"-s", "info"}`
			`if pf.UseSudo {`
			`args = append([]string{cmd}, args...)`
			`cmd, err = execLookPath("sudo")`
			`if err != nil {`
			`return "", nil, fmt.Errorf("can't locate sudo: %w", err)`
			`}`
			`}`
			`return cmd, args, nil`
			`}`

			`func init() {`
			`inputs.Add("pf", func() telegraf.Input {`
			`pf := &PF{}`
			`pf.infoFunc = pf.callPfctl`
			`return pf`
			`})`
			`}`