Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenWRT netstat -s command not present #14

Open
gnosoz opened this issue Apr 8, 2021 · 4 comments
Open

OpenWRT netstat -s command not present #14

gnosoz opened this issue Apr 8, 2021 · 4 comments

Comments

@gnosoz
Copy link

gnosoz commented Apr 8, 2021

Hi All,
please note that muninlite currently doesn't pickup netstat values due to the fact the command netstat -s is in fact not available in OpenWRT natively.

netstat -s
netstat: unrecognized option: s
BusyBox v1.31.1 () multi-call binary.

Usage: netstat [-ral] [-tuwx] [-enWp]

Display networking information
-r Routing table
-a All sockets
-l Listening sockets
Else: connected sockets
-t TCP sockets
-u UDP sockets
-w Raw sockets
-x Unix sockets
Else: all socket types
-e Other/more information
-n Don't resolve names
-W Wide display

muninlite code

fetch_netstat() {
NINFO=$(netstat -s | sed 's/ {1,}/ /g')
echo "active.value" "$(echo "$NINFO" | grep "active connection" | cut -d " " -f 2)"
echo "passive.value" "$(echo "$NINFO" | grep "passive connection" | cut -d " " -f 2)"
echo "failed.value" "$(echo "$NINFO" | grep "failed connection" | cut -d " " -f 2)"
echo "resets.value" "$(echo "$NINFO" | grep "connection resets" | cut -d " " -f 2)"
echo "established.value" "$(echo "$NINFO" | grep "connections established" | cut -d " " -f 2)"
}

My solution to resolve this problem would be to utilize instead the following grep + wc command as per below example.
I know this is not the cleanest or quickest solution but just wanted to get the ball rolling on this issue :)

netstat -n |grep SYN_SENT |wc -l
18842
netstat -n |grep ESTABLISHED |wc -l
44707
netstat -n |grep TIME_WAIT |wc -l
1683
etstat -n |grep FIN_WAIT |wc -l
34
netstat -n |grep LAST_ACK |wc -l
3
@kimheino
Copy link
Collaborator

kimheino commented Apr 8, 2021

Using netstat -n | grep | wc can be optimized to:

NINFO=$(netstat -n)
echo "active.value $(echo "$NINFO" | grep -c ESTABLISHED)"

I tested above on OpenWRT.

Old code seems to be bit faster so maybe do it like this:

if [ "$(readlink /bin/netstat)" = "busybox" ]; then 
    NINFO=$(netstat -n)
    echo "active.value $(echo "$NINFO" | grep -c ESTABLISHED)"
    ...
else
    ...old code here...
fi

"Runtime config" needs some patching too:

      if netstat -s >/dev/null 2>&1; then
        RES="$RES netstat"

Maybe simple "-s" to "-h" would work here?

Do you want to write a pull request for these?

@gnosoz
Copy link
Author

gnosoz commented Apr 9, 2021

Hi @kimheino
I like grep -c better than the my version with wc although I didn't see a bigger discrepancy in time run for the 2 commands.

The problem I have now its to determine hot to catalogue the results based on normal munin graph titles or whether create new graphs alltogether. I rekon the first method would allow more flexibility for non dd-wrt based systems

From the netstat I can only see so much information and I find difficult to determine active from passive and failed from resets
https://www.ibm.com/support/pages/apar/II12449
https://benohead.com/blog/2013/07/21/tcp-about-fin_wait_2-time_wait-and-close_wait/

active connection ==> possibly SYN_SENT
passive connection ==> possibly SYN_RECEIVED
failed connection ==> grep -c 'WAIT|CLOSE' ==> this catches both FIN_WAIT1 & FIN_WAIT2 & TIME_WAIT & CLOSE_WAIT
connection resets ==> grep -c 'WAIT|CLOSE' ==> these as per description should be the resets same as failed
connections established ==> grep -c ESTABLISHED

The difference from active and passive is whom is starting the process which cannot be identified by this netstat module for openWRT??
I believe that the standard command netstat -s calculates this value in better way based on either other subcommands

If we can establish these parameters I can definitely create/test this procedure and send a pull request

@gnosoz
Copy link
Author

gnosoz commented Apr 9, 2021

I think I might have found a better solution for the problem which is to utilize collectd in conjunction with collectd-mod-tcpconns
This way the request is processed picking up the data created by the collectd process

The graph below show the luci graphs for the tcp connections from collectd
image

Would this solution be acceptable (based on system requirements / additional config for the router) or shall I keep on with the netstat module?

@kimheino
Copy link
Collaborator

I tested this on few systems. Normal netstat -s reads data from /proc/net/snmp which is not available on OpenWRT. Mapping TCP's WAIT/CLOSE etc to current netstat fields is too complex. To keep this simple:

  1. Change current netstat-plugin to check if it's running on OpenWRT or not. If it is, return two fields: established and listen. This information can be grepped from netstat -tan or netstat -tuan (tcp only or tcp/udp). Or four fields: udp_listen, tcp_listen, ... This works out-of-box on all OpenWRT systems.

  2. Create new plugin for more detailed collectd, as it requires extra packages and config.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@kimheino @gnosoz