feat(ippool): Added support for ippool info

This merge adds support for ippool information. This closes #231
bluecmd · Jul 25, 2023 · e71f2af · e71f2af
1 parent b26fdb4
commit e71f2af
Show file tree

Hide file tree

Showing 3 changed files with 100 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -63,6 +63,13 @@ Per-VDOM:
  * `fortigate_policy_bytes_total`
  * `fortigate_policy_hit_count_total`
  * `fortigate_policy_packets_total`
+ * _Firewall/IpPool_
+ * `fortigate_ippool_available`
+ * `fortigate_ippool_ip_used`
+ * `fortigate_ippool_ip_total`
+ * `fortigate_ippool_clients`
+ * `fortigate_ippool_used`
+ * `fortigate_ippool_total`
  * _System/Fortimanager/Status_
  * `fortigate_fortimanager_connection_status`
  * `fortigate_fortimanager_registration_status`
@@ -386,6 +393,7 @@ To improve security, limit permissions to required ones only (least privilege pr
 |BGP/NeighborPaths/IPv6 | netgrp.route-cfg |api/v2/monitor/router/bgp/paths6 |
 |BGP/Neighbors/IPv4 | netgrp.route-cfg |api/v2/monitor/router/bgp/neighbors |
 |BGP/Neighbors/IPv6 | netgrp.route-cfg |api/v2/monitor/router/bgp/neighbors6 |
+|Firewall/IpPool | fwgrp.policy |api/v2/monitor/firewall/ippool |
 |Firewall/LoadBalance | fwgrp.others |api/v2/monitor/firewall/load-balance |
 |Firewall/Policies | fwgrp.policy |api/v2/monitor/firewall/policy/select<br>api/v2/monitor/firewall/policy6/select<br>api/v2/cmdb/firewall/policy<br>api/v2/cmdb/firewall/policy6 |
 |License/Status | *any* |api/v2/monitor/license/status/select |

diff --git a/pkg/probe/firewall_ippool.go b/pkg/probe/firewall_ippool.go
@@ -0,0 +1,91 @@
+package probe
+
+import (
+ "log"
+
+ "github.com/bluecmd/fortigate_exporter/pkg/http"
+ "github.com/prometheus/client_golang/prometheus"
+)
+
+type IpPool struct {
+ Name string `json:"name"`
+ IPTotal int `json:"natip_total"`
+ IPInUse int `json:"natip_in_use"`
+ Clients int `json:"clients"`
+ Available float64 `json:"available"`
+ Used int `json:"used"`
+ Total int `json:"total"`
+}
+
+type IpPoolResponse struct {
+ Results map[string]IpPool `json:"results"`
+ VDOM string `json:"vdom"`
+ Version string `json:"version"`
+}
+
+func probeFirewallIpPool(c http.FortiHTTP, meta *TargetMetadata) ([]prometheus.Metric, bool) {
+ var (
+ mAvailable = prometheus.NewDesc(
+ "fortigate_ippool_available",
+ "Percentage available in ippool",
+ []string{"vdom", "name"}, nil,
+ )
+ )
+ var (
+ mIpUsed = prometheus.NewDesc(
+ "fortigate_ippool_ip_used",
+ "Ip addresses in use in ippool",
+ []string{"vdom", "name"}, nil,
+ )
+ )
+ var (
+ mIpTotal = prometheus.NewDesc(
+ "fortigate_ippool_ip_total",
+ "Ip addresses total in ippool",
+ []string{"vdom", "name"}, nil,
+ )
+ )
+ var (
+ mClients = prometheus.NewDesc(
+ "fortigate_ippool_clients",
+ "Amount of clients using ippool",
+ []string{"vdom", "name"}, nil,
+ )
+ )
+ var (
+ mUsed = prometheus.NewDesc(
+ "fortigate_ippool_used",
+ "Amount of items used in ippool",
+ []string{"vdom", "name"}, nil,
+ )
+ )
+ var (
+ mTotal = prometheus.NewDesc(
+ "fortigate_ippool_total",
+ "Amount of items total in ippool",
+ []string{"vdom", "name"}, nil,
+ )
+ )
+
+ var rs []IpPoolResponse
+
+ if err := c.Get("api/v2/monitor/firewall/ippool", "vdom=*", &rs); err != nil {
+ log.Printf("Error: %v", err)
+ return nil, false
+ }
+
+ m := []prometheus.Metric{}
+
+ for _, r := range rs {
+ for _, ippool := range r.Results {
+ m = append(m, prometheus.MustNewConstMetric(mAvailable, prometheus.GaugeValue, ippool.Available, r.VDOM, ippool.Name))
+ m = append(m, prometheus.MustNewConstMetric(mIpUsed, prometheus.GaugeValue, float64(ippool.IPInUse), r.VDOM, ippool.Name))
+ m = append(m, prometheus.MustNewConstMetric(mIpTotal, prometheus.GaugeValue, float64(ippool.IPTotal), r.VDOM, ippool.Name))
+ m = append(m, prometheus.MustNewConstMetric(mClients, prometheus.GaugeValue, float64(ippool.Clients), r.VDOM, ippool.Name))
+ m = append(m, prometheus.MustNewConstMetric(mUsed, prometheus.GaugeValue, float64(ippool.Used), r.VDOM, ippool.Name))
+ m = append(m, prometheus.MustNewConstMetric(mTotal, prometheus.GaugeValue, float64(ippool.Total), r.VDOM, ippool.Name))
+ }
+ }
+
+ return m, true
+}
diff --git a/pkg/probe/probe.go b/pkg/probe/probe.go
@@ -122,6 +122,7 @@ func (p *ProbeCollector) Probe(ctx context.Context, target map[string]string, hc
  {"BGP/Neighbors/IPv6", probeBGPNeighborsIPv6},
  {"Firewall/LoadBalance", probeFirewallLoadBalance},
  {"Firewall/Policies", probeFirewallPolicies},
+ {"Firewall/IpPool", probeFirewallIpPool},
  {"License/Status", probeLicenseStatus},
  {"Log/Fortianalyzer/Status", probeLogAnalyzer},
  {"Log/Fortianalyzer/Queue", probeLogAnalyzerQueue},