added the new option 'ipv6_disabled' (default: no) to disable IPv6 monitoring

Changes

@@ -27,6 +27,7 @@
 - Added support of Basic Authentication to Wowza graph. [#100]
 - Added alert capabilities to Apache graph based on the remaining free slots.
 	(suggested by Marco Reale, mlist AT libero.it)
+- Added the new option 'ipv6_disabled' (default: no) to disable IPv6 monitoring.
 - Fixed the text color in the bottom URL of the Bind graph.
 - Fixed the text color in the bottom URL of the Icecast Streaming Server graph.
 - Fixed a problem with multiple 'ApplicationInstance' tags in Wowza Server

lib/Monitorix.pm

@@ -358,41 +358,43 @@ sub flush_accounting_rules {
 			}
 
 			# IPv6
-			undef(@names);
-			if(open(IN, "$cmd6 -t $table -nxvL INPUT --line-numbers |")) {
-				my @rules;
-				while(<IN>) {
-					my ($rule, undef, undef, $name) = split(' ', $_);
-					if($name =~ /monitorix_IN/ || /monitorix_OUT/ || /monitorix_nginx_IN/) {
-						push(@rules, $rule);
-						push(@names, $name);
+			if(lc($config->{ipv6_disabled}) ne "y") {
+				undef(@names);
+				if(open(IN, "$cmd6 -t $table -nxvL INPUT --line-numbers |")) {
+					my @rules;
+					while(<IN>) {
+						my ($rule, undef, undef, $name) = split(' ', $_);
+						if($name =~ /monitorix_IN/ || /monitorix_OUT/ || /monitorix_nginx_IN/) {
+							push(@rules, $rule);
+							push(@names, $name);
+						}
+					}
+					close(IN);
+					@rules = reverse(@rules);
+					foreach(@rules) {
+						system("$cmd6 -t $table -D INPUT $_");
+						$num6++;
 					}
 				}
-				close(IN);
-				@rules = reverse(@rules);
-				foreach(@rules) {
-					system("$cmd6 -t $table -D INPUT $_");
-					$num6++;
-				}
-			}
-			if(open(IN, "$cmd6 -t $table -nxvL OUTPUT --line-numbers |")) {
-				my @rules;
-				while(<IN>) {
-					my ($rule, undef, undef, $name) = split(' ', $_);
-					if($name =~ /monitorix_IN/ || /monitorix_OUT/ || /monitorix_nginx_IN/) {
-						push(@rules, $rule);
+				if(open(IN, "$cmd6 -t $table -nxvL OUTPUT --line-numbers |")) {
+					my @rules;
+					while(<IN>) {
+						my ($rule, undef, undef, $name) = split(' ', $_);
+						if($name =~ /monitorix_IN/ || /monitorix_OUT/ || /monitorix_nginx_IN/) {
+							push(@rules, $rule);
+						}
+					}
+					close(IN);
+					@rules = reverse(@rules);
+					foreach(@rules) {
+						system("$cmd6 -t $table -D OUTPUT $_");
+						$num6++;
 					}
 				}
-				close(IN);
-				@rules = reverse(@rules);
-				foreach(@rules) {
-					system("$cmd6 -t $table -D OUTPUT $_");
-					$num6++;
+				foreach(@names) {
+					system("$cmd6 -t $table -X $_");
 				}
 			}
-			foreach(@names) {
-				system("$cmd6 -t $table -X $_");
-			}
 		}
 		if(open(IN, "$cmd -t $table -nxvL FORWARD --line-numbers |")) {
 			my @rules;
@@ -415,29 +417,33 @@ sub flush_accounting_rules {
 				system("$cmd -t $table -X $_");
 			}
 		}
-		if(open(IN, "$cmd6 -t $table -nxvL FORWARD --line-numbers |")) {
-			my @rules;
-			my @names;
-			while(<IN>) {
-				my ($rule, undef, undef, $name) = split(' ', $_);
-				if($name =~ /monitorix_daily_/ || /monitorix_total_/) {
-					push(@rules, $rule);
-					push(@names, $name);
+		if(lc($config->{ipv6_disabled}) ne "y") {
+			if(open(IN, "$cmd6 -t $table -nxvL FORWARD --line-numbers |")) {
+				my @rules;
+				my @names;
+				while(<IN>) {
+					my ($rule, undef, undef, $name) = split(' ', $_);
+					if($name =~ /monitorix_daily_/ || /monitorix_total_/) {
+						push(@rules, $rule);
+						push(@names, $name);
+					}
+				}
+				close(IN);
+				@rules = reverse(@rules);
+				foreach(@rules) {
+					system("$cmd6 -t $table -D FORWARD $_");
+					$num6++;
+				}
+				foreach(@names) {
+					system("$cmd6 -t $table -F $_");
+					system("$cmd6 -t $table -X $_");
 				}
-			}
-			close(IN);
-			@rules = reverse(@rules);
-			foreach(@rules) {
-				system("$cmd6 -t $table -D FORWARD $_");
-				$num6++;
-			}
-			foreach(@names) {
-				system("$cmd6 -t $table -F $_");
-				system("$cmd6 -t $table -X $_");
 			}
 		}
 		logger("$num iptables rules have been flushed.") if $debug;
-		logger("$num6 ip6tables rules have been flushed.") if $debug;
+		if(lc($config->{ipv6_disabled}) ne "y") {
+			logger("$num6 ip6tables rules have been flushed.") if $debug;
+		}
 	}
 	if(grep {$_ eq $config->{os}} ("FreeBSD", "OpenBSD", "NetBSD")) {
 		logger("Flushing out ipfw rules.") if $debug;

lib/port.pm

@@ -147,6 +147,10 @@ sub port_init {
 				}
 				$cmd = "iptables" . $config->{iptables_wait_lock};
 				if(grep {$_ eq $p} ("tcp6", "udp6")) {
+					if(lc($config->{ipv6_disabled}) ne "y") {
+						logger("$myself: IPv6 is explicitly disabled, you shouldn't want to monitor 'tcp6' or 'udp6' protocols.");
+						next;
+					}
 					$cmd = "ip6tables" . $config->{iptables_wait_lock};
 					$p =~ s/6//;
 				}
@@ -215,9 +219,11 @@ sub port_update {
 		open(IN, "$cmd -t $table -nxvL INPUT 2>/dev/null |");
 		@data = <IN>;
 		close(IN);
-		open(IN, "$cmd6 -t $table -nxvL INPUT 2>/dev/null |");
-		push(@data, <IN>);
-		close(IN);
+		if(lc($config->{ipv6_disabled}) ne "y") {
+			open(IN, "$cmd6 -t $table -nxvL INPUT 2>/dev/null |");
+			push(@data, <IN>);
+			close(IN);
+		}
 		for($l = 0; $l < scalar(@data); $l++) {
 			for($n = 0; $n < $port->{max}; $n++) {
 				$i_in[$n] = 0 unless $i_in[$n];
@@ -243,9 +249,11 @@ sub port_update {
 		open(IN, "$cmd -t $table -nxvL OUTPUT 2>/dev/null |");
 		@data = <IN>;
 		close(IN);
-		open(IN, "$cmd6 -t $table -nxvL OUTPUT 2>/dev/null |");
-		push(@data, <IN>);
-		close(IN);
+		if(lc($config->{ipv6_disabled}) ne "y") {
+			open(IN, "$cmd6 -t $table -nxvL OUTPUT 2>/dev/null |");
+			push(@data, <IN>);
+			close(IN);
+		}
 		for($l = 0; $l < scalar(@data); $l++) {
 			for($n = 0; $n < $port->{max}; $n++) {
 				$o_out[$n] = 0 unless $o_out[$n];