func GetDockerContainerPacketCounts(d *docker.DockerClient) (map[containers.Identifier]int, error) {
serviceFiles, err := filepath.Glob(filepath.Join(gearconfig.ContainerBasePath(), "units", "**", containers.IdentifierPrefix+"*.service"))
if err != nil {
return nil, err
}
ids := make([]string, 0)
packetCount := make(map[containers.Identifier]int)
for _, s := range serviceFiles {
id := filepath.Base(s)
if strings.HasPrefix(id, containers.IdentifierPrefix) && strings.HasSuffix(id, ".service") {
id = id[len(containers.IdentifierPrefix):(len(id) - len(".service"))]
if id, err := containers.NewIdentifier(id); err == nil {
ids = append(ids, string(id))
packetCount[id] = 0
}
}
}
containerIPs, err := d.GetContainerIPs(ids)
if err != nil {
return nil, err
}
cmd := exec.Command("/sbin/iptables-save", "-c")
output, err := cmd.Output()
if err != nil {
return nil, err
}
scan := bufio.NewScanner(bytes.NewBuffer(output))
for scan.Scan() {
line := scan.Text()
if strings.Contains(line, "-A DOCKER ! -i docker0") && strings.Contains(line, "-j DNAT") {
//Example: [0:0] -A DOCKER ! -i docker0 -p tcp -m tcp --dport 4000 -j DNAT --to-destination 172.17.0.3:8080
items := strings.Fields(line)
packets, _ := strconv.Atoi(strings.Split(items[0], ":")[0][1:])
destIp := strings.Split(items[15], ":")[0]
id, _ := containers.NewIdentifier(containerIPs[destIp])
packetCount[id] = packetCount[id] + packets
}
if strings.Contains(line, "-A OUTPUT -d 127.0.0.1/32 -p tcp -m tcp --dport") && strings.Contains(line, "-m comment --comment ") {
//Example: [5850:394136] -A OUTPUT -d 127.0.0.1/32 -p tcp -m tcp --dport 4000 -m comment --comment 0001 -j ACCEPT
items := strings.Fields(line)
packets, _ := strconv.Atoi(strings.Split(items[0], ":")[0][1:])
if id, err := containers.NewIdentifier(items[14]); err == nil {
packetCount[id] = packetCount[id] + packets
}
}
}
return packetCount, nil
}
