Reporting connections set to auto=ignore as ignored.

Closes #4

README.md

@@ -23,4 +23,5 @@ connection. The output is parsed.
 | ipsec_status | 0 | The connection is established and tunnel is installed. The tunnel is up and running. |
 | ipsec_status | 1 | The connection is established, but the tunnel is not up. |
 | ipsec_status | 2 | The tunnel is down. |
-| ipsec_status | 3 | The tunnel is in an unknown state. |
+| ipsec_status | 3 | The tunnel is in an unknown state. |
+| ipsec_status | 4 | The tunnel is ignored. |

ipsecexporter/ipsec.go

@@ -8,10 +8,15 @@ import (
 	"strconv"
 	"io/ioutil"
 	"github.com/prometheus/common/log"
-)
+	)
+
+type IpSecConnection struct {
+	name    string
+	ignored bool
+}
 
 type IpSecConfiguration struct {
-	tunnel []string
+	tunnel []IpSecConnection
 }
 
 type IpSecStatus struct {
@@ -23,6 +28,7 @@ const (
 	connectionEstablished int = 1
 	down                  int = 2
 	unknown               int = 3
+	ignored               int = 4
 )
 
 func FetchIpSecConfiguration(fileName string) (IpSecConfiguration, error) {
@@ -40,13 +46,18 @@ func (c IpSecConfiguration) QueryStatus() IpSecStatus {
 	}
 
 	for _, connection := range c.tunnel {
-		cmd := exec.Command("ipsec", "status", connection)
+		if connection.ignored {
+			s.status[connection.name] = ignored
+			continue
+		}
+
+		cmd := exec.Command("ipsec", "status", connection.name)
 		if out, err := cmd.Output(); err != nil {
 			log.Warnf("Were not able to execute 'ipsec status %s'. %v", connection, err)
-			continue
+			s.status[connection.name] = unknown
 		} else {
 			status := getStatus(out)
-			s.status[connection] = status
+			s.status[connection.name] = status
 		}
 	}
 
@@ -93,18 +104,29 @@ func loadConfig(fileName string) (string, error) {
 	return s, nil
 }
 
-func getConfiguredIpSecConnection(ipsecConfigLines []string) []string {
-	connectionNames := []string{}
+func getConfiguredIpSecConnection(ipsecConfigLines []string) []IpSecConnection {
+	connections := []IpSecConnection{}
 
 	for _, line := range ipsecConfigLines {
+		// Match connection definition lines
 		re := regexp.MustCompile(`conn\s([a-zA-Z0-9_-]+)`)
 		match := re.FindStringSubmatch(line)
 		if len(match) >= 2 {
-			connectionNames = append(connectionNames, match[1])
+			connections = append(connections, IpSecConnection{name: match[1], ignored: false})
+		}
+
+		// Match auto=ignore lines
+		reAutoIgnore := regexp.MustCompile(`auto=ignore`)
+		matchAutoIgnore := reAutoIgnore.FindStringSubmatch(line)
+		if len(matchAutoIgnore) >= 1 {
+			connectionIndex := len(connections) - 1
+			if len(connections) > connectionIndex {
+				connections[connectionIndex].ignored = true
+			}
 		}
 	}
 
-	return connectionNames
+	return connections
 }
 
 func extractLines(ipsecConfig string) []string {

ipsecexporter/ipsec_test.go

@@ -13,8 +13,8 @@ func TestGetConfiguredIpSecConnections_simpleLine(t *testing.T) {
 		return
 	}
 
-	if connections[0] != "fancy_dc" {
-		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0])
+	if connections[0].name != "fancy_dc" {
+		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0].name)
 	}
 }
 
@@ -27,8 +27,8 @@ func TestGetConfiguredIpSecConnections_connectionIncludingNumber(t *testing.T) {
 		return
 	}
 
-	if connections[0] != "fancy_345" {
-		t.Errorf("Should have found connection 'fancy_345', but found %s", connections[0])
+	if connections[0].name != "fancy_345" {
+		t.Errorf("Should have found connection 'fancy_345', but found %s", connections[0].name)
 	}
 }
 
@@ -41,8 +41,8 @@ func TestGetConfiguredIpSecConnections_simpleLineAndComment(t *testing.T) {
 		return
 	}
 
-	if connections[0] != "fancy_dc" {
-		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0])
+	if connections[0].name != "fancy_dc" {
+		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0].name)
 	}
 }
 
@@ -55,8 +55,8 @@ func TestGetConfiguredIpSecConnections_withDefault(t *testing.T) {
 		return
 	}
 
-	if connections[0] != "fancy_dc" {
-		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0])
+	if connections[0].name != "fancy_dc" {
+		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0].name)
 	}
 }
 
@@ -69,12 +69,48 @@ func TestGetConfiguredIpSecConnections_withNewLines(t *testing.T) {
 		return
 	}
 
-	if connections[0] != "fancy_dc" {
-		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0])
+	if connections[0].name != "fancy_dc" {
+		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0].name)
 	}
 
-	if connections[1] != "second_dc" {
-		t.Errorf("Should have found connection 'second_dc', but found %s", connections[1])
+	if connections[1].name != "second_dc" {
+		t.Errorf("Should have found connection 'second_dc', but found %s", connections[1].name)
+	}
+}
+
+func TestGetConfiguredIpSecConnections_autoIgnore(t *testing.T) {
+	input := []string{"conn fancy_dc", "  auto=ignore"}
+	connections := getConfiguredIpSecConnection(input)
+
+	if len(connections) != 1 {
+		t.Errorf("Expected to have found 1 connection, but has found %d", len(connections))
+		return
+	}
+
+	if connections[0].name != "fancy_dc" {
+		t.Errorf("Should have found connection 'fancy_dc', but found %s", connections[0].name)
+	}
+
+	if !connections[0].ignored {
+		t.Errorf("Expected connection to be ignored")
+	}
+}
+
+func TestGetConfiguredIpSecConnections_autoIgnoreMultipleTunnels(t *testing.T) {
+	input := []string{"conn fancy_dc", "  esp=aes256-sha256-modp2048!", "", "  left=10.0.0.7", "", "conn second_dc", "  auto=ignore"}
+	connections := getConfiguredIpSecConnection(input)
+
+	if len(connections) != 2 {
+		t.Errorf("Expected to have found 2 connection, but has found %d", len(connections))
+		return
+	}
+
+	if connections[0].ignored {
+		t.Errorf("Expected connection '%s' not to be ignored", connections[0].name)
+	}
+
+	if !connections[1].ignored {
+		t.Errorf("Expected connection '%s' to be ignored", connections[1].name)
 	}
 }