Tag Cloud

389-directoryserver 3 ansible 7 apache 15 aws 3 azure 1 bash 13 bind 6 centos 25 cert-manager 1 chef 1 cloud 4 cockpit 1 comptia 1 database 1 devops 4 docker 3 drupal 2 fedora 1 freebsd 7 ganglia 2 git 4 github 3 gitlab 1 glusterfs 1 go 2 google 5 gparted 1 gpg 1 iptables 4 jekyll 2 jenkins 5 kerberos 2 kernel 1 keycloak 1 kubernetes 13 kubestronaut 5 kustomize 1 kvm 5 ldap 2 letsencrypt 2 logstash 1 lvm 1 macos 4 memcached 1 metasploit 2 monitoring 8 mysql 6 nagios 17 networking 13 nginx 7 ntp 1 opensuse 1 perl 10 pf 3 php 16 postfix 1 prometheus 2 python 6 rancher 4 regex 2 rhce 5 rhel 6 ruby 8 security 19 sendmail 1 smtp 1 solaris 7 svn 1 systemd 1 terraform 1 testing 3 ubuntu 21 vagrant 3 varnish 9 vim 1 virtualbox 4 web-development 2 wordpress 7 zfs 6

Currently Reading

Certified Kubernetes Administrator (CKA) Study Guide

38 / 155 Pages

Latest Book Reviews

• Certified Kubernetes Application Developer (CKAD) Study Guide, 2nd Edition Posted on January 11, 2025
• Rancher Deep Dive Posted on March 31, 2023
• Leveraging Kustomize for Kubernetes Manifests Posted on March 24, 2023
• Automating Workflows with GitHub Actions Posted on October 13, 2022
• Deep-Dive Terraform on Azure Posted on August 30, 2022
All Book Reviews

Latest Posts

• OpenBSD: PF firewall for the paranoid Posted on January 13, 2013
• Writing custom Nagios plugins: check_public-ip Posted on January 2, 2013
• Installing Nagios Remote Plugin Executor in FreeBSD 9.1 Posted on January 2, 2013
• Cron monitoring plugin for Nagios Posted on January 2, 2013
• Installing Nagios Remote Plugin Executor in Solaris 11 Posted on December 30, 2012

---

January 13, 2013

OpenBSD: PF firewall for the paranoid

by Alpha01

Block all traffic except for ssh.

/etc/pf.conf

tcp_services = "{ 22 }"
block all
pass out on em0 proto tcp to any port $tcp_services keep state
pass in on em0 proto tcp to any port $tcp_services keep state

Enabling rules:

pfctl -e ; pfctl -f /etc/pf.conf 
pfctl: pf already enabled

Tags: [ pf ]

---

January 2, 2013

Writing custom Nagios plugins: check_public-ip

by Alpha01

Now that I think Nagios is the greatest thing since slice bread, I’m slowly but surely re-writing all my custom monitoring scripts to Nagios plugins.

The following is a Nagios plugin ready script that I used to replace my old public IP monitoring (See https://www.rubysecurity.org/ip_monitoring).

#!/bin/bash

STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3

current_ip="YOUR-IP-ADDRESS-HERE"
ip=`curl -connect-timeout 30 -s ifconfig.me`

if [ "$current_ip" != "$ip" ] || [ -z "$ip" ]
then
        if [[ "$ip" =~ "Service Unavailable" ]] || [[ "$ip" =~ "html" ]]
        then
                echo "IP service monitoring is unavailable."
                exit $STATE_WARNING
        elif [[ "$ip"  =~ [0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3} ]]
        then
                echo "ALERT: Public IP has changed. NEW IP: $ip"
                exit $STATE_CRITICAL
        else
                echo "Unknown state detected."
                exit $STATE_UNKNOWN
        fi

else
        echo "Public OK: $ip"
        exit $STATE_OK
fi

Tags: [ bash nagios ]

---

January 2, 2013

Installing Nagios Remote Plugin Executor in FreeBSD 9.1

by Alpha01

This also installs the Nagios plugins in addition of nrpe. Follow the text-based menu install options. The installer will create and configure the nagios user account, and will install the naios and nrpe plugins in /usr/local/libexec/nagios.

cd /usr/ports/net-mgmt/nrpe2
make install clean

Update permissions.

chown -R nagios:nagios /usr/local/libexec/nagios

Create nrpe config file.

cd /usr/local/etc
cp nrpe.cfg-sample nrpe.cfg

Add the following entry to /etc/rc.conf.

nrpe2_enable="YES"

Edit nrpe.cfg (Example: 192.168.1.5 is my nagios server)

allowed_hosts=192.168.1.5

Start the nrpe daemon.

/usr/local/etc/rc.d/nrpe2 start

Tags: [ nagios freebsd ]

---

January 2, 2013

Cron monitoring plugin for Nagios

by Alpha01

#!/bin/bash
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3

CRON_CHECK=`ps aux | grep cron|grep -v grep|awk '{print $NF}'|grep -E -e '^(/usr/sbin/cron|crond)$'|wc -l`

case "${CRON_CHECK}" in
        0)  echo "Crond is not running."; exit ${STATE_CRITICAL}
        ;;
        1)  echo "Crond is running."; exit ${STATE_OK}
        ;;
        *)  echo "More than one crond process detected / crond is in an unknown state."; exit ${STATE_WARNING}
        ;;
esac

Tags: [ bash nagios ]

---

December 30, 2012

Installing Nagios Remote Plugin Executor in Solaris 11

by Alpha01

Install gcc

pkg install pkg://sfe/runtime/gcc pkg://sfe/sfe/developer/gcc

Install system headers (not really sure if all listed were necessary):

pkg install SUNWhea SUNWbinutils SUNWarc SUNWgcc SUNWgccruntime SUNWlibsigsegv SUNWgm4 SUNWgnu-automake-110 SUNWaconf

Update your PATH:

PATH=$PATH:/usr/gcc/bin:/usr/sfw/bin:/usr/ccs/bin
export PATH

Manually create nagios user account, home directory, group, and assigned him a password.

mkdir -p /usr/local/nagios
useradd -d /usr/local/nagios -m nagios
groupadd nagios
usermod -G nagios nagios
passwd nagios

Download, extract, compile and install nrpe.

wget http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.13.tar.gz
tar -xvf http://prdownloads.sourceforge.net/sourceforge/nagios/nrpe-2.13.tar.gz
cd /opt/nrpe-2.13
./configure --with-nagios-user=nagios --with-nagios-group=nagios
make install
make install-daemon-config
cp src/check_nrpe /usr/local/nagios/libexec

Update permissions.

chown -R nagios:nagios /usr/local/nagios/

Add the following entry to /etc/services

nrpe 5666/tcp # NRPE

Add the following entry to /etc/inetd.conf

nrpe stream tcp nowait nagios /usr/sbin/tcpd /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -i

Convert and add the new legacy inetd entry to SMF.

inetconv
inetconv -e

Tags: [ nagios solaris ]

---