diff options
Diffstat (limited to 'modules')
24 files changed, 511 insertions, 254 deletions
diff --git a/modules/Monitoring/TODO b/modules/Monitoring/TODO new file mode 100644 index 00000000..6d74fdcd --- /dev/null +++ b/modules/Monitoring/TODO @@ -0,0 +1,5 @@ +add guest user +add guest user to +> * authorized_for_all_services=usernagios,guest +> * authorized_for_all_hosts=usernagios,guest +in /etc/nagios3/somewhere diff --git a/modules/Monitoring/conf/krebs_hosts.cfg b/modules/Monitoring/conf/krebs_hosts.cfg index c52c6924..4903020c 100644 --- a/modules/Monitoring/conf/krebs_hosts.cfg +++ b/modules/Monitoring/conf/krebs_hosts.cfg @@ -7,8 +7,8 @@ define host{ host_name krebs.shack alias krebs _tinc_address 10.7.7.156 - address 10.42.23.5 - parents shack-router + address 10.42.23.5 + parents shack-coreswitch hostgroups krebs-machines,tinc-nodes,ssh-servers } # @@ -16,11 +16,11 @@ define host{ # define host{ use generic-host - host_name utart.shack + host_name utart alias UTART _tinc_address 10.7.7.66 - address 10.42.2.238 - parents shack-router + address 10.42.23.23 + parents shack-coreswitch hostgroups krebs-machines,tinc-nodes,ssh-servers } # @@ -28,11 +28,11 @@ define host{ # define host{ use generic-host - host_name ytart.shack + host_name ytart alias ytart _tinc_address 10.7.7.201 - parents shack-router - address 10.42.2.254 #TODO check me + parents shack-coreswitch + address 10.42.1.227 hostgroups krebs-machines,tinc-nodes,ssh-servers } # @@ -44,7 +44,7 @@ define host{ alias uPM Virtual Machine _tinc_address 10.7.7.99 address upm.shack - parents shack-vplatform + parents shack-node1 hostgroups krebs-machines,ssh-servers,shack-rz #,tinc-nodes } @@ -61,7 +61,7 @@ define host{ alias genericore Virtual Machine #_tinc_address 10.7.7.XX address genericore.shack - parents shack-vplatform + parents shack-node1 hostgroups ssh-servers,shack-rz #,tinc-nodes,krebs-machines } diff --git a/modules/Monitoring/conf/shack_infrastructure.cfg b/modules/Monitoring/conf/shack_infrastructure.cfg index 53bc688b..3adf193b 100644 --- a/modules/Monitoring/conf/shack_infrastructure.cfg +++ b/modules/Monitoring/conf/shack_infrastructure.cfg @@ -1,46 +1,160 @@ # -define hostgroup { - hostgroup_name shack-rz - alias Shack RZ Infrastructure - } -define hostextinfo{ - hostgroup_name shack-rz - notes Shack RZ Infrastructure -# notes_url http://webserver.localhost.localdomain/hostinfo.pl?host=netware1 - icon_image krebs/shack.png - icon_image_alt shack-RZ - vrml_image shack.png - statusmap_image krebs/shack.gd2 - } # # Shack Virtual Machine Hoster Platform # + +# +# Virtualization and storage +# define host{ use generic-host - host_name shack-vplatform + host_name shack-node1 alias Shack Virtualization Server - address node0.shack - parents shack-router + address 10.42.0.10 + parents shack-serverswitch hostgroups shack-rz,ssh-servers } define host{ use generic-host - host_name shack-router - alias Shack Cisco Router - address 10.42.0.3 + host_name shack-zetbox + alias Shack Virtualization Server + address 10.42.0.10 + parents shack-serverswitch hostgroups shack-rz,ssh-servers } - define host{ use generic-host host_name shack-plattenschwein - parents shack-router + parents shack-serverswitch alias Shack Plattenschwein - address plattenschwein.shack + address 10.42.0.12 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-gauda0 + parents shack-serverswitch + alias Shack gauda0 Mining Server + address 10.42.0.99 + hostgroups shack-rz + } +# +# Network Infrastructure +# + +# +## Shack gateway (no gateway-no internet) +# +define host{ + use generic-host + host_name shack-gw + parents shack-coreswitch + alias Watchguard Shack Gateway + address 10.42.0.1 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-modem + parents shack-gw + alias Shack Telecom VDSL Router + address 192.168.2.1 + hostgroups shack-rz + } +define host{ + use generic-host + host_name shack-externswitch + parents shack-gw + alias Shack External Switch (2.OG) + address 10.0.10.2 + hostgroups shack-rz + } + +define service { + host_name shack-gw + service_description DNS Service + use generic-service + check_command check_dns + } +define host{ + use generic-host + host_name shack-coreswitch + alias Shack Cisco Router Coreswitch + address 10.42.0.3 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-serverswitch + parents shack-coreswitch + alias Shack Cisco Router Serverswitch + address 10.42.0.4 hostgroups shack-rz,ssh-servers } +define host{ + use generic-host + host_name shack-wlan-ap1 + parents shack-coreswitch + alias Shack Wlan Access Point 1 + address 10.42.0.5 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap2 + parents shack-coreswitch + alias Shack Wlan Access Point 2 + address 10.42.0.6 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap3 + parents shack-coreswitch + alias Shack Wlan Access Point 3 + address 10.42.0.7 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap4 + parents shack-coreswitch + alias Shack Wlan Access Point 4 + address 10.42.0.8 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap5 + parents shack-coreswitch + alias Shack Wlan Access Point 5 + address 10.42.0.9 + hostgroups wlan-ap + } +# +# Voip Infrastructure +# +define host{ + use generic-host + host_name shack-voip + alias Shack Cisco VOIP Gateway + address 10.42.0.2 + parents shack-coreswitch + hostgroups shack-rz,http-servers + } + +define service{ + host_name shack-voip + service_description SIP Service + use generic-service + check_command check_sip + } + + + + # # Shack DNS Server @@ -49,7 +163,7 @@ define host{ define host{ use generic-host host_name shack-dns - parents shack-vplatform + parents shack-zetbox alias Shack DNS Virtual Host address dns.shack hostgroups shack-rz @@ -58,21 +172,22 @@ define service { host_name shack-dns service_description DNS Service use generic-service - check_command check_dns + check_command check_dns_shack } define host{ use generic-host host_name shack-pxe - parents shack-vplatform + parents shack-zetbox alias Shack PXEBoot Vhost address pxeboot.shack hostgroups shack-rz } + define host{ use generic-host host_name shack-printsrv - parents shack-vplatform + parents shack-node1 alias Shack Print Server address printer.shack hostgroups shack-rz @@ -81,7 +196,7 @@ define host{ define host{ use generic-host host_name shack-aptproxy - parents shack-vplatform + parents shack-zetbox alias Shack Apt-proxy address aptproxy.shack hostgroups shack-rz @@ -90,7 +205,7 @@ define host{ define host{ use generic-host host_name shack-shack - parents shack-vplatform + parents shack-node1 alias Shack Data Exchange address shack.shack hostgroups shack-rz,ssh-servers @@ -102,7 +217,7 @@ define host{ define host{ use generic-host host_name shack-ldap - parents shack-vplatform + parents shack-zetbox alias Shack LDAP Server address ldap.shack hostgroups shack-rz @@ -111,24 +226,6 @@ define service { host_name shack-ldap service_description LDAP Service use generic-service - check_command check_ldap!shack - } - -# -# Shack gateway -# -define host{ - use generic-host - host_name shack-gw - parents shack-router - alias Watchguard Shack Gateway - address 10.42.0.1 - hostgroups shack-rz,ssh-servers - } -define service { - host_name shack-gw - service_description DNS Service - use generic-service - check_command check_dns + check_command check_ldap!shammunity } diff --git a/modules/Monitoring/conf/shacknet.cfg b/modules/Monitoring/conf/shacknet.cfg new file mode 100644 index 00000000..7658ab80 --- /dev/null +++ b/modules/Monitoring/conf/shacknet.cfg @@ -0,0 +1,34 @@ +define hostgroup { + hostgroup_name shack-rz + alias Shack RZ Infrastructure + } +define hostgroup { + hostgroup_name wlan-ap + alias Shack Wlan Access Points + } +define hostextinfo{ + hostgroup_name wlan-ap + notes Access Points for Shack + icon_image krebs/wireless_access_point.png + icon_image_alt wireless_access_point + vrml_image wireless_access_point.png + statusmap_image krebs/wireless_access_point.gd2 + } +define hostextinfo{ + hostgroup_name shack-rz + notes Shack RZ Infrastructure + icon_image krebs/shack.png + icon_image_alt shack-RZ + vrml_image shack.png + statusmap_image krebs/shack.gd2 + } + +define command { + command_name check_sip + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p 5060 + } + +define command { + command_name check_dns_shack + command_line $USER1$/check_dns -H shack.shack -s '$HOSTADDRESS$' + } diff --git a/modules/Monitoring/conf/tinc_hosts.cfg b/modules/Monitoring/conf/tinc_hosts.cfg index ef2cb95d..23c2b75e 100644 --- a/modules/Monitoring/conf/tinc_hosts.cfg +++ b/modules/Monitoring/conf/tinc_hosts.cfg @@ -9,8 +9,15 @@ define host{ alias Supernode External _TINC_ADDRESS 10.7.7.1 address miefda.org - parents shack-gw - hostgroups tinc-nodes,ssh-servers + parents shack-modem + hostgroups tinc-nodes,ssh-servers,http-servers + } + +define service { + host_name supernode + service_description IRC + use generic-service + check_command check_ircd } # # Sharepoint (dhbw-stuttgart) @@ -21,7 +28,7 @@ define host{ alias PA Sharepoint address 141.31.8.11 _TINC_ADDRESS 10.7.7.5 - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers } # @@ -33,6 +40,6 @@ define host{ alias no_omo address leechi.kicks-ass.org _TINC_ADDRESS 10.7.7.111 - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers,http-servers } diff --git a/modules/Monitoring/conf/tincnet.cfg b/modules/Monitoring/conf/tincnet.cfg index d63119b3..f0b35b4e 100644 --- a/modules/Monitoring/conf/tincnet.cfg +++ b/modules/Monitoring/conf/tincnet.cfg @@ -16,6 +16,10 @@ define command { command_name check_internal_tinc_up command_line $USER1$/check_ping -H $_HOSTTINC_ADDRESS$ -w $ARG1$ -c $ARG2$ } +define command { + command_name check_ircd + command_line $USER1$/check_ircd $_HOSTTINC_ADDRESS$ + } define service { hostgroup_name tinc-nodes diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 Binary files differnew file mode 100644 index 00000000..6e740ec4 --- /dev/null +++ b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png Binary files differnew file mode 100644 index 00000000..9febe45e --- /dev/null +++ b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png Binary files differnew file mode 100644 index 00000000..fe9788af --- /dev/null +++ b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png diff --git a/modules/Monitoring/plugins/check_sip b/modules/Monitoring/plugins/check_sip new file mode 100755 index 00000000..24374727 --- /dev/null +++ b/modules/Monitoring/plugins/check_sip @@ -0,0 +1,252 @@ +#!/usr/bin/perl -w +# +# check_sip plugin for nagios +# $Revision: 1.2 $ +# +# Nagios plugin to check SIP servers +# +# By Sam Bashton, Bashton Ltd +# bashton.com/content/nagiosplugins +# Michael Hirschbichler, Institute of Broadband Communications, +# Vienna University of Technology +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +use strict; +use lib "/usr/lib/nagios/plugins"; +use utils qw($TIMEOUT %ERRORS &print_revision &support); +use vars qw($PROGNAME); +use IO::Socket::INET; +#use Sys::Hostname; +use Time::HiRes qw(gettimeofday); +use Net::Domain qw (hostname hostfqdn hostdomain); + +$PROGNAME = "check_sip"; +my $VERSION = "1.2"; + +$ENV{'BASH_ENV'}=''; +$ENV{'ENV'}=''; +$ENV{'PATH'}=''; +$ENV{'LC_ALL'}='C'; + +my ($opt_V,$opt_h,$opt_u,$opt_p,$opt_H, $opt_w, $opt_s, $opt_f); +$opt_V = $opt_h = $opt_u = $opt_p = $opt_H = $opt_w = $opt_s = $opt_f = ''; + +my $state = 'UNKNOWN'; + +use Getopt::Long; +Getopt::Long::Configure('bundling'); +GetOptions( + "V" => \$opt_V, "version" => \$opt_V, + "h" => \$opt_h, "help" => \$opt_h, + "s" => \$opt_s, + "f=s" => \$opt_f, "fromuri=s" => \$opt_f, + "u=s" => \$opt_u, "uri=s" => \$opt_u, + "p=s" => \$opt_p, "port=s" => \$opt_p, + "H=s" => \$opt_H, "host=s" => \$opt_H, + "w=s" => \$opt_w, "warn=s" => \$opt_w +); + +# -h displays help +if ($opt_h) { printHelp(); exit $ERRORS{'OK'}; } + +# -V display version number +if ($opt_V) { + print_revision($PROGNAME, $VERSION); + exit $ERRORS{'OK'}; +}; + +# Check the sip URI is OK +unless ($opt_u) { printHelp(); exit $ERRORS{'UNKNOWN'} } + +# Port is 5060 unless otherwise specified +unless ($opt_p) { $opt_p = 5060 } + +# Determine the host from the sip URI if it wasn't specified with -H +unless ($opt_H) { $opt_H = hostFromURI($opt_u) } + +# Check the host is valid +unless (utils::is_hostname($opt_H)) +{ + print "$opt_H is not a valid hostname\n"; + printHelp(); + exit $ERRORS{"UNKNOWN"}; +} + +unless ($opt_w) { $opt_w = 5 } # Warn if response takes longer than 5 seconds + +### Main code ############################################################### + +# Timeout if we don't recieve a response within a suitable timeframe.. +$SIG{'ALRM'} = sub { + print ("SIP timeout: No response from SIP server after $TIMEOUT seconds\n"); + exit $ERRORS{"CRITICAL"}; +}; +alarm($TIMEOUT); + +my $localhost = hostfqdn(); +$opt_f = getFromURI($opt_f,$localhost,$opt_p); +my $user=getUserPart($opt_f); +my $socket = uconnect($opt_H, $opt_p); +my @localinfo = unpack_sockaddr_in($socket->sockname); +my $req = buildReq($localinfo[0], $opt_u, $opt_f,$user,$localhost); +my (undef, $starttime) = gettimeofday; +$socket->send($req); +my $response; +$socket->recv($response, 1024) or $state = 'CRITICAL'; + +#get rid of the 100 Trying - provisional response ... +if (getResponseCode($response) eq "100"){ + $socket->recv($response, 1024) or $state = 'CRITICAL'; +} + +my (undef, $finishtime) = gettimeofday; +my $rtime = ($finishtime - $starttime) / 1000000; # Time taken in seconds +if(checkResponse($response,$rtime,$opt_s)) +{ + if ($rtime > $opt_w) { $state = 'WARNING' } + else { $state = 'OK' } +} +else { $state = 'CRITICAL' } + +exit $ERRORS{$state}; + +### Subroutines ############################################################## + + +sub uconnect +{ + my ($host, $port) = @_; + my $socket = new IO::Socket::INET->new(PeerPort=>$port, Proto=>'udp', PeerAddr=>$host); + unless ($socket) { print "Unable to connect to $host\n"; exit $ERRORS{'UNKNOWN'} } + return $socket; +} + +sub getFromURI{ + my ($from, $localhost,$localport) = @_; + if (!("$from" eq "")){ + return "$from:$localport"; + }else + { + return "sip:checksip\@$localhost:$localport"; + } +} + +sub getUserPart{ + my ($uri) = @_; + my @uris=split(/\@/,$uri); + my $user=$uris[0]; + return $user; +} + +sub hostFromURI +{ + my ($uri) = @_; + $uri =~ s/sip:[^\@]+@//; + return $uri; +} + +sub getResponseCode +{ + my ($message) = @_; + my @messageparts=split(/\ /,$message); + return $messageparts[1]; +} + +sub buildReq +{ + my ($localport, $dsturi, $fromuri,$user,$localhost) = @_; + + my $req; + my $tag = genTag(); + my $idtag = genTag(); + $req.= "OPTIONS $dsturi SIP/2.0\r\n"; + $req.= "Via: SIP/2.0/UDP $localhost:$localport;branch=z9hG4bKhjhs8ass877\r\n"; + $req.= "Max-Forwards: 70\r\n"; + $req.= "To: $dsturi\r\n"; + $req.= "From: $fromuri;tag=$tag\r\n"; + $req.= "Call-ID: $idtag\@$localhost\r\n"; + $req.= "CSeq: 1 OPTIONS\r\n"; + $req.= "Contact: <$user\@$localhost:$localport>\r\n"; + $req.= "Accept: application/sdp\r\n"; + $req.= "Content-Length: 0\r\n\r\n"; + return $req; +} + +sub genTag +{ + my $tag; + my @chars = ('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p', + 'q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8', + '9'); + + for (my $i = 0; $i < 6; $i++) + { + $tag .= $chars[rand(scalar @chars)]; + } + return $tag; +} + +sub printHelp +{ + print "This plugin tests the sip service on the specified host.\n\n"; + print "Usage: $PROGNAME -u sip:uri\@example.com [-H host -p PORT -f sip:fromuri\@example.com -w WARNTIME -s]\n"; + print " $PROGNAME [-h | --help]\n"; + print " $PROGNAME [-V | --version]\n\n"; + print "Options:\n"; + print " -u sip:uri\@example.com\n"; + print " Full SIP uri, eg sip:uri\@example.com\n"; + print " -h, --help\n"; + print " Print this help\n"; + print " -V, --version\n"; + print " Print version information\n"; + print " -H host\n"; + print " Host name or IP Address to connect to\n"; + print " -p port\n"; + print " Port to connect to\n"; + print " -f sip:fromuri\@example.com\n"; + print " Full SIP uri, will be used for the \"From:\"-Header\n"; + print " -s\n"; + print " Changes default behavior: all SIP-responses will result in an \"OK\"\n\n"; + + +} + +sub checkResponse +{ + my ($response, $rtime, $sp_behavior) = @_; + my @header=split(/\r/,$response); + my $tstring=$header[0]; + my $rcode=getResponseCode($response); + if (!$sp_behavior){ + #in this case, we want to see if the SIP-server is respoding positively to our request + # Some SUT respond with 100 Trying - assume everything is OK if we get this + if ($response =~ /^SIP.+[12]00/){ + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 1; + } + elsif ($response =~ /^SIP.+404 Not Found/) { + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 0 } + else { print "Unknown error: $tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; return 0; } + }else{ + #in this case, we accept every response from the server, as long it is SIP + if ($response =~ /^SIP./){ + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 1; + } + else { print "Unknown error: $tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; return 0; } + } +} diff --git a/modules/people/Makefile b/modules/people/Makefile new file mode 100644 index 00000000..2c6c1c03 --- /dev/null +++ b/modules/people/Makefile @@ -0,0 +1,6 @@ +.phony: all + +all: arping.py arping_users.py + echo "call python ./arping_users.py v" +install: + apt-get install python-scapy diff --git a/modules/people/README.md b/modules/people/README.md index d28100d3..e45d39c1 100644 --- a/modules/people/README.md +++ b/modules/people/README.md @@ -1,12 +1,11 @@ -SNMP Users +ARPING Users ========== -asks an snmp-router for its arp-list and tries to verify this list via -ARPING. The snmping is done via snmp-net and command line parsing, -the arping uses 'scapy'. +This is a simplified python script which checks the available subnet for computers online and returns a list of users which are online based on their mac-address -This script needs superuser rights and otherwise will just skip the -verification + +arping_users.py: + call `python arping_users.py v` for verbose output -> print all discovered hosts SNMPWALK Command =============== diff --git a/modules/people/TODO.md b/modules/people/TODO.md index dfefa9a0..daacfd58 100644 --- a/modules/people/TODO.md +++ b/modules/people/TODO.md @@ -1,4 +1,3 @@ BUGS ===== -- an exception is thrown but handled wrong when snmp servers and arping is - unreachable + diff --git a/modules/people/src/arping.py b/modules/people/arping.py index 1b51ab1b..1b51ab1b 100755 --- a/modules/people/src/arping.py +++ b/modules/people/arping.py diff --git a/modules/people/src/arping_users.py b/modules/people/arping_users.py index 9dd95749..c576e4f3 100755 --- a/modules/people/src/arping_users.py +++ b/modules/people/arping_users.py @@ -40,8 +40,8 @@ try: myip,mymac = get_own_addr() ret.append([mymac,myip]) p.terminate() -except: - print 'you fail' +except Exception as e: + print 'you fail '+str(e) @@ -50,3 +50,5 @@ for p in ret: print p[0] + " => " + p[1] if p[1] in names: print names[p[1]]+ " is online" + + diff --git a/modules/people/bin/run.sh b/modules/people/bin/run.sh deleted file mode 100755 index 6da3d059..00000000 --- a/modules/people/bin/run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -echo basedir $0 -BINDIR="`dirname $0`/../src" - -python2 "$BINDIR/main.py" $@ diff --git a/modules/people/conf/example.json b/modules/people/conf/example.json deleted file mode 100644 index f34c20f0..00000000 --- a/modules/people/conf/example.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "snmp_users": { - "amqp": { - "connection": { - "login": "guest", - "password": "guest", - "host": "localhost" - }, - "out": { - "exchange": "snmp_src" - } - }, - "snmp": { - "server": "127.0.0.1", - "community": "community" - }, - "arping": { - "active": true, - "dev": "eth0" - } - } -} diff --git a/modules/people/src/mac_names.lst b/modules/people/mac_names.lst index dcd3c2b0..dcd3c2b0 100644 --- a/modules/people/src/mac_names.lst +++ b/ |