From 4f3b31fd611de21d75b0a465b438577632f47ee0 Mon Sep 17 00:00:00 2001 From: Felix Richter Date: Sat, 14 May 2011 23:14:59 +0200 Subject: added retiolum makefile --- modules/retiolum/Makefile | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 modules/retiolum/Makefile (limited to 'modules') diff --git a/modules/retiolum/Makefile b/modules/retiolum/Makefile new file mode 100644 index 00000000..9bda5dfc --- /dev/null +++ b/modules/retiolum/Makefile @@ -0,0 +1,8 @@ +all: + mkdir -p /etc/tinc/retiolum + git clone git://github.com/miefda/retiolum.git /etc/tinc/retiolum/hosts + echo cd /etc/tinc/retiolum/hosts/.scripts + echo "choose the right build script from here" +update: + cd /etc/tinc/retiolum/hosts + git pull origin master -- cgit v1.2.3 From a780c084808b707cd220729eea851b896c3310dc Mon Sep 17 00:00:00 2001 From: krebs Date: Sun, 22 May 2011 01:36:58 +0200 Subject: updated Nagios config scripts krebs_hosts: changed paths for utart/ytart shack_infrastructure: added script to check if local dns is working tinc_hosts: added IRC check for supernode tincnet: added IRC check command --- modules/Monitoring/conf/krebs_hosts.cfg | 8 ++++---- modules/Monitoring/conf/shack_infrastructure.cfg | 8 ++++++-- modules/Monitoring/conf/tinc_hosts.cfg | 9 ++++++++- modules/Monitoring/conf/tincnet.cfg | 4 ++++ 4 files changed, 22 insertions(+), 7 deletions(-) (limited to 'modules') diff --git a/modules/Monitoring/conf/krebs_hosts.cfg b/modules/Monitoring/conf/krebs_hosts.cfg index c52c6924..6857cd45 100644 --- a/modules/Monitoring/conf/krebs_hosts.cfg +++ b/modules/Monitoring/conf/krebs_hosts.cfg @@ -16,10 +16,10 @@ define host{ # define host{ use generic-host - host_name utart.shack + host_name utart alias UTART _tinc_address 10.7.7.66 - address 10.42.2.238 + address 10.42.23.23 parents shack-router hostgroups krebs-machines,tinc-nodes,ssh-servers } @@ -28,11 +28,11 @@ define host{ # define host{ use generic-host - host_name ytart.shack + host_name ytart alias ytart _tinc_address 10.7.7.201 parents shack-router - address 10.42.2.254 #TODO check me + address 10.42.1.227 hostgroups krebs-machines,tinc-nodes,ssh-servers } # diff --git a/modules/Monitoring/conf/shack_infrastructure.cfg b/modules/Monitoring/conf/shack_infrastructure.cfg index 53bc688b..2b75a241 100644 --- a/modules/Monitoring/conf/shack_infrastructure.cfg +++ b/modules/Monitoring/conf/shack_infrastructure.cfg @@ -58,7 +58,11 @@ define service { host_name shack-dns service_description DNS Service use generic-service - check_command check_dns + check_command check_dns_shack + } +define command { + command_name check_dns_shack + command_line /usr/lib/nagios/plugins/check_dns -H shack.shack -s '$HOSTADDRESS$' } define host{ @@ -111,7 +115,7 @@ define service { host_name shack-ldap service_description LDAP Service use generic-service - check_command check_ldap!shack + check_command check_ldap!shammunity } # diff --git a/modules/Monitoring/conf/tinc_hosts.cfg b/modules/Monitoring/conf/tinc_hosts.cfg index ef2cb95d..4b1ad9ab 100644 --- a/modules/Monitoring/conf/tinc_hosts.cfg +++ b/modules/Monitoring/conf/tinc_hosts.cfg @@ -10,7 +10,14 @@ define host{ _TINC_ADDRESS 10.7.7.1 address miefda.org parents shack-gw - hostgroups tinc-nodes,ssh-servers + hostgroups tinc-nodes,ssh-servers,http-servers + } + +define service { + host_name supernode + service_description IRC + use generic-service + check_command check_ircd } # # Sharepoint (dhbw-stuttgart) diff --git a/modules/Monitoring/conf/tincnet.cfg b/modules/Monitoring/conf/tincnet.cfg index d63119b3..f0b35b4e 100644 --- a/modules/Monitoring/conf/tincnet.cfg +++ b/modules/Monitoring/conf/tincnet.cfg @@ -16,6 +16,10 @@ define command { command_name check_internal_tinc_up command_line $USER1$/check_ping -H $_HOSTTINC_ADDRESS$ -w $ARG1$ -c $ARG2$ } +define command { + command_name check_ircd + command_line $USER1$/check_ircd $_HOSTTINC_ADDRESS$ + } define service { hostgroup_name tinc-nodes -- cgit v1.2.3 From 951d398e20fdb778289e7dff2350594503dc300f Mon Sep 17 00:00:00 2001 From: krebs Date: Sun, 22 May 2011 01:42:36 +0200 Subject: updated people script, removed bloat from people script collection --- modules/people/Makefile | 6 ++ modules/people/README.md | 11 ++-- modules/people/TODO.md | 3 +- modules/people/arping.py | 37 +++++++++++ modules/people/arping_users.py | 54 ++++++++++++++++ modules/people/bin/run.sh | 5 -- modules/people/conf/example.json | 22 ------- modules/people/mac_names.lst | 1 + modules/people/src/arping.py | 37 ----------- modules/people/src/arping_users.py | 48 --------------- modules/people/src/mac_names.lst | 1 - modules/people/src/main.py | 33 ---------- modules/people/src/snmp_users.py | 122 ------------------------------------- 13 files changed, 104 insertions(+), 276 deletions(-) create mode 100644 modules/people/Makefile create mode 100755 modules/people/arping.py create mode 100755 modules/people/arping_users.py delete mode 100755 modules/people/bin/run.sh delete mode 100644 modules/people/conf/example.json create mode 100644 modules/people/mac_names.lst delete mode 100755 modules/people/src/arping.py delete mode 100755 modules/people/src/arping_users.py delete mode 100644 modules/people/src/mac_names.lst delete mode 100755 modules/people/src/main.py delete mode 100755 modules/people/src/snmp_users.py (limited to 'modules') diff --git a/modules/people/Makefile b/modules/people/Makefile new file mode 100644 index 00000000..2c6c1c03 --- /dev/null +++ b/modules/people/Makefile @@ -0,0 +1,6 @@ +.phony: all + +all: arping.py arping_users.py + echo "call python ./arping_users.py v" +install: + apt-get install python-scapy diff --git a/modules/people/README.md b/modules/people/README.md index d28100d3..e45d39c1 100644 --- a/modules/people/README.md +++ b/modules/people/README.md @@ -1,12 +1,11 @@ -SNMP Users +ARPING Users ========== -asks an snmp-router for its arp-list and tries to verify this list via -ARPING. The snmping is done via snmp-net and command line parsing, -the arping uses 'scapy'. +This is a simplified python script which checks the available subnet for computers online and returns a list of users which are online based on their mac-address -This script needs superuser rights and otherwise will just skip the -verification + +arping_users.py: + call `python arping_users.py v` for verbose output -> print all discovered hosts SNMPWALK Command =============== diff --git a/modules/people/TODO.md b/modules/people/TODO.md index dfefa9a0..daacfd58 100644 --- a/modules/people/TODO.md +++ b/modules/people/TODO.md @@ -1,4 +1,3 @@ BUGS ===== -- an exception is thrown but handled wrong when snmp servers and arping is - unreachable + diff --git a/modules/people/arping.py b/modules/people/arping.py new file mode 100755 index 00000000..1b51ab1b --- /dev/null +++ b/modules/people/arping.py @@ -0,0 +1,37 @@ +#!/usr/bin/python + +import logging +log = logging.getLogger('arpingy') +logging.disable(logging.WARNING) + +import os,sys +try: + if (os.geteuid() != 0): + raise Exception('no root permissions') + from scapy.all import * #might throws "no such module" + + def arpingy(iprange="10.42.1.0/24",iface='eth0'): + log.debug("pinging "+ str(iprange)) + """Arping function takes IP Address or Network, returns nested mac/ip list""" + try: + conf.verb=0 + ans,unans=arping(iprange,iface=iface,timeout=1,retry=3) + + collection = [] + for snd, rcv in ans: + result = rcv.sprintf(r"%ARP.psrc% %Ether.src%").split() + log.debug(result) + return result # take just the first arp reply + except Exception as e: + print ("something went wrong while arpinging " + str(e)) + return [] + +except Exception as e: + log.error("Cannot load arping functions!" + str(e)) + def arpingy(iprange='',iface=''): + raise Exception ('arping not available') + + +if __name__ =='__main__': + logging.basicConfig(level=logging.DEBUG) + arpingy(sys.argv[1],sys.argv[2]) diff --git a/modules/people/arping_users.py b/modules/people/arping_users.py new file mode 100755 index 00000000..c576e4f3 --- /dev/null +++ b/modules/people/arping_users.py @@ -0,0 +1,54 @@ +#!/usr/bin/python +import subprocess,re,logging,sys + +from arping import arpingy +from multiprocessing import Pool +DEV='eth0' +MAC_NAMES='mac_names.lst' +data = [] +ret = {} +verb = False + +if len(sys.argv) > 1 and sys.argv[1] == 'v': + verb = True +def get_own_addr(): + data = subprocess.Popen(['/sbin/ifconfig',DEV], + stdout=subprocess.PIPE).communicate()[0].replace('\n','') + return re.sub(r'.*HWaddr ([0-9A-Fa-f:]*).*inet addr:([0-9.]*).*' , + r'\1 \2',data).split() + +def load_names(MAC_NAMES): + names = {} + f = open(MAC_NAMES) + for l in f: + mac,name = l.split() + names[mac] = name.replace('\n','') + f.close() + return names + +def arping_helper(dic): + return arpingy(**dic) + +for first in range(4): + for second in range(255): + data.append({'iprange':'10.42.'+str(first)+'.'+str(second),'iface':DEV}) + +names = load_names(MAC_NAMES) +try: + p = Pool(20) + ret = filter(lambda x:x , p.map(arping_helper, data)) + myip,mymac = get_own_addr() + ret.append([mymac,myip]) + p.terminate() +except Exception as e: + print 'you fail '+str(e) + + + +for p in ret: + if verb: + print p[0] + " => " + p[1] + if p[1] in names: + print names[p[1]]+ " is online" + + diff --git a/modules/people/bin/run.sh b/modules/people/bin/run.sh deleted file mode 100755 index 6da3d059..00000000 --- a/modules/people/bin/run.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -echo basedir $0 -BINDIR="`dirname $0`/../src" - -python2 "$BINDIR/main.py" $@ diff --git a/modules/people/conf/example.json b/modules/people/conf/example.json deleted file mode 100644 index f34c20f0..00000000 --- a/modules/people/conf/example.json +++ /dev/null @@ -1,22 +0,0 @@ -{ - "snmp_users": { - "amqp": { - "connection": { - "login": "guest", - "password": "guest", - "host": "localhost" - }, - "out": { - "exchange": "snmp_src" - } - }, - "snmp": { - "server": "127.0.0.1", - "community": "community" - }, - "arping": { - "active": true, - "dev": "eth0" - } - } -} diff --git a/modules/people/mac_names.lst b/modules/people/mac_names.lst new file mode 100644 index 00000000..dcd3c2b0 --- /dev/null +++ b/modules/people/mac_names.lst @@ -0,0 +1 @@ +00:40:63:c8:b5:a0 krebs diff --git a/modules/people/src/arping.py b/modules/people/src/arping.py deleted file mode 100755 index eea176e0..00000000 --- a/modules/people/src/arping.py +++ /dev/null @@ -1,37 +0,0 @@ -#!/usr/bin/python - -import logging -log = logging.getLogger('arpingy') -logging.disable(logging.WARNING) - -import os,sys -try: - if (os.geteuid() != 0): - raise Exception('no root permissions') - from scapy.all import * #might throws "no such module" - - def arpingy(iprange="10.42.1.0/24",iface='eth0'): - log.debug("pinging "+ str(iprange)) - """Arping function takes IP Address or Network, returns nested mac/ip list""" - try: - conf.verb=1 - ans,unans=arping(iprange,iface=iface,timeout=1,retry=3) - - collection = [] - for snd, rcv in ans: - result = rcv.sprintf(r"%ARP.psrc% %Ether.src%").split() - log.debug(result) - return result # take just the first arp reply - except Exception as e: - print ("something went wrong while arpinging " + str(e)) - return [] - -except Exception as e: - log.error("Cannot load arping functions!" + str(e)) - def arpingy(iprange='',iface=''): - raise Exception ('arping not available') - - -if __name__ =='__main__': - logging.basicConfig(level=logging.DEBUG) - arpingy(sys.argv[1],sys.argv[2]) diff --git a/modules/people/src/arping_users.py b/modules/people/src/arping_users.py deleted file mode 100755 index d6f6826e..00000000 --- a/modules/people/src/arping_users.py +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/python -import subprocess,re,logging - -from arping import arpingy -from multiprocessing import Pool - -DEV='eth0' -MAC_NAMES='mac_names.lst' -data = [] -ret = {} -exit (0) -def get_own_addr(): - data = subprocess.Popen(['/sbin/ifconfig',DEV], - stdout=subprocess.PIPE).communicate()[0].replace('\n','') - return re.sub(r'.*HWaddr ([0-9A-Fa-f:]*).*inet addr:([0-9.]*).*' , - r'\1 \2',data).split() - -def load_names(MAC_NAMES): - names = {} - f = open(MAC_NAMES) - for l in f: - mac,name = l.split() - names[mac] = name.replace('\n','') - f.close() - return names - -def arping_helper(dic): - return arpingy(**dic) - -for first in range(3): - for second in range(255): - data.append({'iprange':'10.42.'+str(first)+'.'+str(second),'iface':DEV}) - -names = load_names(MAC_NAMES) -try: - p = Pool(20) - ret = filter(lambda x:x , p.map(arping_helper, data)) - myip,mymac = get_own_addr() - ret.append([mymac,myip]) - p.terminate() -except: - print 'you fail' - - - -for p in ret: - if p[1] in names: - print names[p[1]]+ " is online" diff --git a/modules/people/src/mac_names.lst b/modules/people/src/mac_names.lst deleted file mode 100644 index dcd3c2b0..00000000 --- a/modules/people/src/mac_names.lst +++ /dev/null @@ -1 +0,0 @@ -00:40:63:c8:b5:a0 krebs diff --git a/modules/people/src/main.py b/modules/people/src/main.py deleted file mode 100755 index c70bffd4..00000000 --- a/modules/people/src/main.py +++ /dev/null @@ -1,33 +0,0 @@ -#!/usr/bin/env python2 -import sys,json,time -from snmp_users import snmp_users -import logging -import genericore as gen -MODULE_NAME='snmp_users' -log = logging.getLogger(MODULE_NAME) -PROTO_VERSION = 1 -DESCRIPTION = 'performes statistical analysis against mails from stream' - - -# set up instances of needed modules -conf = gen.Configurator(PROTO_VERSION,DESCRIPTION) -amqp = gen.auto_amqp(MODULE_NAME) -s = snmp_users(MODULE_NAME) # the magic mail parsing class - -conf.configure([amqp,s]) #set up parser and eval parsed stuff - -# start network connections -amqp.create_connection() - -log.info('Starting up snmp_users') -print ' Sending Messages in Intervals. To exit press CTRL+C' -try: - while True: - log.info("collecting data from network") - ret = s.collect() - data = { 'type' : 'snmp', 'subtype' : 0, 'data' : ret} - log.debug("writing data to queue : %s" % data) - amqp.publish(json.dumps(data)) - time.sleep(s.repeat) -except Exception as e: - print "something happened :( " + str(e) diff --git a/modules/people/src/snmp_users.py b/modules/people/src/snmp_users.py deleted file mode 100755 index 871ed9dd..00000000 --- a/modules/people/src/snmp_users.py +++ /dev/null @@ -1,122 +0,0 @@ -#!/usr/bin/python2 - -import logging, subprocess,re -from multiprocessing import Pool -from genericore import Configurable -from arping import arpingy -log = logging.getLogger('snmp_users') - -DEFAULT_CONFIG= { - "snmp" : { - "server" : "127.0.0.1", - "community" : "community", - "tree" : "1.3.6.1.2.1.3.1.1.2" - }, - "arping" : { - "active" : True, - "dev" : "eth0" - } -} - -def arping_helper(dic): - return arpingy(**dic) - -class snmp_users(Configurable): - mac_list = {} - - def __init__(self,MODULE_NAME,config=None): - self.NAME=MODULE_NAME - newConf = { MODULE_NAME : DEFAULT_CONFIG } - Configurable.__init__(self,newConf) - self.load_conf(config) - - def call_external(self): - """returns an array of lines produced by snmpwalk """ - conf = self.config[self.NAME]['snmp'] - - out = subprocess.Popen( - ['snmpwalk', - '-v2c', - '-c',conf['community'], - conf['server'], - conf['tree']], - stdout=subprocess.PIPE).communicate()[0] - return out.split('\n') - - def parse_output(self,output): - """ parses output lines produced by snmpwalk """ - data = [] - for i in output: - if i == '': - continue - data.append(re.sub(r'.*\.(\d+\.\d+\.\d+\.\d+) = Hex-STRING: ([ 0-9A-F]*) ', r'\1 : \2',i).split(' : ')) - data = [ [ip,':'.join(mac.split()).lower()] for ip,mac in data] #sanitize - - return data - - def update_results(self,new): - """ Verifies ip and mac via ARP Scan - in addition it adds the correct ip to the mac_list """ - macl = self.mac_list = {} - for ip,mac in new: # fill the mac_list - if not macl.get(mac,None): - macl[mac] = [] - macl[mac].append(ip) - return True - - def verify(self,snmp_data): - """ verifies retrieved data where data is an array of arrays where - [0] is the ip and [1] is the mac (space-delimited)""" - arp_data = self.arping_parallel(snmp_data) - self.update_results(arp_data) - - def get_own_addr(self): - data = subprocess.Popen(['/sbin/ifconfig',self.config[self.NAME]['arping']['dev']], - stdout=subprocess.PIPE).communicate()[0].replace('\n','') - return re.sub(r'.*HWaddr ([0-9:A-F]*).*inet addr:([0-9.]*).*' ,r'\1 \2',data).split() - - - def arping_parallel(self,data): - conf = self.config[self.NAME]['arping'] - if conf['active']: - tmp = [ {'iprange':dat[0],'iface':conf['dev']} for dat in data] - try: - p = Pool(10) - ret = filter(lambda x:x , p.map(arping_helper, tmp)) - - myip,mymac = self.get_own_addr() #append self to list - ret.append([mymac,myip ] ) - p.terminate() - return ret - except Exception as e: - log.warning("Something happened,falling back to original data: "+ str(e)) - return data - - def collect(self): - output = self.call_external() - data = self.parse_output(output) - if not data: - raise Exception('External tool had not returned any parsable output') - log.debug('Got following output from snmpwalk program: ' +str(data)) - macs = self.verify(data) - #self.print_results(self.mac_list) - return self.mac_list - - def print_results(self,macs): - log.debug('printing results:') - print '\n'.join([ mac + " => %s" % - str(ips) for mac,ips in macs.items() ]) - print '%d *unique* nodes in network' % len(macs) - - def populate_parser(self,parser): - parser.add_argument('--repeat',type=int,dest='repeat',default=30,help='Seconds between Scans',metavar='SECS') #TODO add this to configuration - - def eval_parser(self,parsed): - self.repeat = parsed.repeat - -if __name__ == "__main__": - logging.basicConfig(level=logging.INFO) - a = snmp_users() - print a.get_own_addr() - a.collect() - a.print_results(a.mac_list) -- cgit v1.2.3 From 5fc88a3872d0e138b611fd6d1341979232a1de90 Mon Sep 17 00:00:00 2001 From: krebs Date: Mon, 23 May 2011 16:22:29 +0200 Subject: updated shack infrastructure according to wiki see: http://cert.eulerpfad.com/infrastruktur:topo added access points including icons added vdsl-modem,extern-switch updated parents according to plan updated coreswitch and serverswitch infrastructure added check_sip script a lot of more stuff probably --- modules/Monitoring/conf/krebs_hosts.cfg | 12 +- modules/Monitoring/conf/shack_infrastructure.cfg | 193 ++++++++++++---- modules/Monitoring/conf/shacknet.cfg | 34 +++ modules/Monitoring/conf/tinc_hosts.cfg | 6 +- .../images/logos/krebs/wireless_access_point.gd2 | Bin 0 -> 1047 bytes .../images/logos/krebs/wireless_access_point.png | Bin 0 -> 883 bytes .../logos/krebs/wireless_access_point_64.png | Bin 0 -> 5364 bytes modules/Monitoring/plugins/check_sip | 252 +++++++++++++++++++++ 8 files changed, 438 insertions(+), 59 deletions(-) create mode 100644 modules/Monitoring/conf/shacknet.cfg create mode 100644 modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 create mode 100644 modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png create mode 100644 modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png create mode 100755 modules/Monitoring/plugins/check_sip (limited to 'modules') diff --git a/modules/Monitoring/conf/krebs_hosts.cfg b/modules/Monitoring/conf/krebs_hosts.cfg index 6857cd45..4903020c 100644 --- a/modules/Monitoring/conf/krebs_hosts.cfg +++ b/modules/Monitoring/conf/krebs_hosts.cfg @@ -7,8 +7,8 @@ define host{ host_name krebs.shack alias krebs _tinc_address 10.7.7.156 - address 10.42.23.5 - parents shack-router + address 10.42.23.5 + parents shack-coreswitch hostgroups krebs-machines,tinc-nodes,ssh-servers } # @@ -20,7 +20,7 @@ define host{ alias UTART _tinc_address 10.7.7.66 address 10.42.23.23 - parents shack-router + parents shack-coreswitch hostgroups krebs-machines,tinc-nodes,ssh-servers } # @@ -31,7 +31,7 @@ define host{ host_name ytart alias ytart _tinc_address 10.7.7.201 - parents shack-router + parents shack-coreswitch address 10.42.1.227 hostgroups krebs-machines,tinc-nodes,ssh-servers } @@ -44,7 +44,7 @@ define host{ alias uPM Virtual Machine _tinc_address 10.7.7.99 address upm.shack - parents shack-vplatform + parents shack-node1 hostgroups krebs-machines,ssh-servers,shack-rz #,tinc-nodes } @@ -61,7 +61,7 @@ define host{ alias genericore Virtual Machine #_tinc_address 10.7.7.XX address genericore.shack - parents shack-vplatform + parents shack-node1 hostgroups ssh-servers,shack-rz #,tinc-nodes,krebs-machines } diff --git a/modules/Monitoring/conf/shack_infrastructure.cfg b/modules/Monitoring/conf/shack_infrastructure.cfg index 2b75a241..3adf193b 100644 --- a/modules/Monitoring/conf/shack_infrastructure.cfg +++ b/modules/Monitoring/conf/shack_infrastructure.cfg @@ -1,46 +1,160 @@ # -define hostgroup { - hostgroup_name shack-rz - alias Shack RZ Infrastructure - } -define hostextinfo{ - hostgroup_name shack-rz - notes Shack RZ Infrastructure -# notes_url http://webserver.localhost.localdomain/hostinfo.pl?host=netware1 - icon_image krebs/shack.png - icon_image_alt shack-RZ - vrml_image shack.png - statusmap_image krebs/shack.gd2 - } # # Shack Virtual Machine Hoster Platform # + +# +# Virtualization and storage +# define host{ use generic-host - host_name shack-vplatform + host_name shack-node1 alias Shack Virtualization Server - address node0.shack - parents shack-router + address 10.42.0.10 + parents shack-serverswitch hostgroups shack-rz,ssh-servers } define host{ use generic-host - host_name shack-router - alias Shack Cisco Router - address 10.42.0.3 + host_name shack-zetbox + alias Shack Virtualization Server + address 10.42.0.10 + parents shack-serverswitch hostgroups shack-rz,ssh-servers } - define host{ use generic-host host_name shack-plattenschwein - parents shack-router + parents shack-serverswitch alias Shack Plattenschwein - address plattenschwein.shack + address 10.42.0.12 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-gauda0 + parents shack-serverswitch + alias Shack gauda0 Mining Server + address 10.42.0.99 + hostgroups shack-rz + } +# +# Network Infrastructure +# + +# +## Shack gateway (no gateway-no internet) +# +define host{ + use generic-host + host_name shack-gw + parents shack-coreswitch + alias Watchguard Shack Gateway + address 10.42.0.1 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-modem + parents shack-gw + alias Shack Telecom VDSL Router + address 192.168.2.1 + hostgroups shack-rz + } +define host{ + use generic-host + host_name shack-externswitch + parents shack-gw + alias Shack External Switch (2.OG) + address 10.0.10.2 + hostgroups shack-rz + } + +define service { + host_name shack-gw + service_description DNS Service + use generic-service + check_command check_dns + } +define host{ + use generic-host + host_name shack-coreswitch + alias Shack Cisco Router Coreswitch + address 10.42.0.3 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-serverswitch + parents shack-coreswitch + alias Shack Cisco Router Serverswitch + address 10.42.0.4 hostgroups shack-rz,ssh-servers } +define host{ + use generic-host + host_name shack-wlan-ap1 + parents shack-coreswitch + alias Shack Wlan Access Point 1 + address 10.42.0.5 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap2 + parents shack-coreswitch + alias Shack Wlan Access Point 2 + address 10.42.0.6 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap3 + parents shack-coreswitch + alias Shack Wlan Access Point 3 + address 10.42.0.7 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap4 + parents shack-coreswitch + alias Shack Wlan Access Point 4 + address 10.42.0.8 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap5 + parents shack-coreswitch + alias Shack Wlan Access Point 5 + address 10.42.0.9 + hostgroups wlan-ap + } +# +# Voip Infrastructure +# +define host{ + use generic-host + host_name shack-voip + alias Shack Cisco VOIP Gateway + address 10.42.0.2 + parents shack-coreswitch + hostgroups shack-rz,http-servers + } + +define service{ + host_name shack-voip + service_description SIP Service + use generic-service + check_command check_sip + } + + + + # # Shack DNS Server @@ -49,7 +163,7 @@ define host{ define host{ use generic-host host_name shack-dns - parents shack-vplatform + parents shack-zetbox alias Shack DNS Virtual Host address dns.shack hostgroups shack-rz @@ -60,23 +174,20 @@ define service { use generic-service check_command check_dns_shack } -define command { - command_name check_dns_shack - command_line /usr/lib/nagios/plugins/check_dns -H shack.shack -s '$HOSTADDRESS$' - } define host{ use generic-host host_name shack-pxe - parents shack-vplatform + parents shack-zetbox alias Shack PXEBoot Vhost address pxeboot.shack hostgroups shack-rz } + define host{ use generic-host host_name shack-printsrv - parents shack-vplatform + parents shack-node1 alias Shack Print Server address printer.shack hostgroups shack-rz @@ -85,7 +196,7 @@ define host{ define host{ use generic-host host_name shack-aptproxy - parents shack-vplatform + parents shack-zetbox alias Shack Apt-proxy address aptproxy.shack hostgroups shack-rz @@ -94,7 +205,7 @@ define host{ define host{ use generic-host host_name shack-shack - parents shack-vplatform + parents shack-node1 alias Shack Data Exchange address shack.shack hostgroups shack-rz,ssh-servers @@ -106,7 +217,7 @@ define host{ define host{ use generic-host host_name shack-ldap - parents shack-vplatform + parents shack-zetbox alias Shack LDAP Server address ldap.shack hostgroups shack-rz @@ -118,21 +229,3 @@ define service { check_command check_ldap!shammunity } -# -# Shack gateway -# -define host{ - use generic-host - host_name shack-gw - parents shack-router - alias Watchguard Shack Gateway - address 10.42.0.1 - hostgroups shack-rz,ssh-servers - } -define service { - host_name shack-gw - service_description DNS Service - use generic-service - check_command check_dns - } - diff --git a/modules/Monitoring/conf/shacknet.cfg b/modules/Monitoring/conf/shacknet.cfg new file mode 100644 index 00000000..7658ab80 --- /dev/null +++ b/modules/Monitoring/conf/shacknet.cfg @@ -0,0 +1,34 @@ +define hostgroup { + hostgroup_name shack-rz + alias Shack RZ Infrastructure + } +define hostgroup { + hostgroup_name wlan-ap + alias Shack Wlan Access Points + } +define hostextinfo{ + hostgroup_name wlan-ap + notes Access Points for Shack + icon_image krebs/wireless_access_point.png + icon_image_alt wireless_access_point + vrml_image wireless_access_point.png + statusmap_image krebs/wireless_access_point.gd2 + } +define hostextinfo{ + hostgroup_name shack-rz + notes Shack RZ Infrastructure + icon_image krebs/shack.png + icon_image_alt shack-RZ + vrml_image shack.png + statusmap_image krebs/shack.gd2 + } + +define command { + command_name check_sip + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p 5060 + } + +define command { + command_name check_dns_shack + command_line $USER1$/check_dns -H shack.shack -s '$HOSTADDRESS$' + } diff --git a/modules/Monitoring/conf/tinc_hosts.cfg b/modules/Monitoring/conf/tinc_hosts.cfg index 4b1ad9ab..23c2b75e 100644 --- a/modules/Monitoring/conf/tinc_hosts.cfg +++ b/modules/Monitoring/conf/tinc_hosts.cfg @@ -9,7 +9,7 @@ define host{ alias Supernode External _TINC_ADDRESS 10.7.7.1 address miefda.org - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers,http-servers } @@ -28,7 +28,7 @@ define host{ alias PA Sharepoint address 141.31.8.11 _TINC_ADDRESS 10.7.7.5 - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers } # @@ -40,6 +40,6 @@ define host{ alias no_omo address leechi.kicks-ass.org _TINC_ADDRESS 10.7.7.111 - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers,http-servers } diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 new file mode 100644 index 00000000..6e740ec4 Binary files /dev/null and b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 differ diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png new file mode 100644 index 00000000..9febe45e Binary files /dev/null and b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png differ diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png new file mode 100644 index 00000000..fe9788af Binary files /dev/null and b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png differ diff --git a/modules/Monitoring/plugins/check_sip b/modules/Monitoring/plugins/check_sip new file mode 100755 index 00000000..24374727 --- /dev/null +++ b/modules/Monitoring/plugins/check_sip @@ -0,0 +1,252 @@ +#!/usr/bin/perl -w +# +# check_sip plugin for nagios +# $Revision: 1.2 $ +# +# Nagios plugin to check SIP servers +# +# By Sam Bashton, Bashton Ltd +# bashton.com/content/nagiosplugins +# Michael Hirschbichler, Institute of Broadband Communications, +# Vienna University of Technology +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +use strict; +use lib "/usr/lib/nagios/plugins"; +use utils qw($TIMEOUT %ERRORS &print_revision &support); +use vars qw($PROGNAME); +use IO::Socket::INET; +#use Sys::Hostname; +use Time::HiRes qw(gettimeofday); +use Net::Domain qw (hostname hostfqdn hostdomain); + +$PROGNAME = "check_sip"; +my $VERSION = "1.2"; + +$ENV{'BASH_ENV'}=''; +$ENV{'ENV'}=''; +$ENV{'PATH'}=''; +$ENV{'LC_ALL'}='C'; + +my ($opt_V,$opt_h,$opt_u,$opt_p,$opt_H, $opt_w, $opt_s, $opt_f); +$opt_V = $opt_h = $opt_u = $opt_p = $opt_H = $opt_w = $opt_s = $opt_f = ''; + +my $state = 'UNKNOWN'; + +use Getopt::Long; +Getopt::Long::Configure('bundling'); +GetOptions( + "V" => \$opt_V, "version" => \$opt_V, + "h" => \$opt_h, "help" => \$opt_h, + "s" => \$opt_s, + "f=s" => \$opt_f, "fromuri=s" => \$opt_f, + "u=s" => \$opt_u, "uri=s" => \$opt_u, + "p=s" => \$opt_p, "port=s" => \$opt_p, + "H=s" => \$opt_H, "host=s" => \$opt_H, + "w=s" => \$opt_w, "warn=s" => \$opt_w +); + +# -h displays help +if ($opt_h) { printHelp(); exit $ERRORS{'OK'}; } + +# -V display version number +if ($opt_V) { + print_revision($PROGNAME, $VERSION); + exit $ERRORS{'OK'}; +}; + +# Check the sip URI is OK +unless ($opt_u) { printHelp(); exit $ERRORS{'UNKNOWN'} } + +# Port is 5060 unless otherwise specified +unless ($opt_p) { $opt_p = 5060 } + +# Determine the host from the sip URI if it wasn't specified with -H +unless ($opt_H) { $opt_H = hostFromURI($opt_u) } + +# Check the host is valid +unless (utils::is_hostname($opt_H)) +{ + print "$opt_H is not a valid hostname\n"; + printHelp(); + exit $ERRORS{"UNKNOWN"}; +} + +unless ($opt_w) { $opt_w = 5 } # Warn if response takes longer than 5 seconds + +### Main code ############################################################### + +# Timeout if we don't recieve a response within a suitable timeframe.. +$SIG{'ALRM'} = sub { + print ("SIP timeout: No response from SIP server after $TIMEOUT seconds\n"); + exit $ERRORS{"CRITICAL"}; +}; +alarm($TIMEOUT); + +my $localhost = hostfqdn(); +$opt_f = getFromURI($opt_f,$localhost,$opt_p); +my $user=getUserPart($opt_f); +my $socket = uconnect($opt_H, $opt_p); +my @localinfo = unpack_sockaddr_in($socket->sockname); +my $req = buildReq($localinfo[0], $opt_u, $opt_f,$user,$localhost); +my (undef, $starttime) = gettimeofday; +$socket->send($req); +my $response; +$socket->recv($response, 1024) or $state = 'CRITICAL'; + +#get rid of the 100 Trying - provisional response ... +if (getResponseCode($response) eq "100"){ + $socket->recv($response, 1024) or $state = 'CRITICAL'; +} + +my (undef, $finishtime) = gettimeofday; +my $rtime = ($finishtime - $starttime) / 1000000; # Time taken in seconds +if(checkResponse($response,$rtime,$opt_s)) +{ + if ($rtime > $opt_w) { $state = 'WARNING' } + else { $state = 'OK' } +} +else { $state = 'CRITICAL' } + +exit $ERRORS{$state}; + +### Subroutines ############################################################## + + +sub uconnect +{ + my ($host, $port) = @_; + my $socket = new IO::Socket::INET->new(PeerPort=>$port, Proto=>'udp', PeerAddr=>$host); + unless ($socket) { print "Unable to connect to $host\n"; exit $ERRORS{'UNKNOWN'} } + return $socket; +} + +sub getFromURI{ + my ($from, $localhost,$localport) = @_; + if (!("$from" eq "")){ + return "$from:$localport"; + }else + { + return "sip:checksip\@$localhost:$localport"; + } +} + +sub getUserPart{ + my ($uri) = @_; + my @uris=split(/\@/,$uri); + my $user=$uris[0]; + return $user; +} + +sub hostFromURI +{ + my ($uri) = @_; + $uri =~ s/sip:[^\@]+@//; + return $uri; +} + +sub getResponseCode +{ + my ($message) = @_; + my @messageparts=split(/\ /,$message); + return $messageparts[1]; +} + +sub buildReq +{ + my ($localport, $dsturi, $fromuri,$user,$localhost) = @_; + + my $req; + my $tag = genTag(); + my $idtag = genTag(); + $req.= "OPTIONS $dsturi SIP/2.0\r\n"; + $req.= "Via: SIP/2.0/UDP $localhost:$localport;branch=z9hG4bKhjhs8ass877\r\n"; + $req.= "Max-Forwards: 70\r\n"; + $req.= "To: $dsturi\r\n"; + $req.= "From: $fromuri;tag=$tag\r\n"; + $req.= "Call-ID: $idtag\@$localhost\r\n"; + $req.= "CSeq: 1 OPTIONS\r\n"; + $req.= "Contact: <$user\@$localhost:$localport>\r\n"; + $req.= "Accept: application/sdp\r\n"; + $req.= "Content-Length: 0\r\n\r\n"; + return $req; +} + +sub genTag +{ + my $tag; + my @chars = ('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p', + 'q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8', + '9'); + + for (my $i = 0; $i < 6; $i++) + { + $tag .= $chars[rand(scalar @chars)]; + } + return $tag; +} + +sub printHelp +{ + print "This plugin tests the sip service on the specified host.\n\n"; + print "Usage: $PROGNAME -u sip:uri\@example.com [-H host -p PORT -f sip:fromuri\@example.com -w WARNTIME -s]\n"; + print " $PROGNAME [-h | --help]\n"; + print " $PROGNAME [-V | --version]\n\n"; + print "Options:\n"; + print " -u sip:uri\@example.com\n"; + print " Full SIP uri, eg sip:uri\@example.com\n"; + print " -h, --help\n"; + print " Print this help\n"; + print " -V, --version\n"; + print " Print version information\n"; + print " -H host\n"; + print " Host name or IP Address to connect to\n"; + print " -p port\n"; + print " Port to connect to\n"; + print " -f sip:fromuri\@example.com\n"; + print " Full SIP uri, will be used for the \"From:\"-Header\n"; + print " -s\n"; + print " Changes default behavior: all SIP-responses will result in an \"OK\"\n\n"; + + +} + +sub checkResponse +{ + my ($response, $rtime, $sp_behavior) = @_; + my @header=split(/\r/,$response); + my $tstring=$header[0]; + my $rcode=getResponseCode($response); + if (!$sp_behavior){ + #in this case, we want to see if the SIP-server is respoding positively to our request + # Some SUT respond with 100 Trying - assume everything is OK if we get this + if ($response =~ /^SIP.+[12]00/){ + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 1; + } + elsif ($response =~ /^SIP.+404 Not Found/) { + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 0 } + else { print "Unknown error: $tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; return 0; } + }else{ + #in this case, we accept every response from the server, as long it is SIP + if ($response =~ /^SIP./){ + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 1; + } + else { print "Unknown error: $tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; return 0; } + } +} -- cgit v1.2.3 From 1e4df0acce701b5488b1be0efbfe66a73c5abf3b Mon Sep 17 00:00:00 2001 From: krebs Date: Mon, 23 May 2011 16:50:59 +0200 Subject: added TODO file first todo is to merge in changes in the global cgi config and htuser file --- modules/Monitoring/TODO | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 modules/Monitoring/TODO (limited to 'modules') diff --git a/modules/Monitoring/TODO b/modules/Monitoring/TODO new file mode 100644 index 00000000..6d74fdcd --- /dev/null +++ b/modules/Monitoring/TODO @@ -0,0 +1,5 @@ +add guest user +add guest user to +> * authorized_for_all_services=usernagios,guest +> * authorized_for_all_hosts=usernagios,guest +in /etc/nagios3/somewhere -- cgit v1.2.3 From 7e58b11f8a4045088afaafff82ef154fd060fa4d Mon Sep 17 00:00:00 2001 From: krebs Date: Tue, 24 May 2011 21:24:27 +0200 Subject: zoneminder: initial commit --- modules/zoneminder/Makefile | 14 ++++++++++++++ modules/zoneminder/zmdc.pl-LD_PRELOAD.patch | 10 ++++++++++ modules/zoneminder/zoneminder.conf | 2 ++ 3 files changed, 26 insertions(+) create mode 100644 modules/zoneminder/Makefile create mode 100644 modules/zoneminder/zmdc.pl-LD_PRELOAD.patch create mode 100644 modules/zoneminder/zoneminder.conf (limited to 'modules') diff --git a/modules/zoneminder/Makefile b/modules/zoneminder/Makefile new file mode 100644 index 00000000..27302715 --- /dev/null +++ b/modules/zoneminder/Makefile @@ -0,0 +1,14 @@ + +.PHONY: fix it so hard +it: so +so: it hard fix + apt-get install --yes zoneminder libv4l-0 + +hard: /etc/sysctl.d/zoneminder.conf +/etc/sysctl.d/zoneminder.conf: zoneminder.conf + cp $< $@ + sysctl -p $@ + +fix: zmdc.pl-LD_PRELOAD.patch + (cd /usr/bin && patch -N) < $< || : + diff --git a/modules/zoneminder/zmdc.pl-LD_PRELOAD.patch b/modules/zoneminder/zmdc.pl-LD_PRELOAD.patch new file mode 100644 index 00000000..b00fc673 --- /dev/null +++ b/modules/zoneminder/zmdc.pl-LD_PRELOAD.patch @@ -0,0 +1,10 @@ +--- /usr/bin/zmdc.pl 2011-05-23 22:28:57.505247793 +0200 ++++ /usr/bin/zmdc.pl 2011-05-23 22:29:45.597248242 +0200 +@@ -62,6 +62,7 @@ + $ENV{SHELL} = '/bin/sh' if exists $ENV{SHELL}; + delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; + ++$ENV{LD_PRELOAD} = '/usr/lib/libv4l/v4l2convert.so'; + my @daemons = ( + 'zmc', + 'zma', diff --git a/modules/zoneminder/zoneminder.conf b/modules/zoneminder/zoneminder.conf new file mode 100644 index 00000000..1eec6fd9 --- /dev/null +++ b/modules/zoneminder/zoneminder.conf @@ -0,0 +1,2 @@ +kernel.shmall = 134217728 +kernel.shmmax = 134217728 -- cgit v1.2.3