diff --git a/pandora_agents/ChangeLog b/pandora_agents/ChangeLog index 1fca1d7112..14962fa80c 100644 --- a/pandora_agents/ChangeLog +++ b/pandora_agents/ChangeLog @@ -1,3 +1,8 @@ +2007-08-01 Sancho Lerena + + * bsd_ipso/*: Some fixes. Added harm_mode to avoid be unpolite + with IPSO in some heavy loaded systems (IMPERATIVE!). Some fixes. + 2007-07-05 Manuel Arostegui * linux/pandora_agent: Fixed small but important bug. diff --git a/pandora_agents/bsd-ipso/pandora_agent.conf b/pandora_agents/bsd-ipso/pandora_agent.conf index 93a7a784c3..0349832092 100755 --- a/pandora_agents/bsd-ipso/pandora_agent.conf +++ b/pandora_agents/bsd-ipso/pandora_agent.conf @@ -1,161 +1,96 @@ # Fichero de configuracion base de agentes de Pandora # Base config file for Pandora agents -# Version 1.1 +# Version 1.3 # FreeBSD/IPSO version -# Licenced under GPL licence, 2003-2004 Sancho Lerena, and others +# Licenced under GPL licence, 2003-2007 Sancho Lerena # General Parameters # ================== -server_ip pandora_server +server_ip 192.168.50.1 server_path /var/spool/pandora/data_in -pandora_path /usr/share/pandora_agent +pandora_path /opt/pandora_agent temporal /var/spool/pandora/data_out -interval 300 -#agent_name bsdbox01 -debug 0 -checksum 1 +interval 600 +agent_name nokia +debug 0 +checksum 0 +harmless_mode 1 # Module Definition # ================= -# Conexiones del Firewall module_begin -module_name fwcon -module_type generic_data -module_exec cpstat -f policy fw | tr -s " " " " | grep "Num." |awk '{print $3}' +module_name TCP_Conections +module_type generic_data_inc +module_exec fw ctl pstat | grep "TCP" | awk '{ print $3 }' module_end module_begin -module_name max_fwconn -module_type generic_data -module_exec cpstat -f policy fw | tr -s " " " " |grep "Peak" | awk '{print $4}' +module_name UDP_Conections +module_type generic_data_inc +module_exec fw ctl pstat | grep "UDP" | awk '{ print $5 }' module_end -# Consumo de CPU +module_begin +module_name Nat_Conecctions +module_type generic_data_inc +module_exec fw ctl pstat | grep "tcpudp" | awk '{ print $5 }' +module_end + +module_begin +module_name SYS_Temp_Celsius +module_type generic_data +module_exec ipsctl hw:sys_stat:temp:1:current_val | awk '{ print $3 }' +module_end + +module_begin +module_name TCP_Established +module_type generic_data_inc +module_exec ipsctl net:ip:tcp:stats:conns_established | awk '{ print $3 }' +module_end + +module_begin +module_name UDP_RX_Packets +module_type generic_data_inc +module_exec ipsctl net:ip:udp:stats:rx_pkts | awk '{ print $3 }' +module_end + +module_begin +module_name TCP_RX_Packets +module_type generic_data_inc +module_exec ipsctl net:ip:tcp:stats:rx_total_pkts | awk '{ print $3 }' +module_end + +module_begin +module_name FW1_Conns +module_type generic_data +module_exec cpstat -f policy fw | grep "Num. connections" | awk '{ print $3 }' +module_end module_begin module_name cpu_user module_type generic_data -module_exec vmstat 1 2 | tail -1 | awk '{ print $17 }' +module_exec vmstat 1 2 | tail -1 | awk '{ print $16 }' module_end module_begin module_name cpu_sys module_type generic_data -module_exec vmstat 1 2 | tail -1 | awk '{ print $18 }' +module_exec vmstat 1 2 | tail -1 | awk '{ print $17 }' module_end -# Parametros generales del sistema - module_begin module_name system_freemem module_type generic_data -module_exec vmstat | tail -1 | awk '{ print ($5*100)/($4+$5) }' +module_exec vmstat | tail -1 | awk '{ print $5 }' module_end module_begin -module_name system_disk_var_free +module_name load_avg module_type generic_data -module_exec df -k /var | tail -1 | tr -s "%" " " | awk '{ print 100-$5 }' +module_exec uptime | tr -d "," | awk '{ print $9 }' module_end -# Parametros generales del Firewall y del S.O - -module_begin -module_name policy_name -module_type generic_data_string -module_exec cpstat -f policy fw | grep "Policy name:" | tr -s " " " " | awk '{print $3}' -module_end - -module_begin -module_name policy_date -module_type generic_data_string -module_exec cpstat -f policy fw | grep "Policy install time:" | tr -s " " " " | awk '{print $4" "$5" "$6" "$7" "$8}' -module_end - -module_begin -module_name ipso_ver -module_type generic_data_string -module_exec uname -a -module_end - -module_begin -module_name fw_ver -module_type generic_data_string -module_exec fw ver | awk '{ print substr($0,46) }' -module_end - -# Estado de HA - -module_begin -module_name run_ha_ckp -module_type generic_proc -module_exec cpstat -f all ha | tr -s " " " " | awk '/Status short: OK|HA started: yes|HA state: active/{x+=1} END { if (x == 3) print "1"; else print "0"}' -module_end - -module_begin -module_name ha_fw_ckp -module_type generic_proc -module_exec cpstat -f sync fw | tr -s " " " " | awk '/sync - configured: Yes|sync - out state: On|sync - in state: On/{x+=1} END { if (x == 3) print "1"; else print "0"}' -module_end - -module_begin -module_name proc_cphamcset -module_type generic_proc -module_exec ps -x | grep "/opt/CPfw1-R55p/bin/cphamcset" | grep -v "grep" | wc -l | tr -s " " " " -module_end - -# Paquetes procesados por el FW - -module_begin -module_name accept_pkt -module_type generic_data_inc -module_exec cpstat -f totals fw | tail -4 | head -1 | tr -s "|" " " | awk '{ print $1 }' -module_end - -module_begin -module_name drop_pkt -module_type generic_data_inc -module_exec cpstat -f totals fw | tail -4 | head -1 | tr -s "|" " " | awk '{ print $2 }' -module_end - -# Consumo (%) de MEMORIA y CPU de los tres procesos principales del firewall mdq, fwd y cpd - -module_begin -module_name MDQ_MEM -module_type generic_data -module_exec ps auxmw | grep " mdq" | grep -v grep | tr -s " " " " | awk '{ print $4 }' -module_end - -module_begin -module_name MDQ_CPU -module_type generic_data -module_exec ps auxmw | grep " mdq" | grep -v grep | tr -s " " " " | awk '{ print $3 }' -module_end - -module_begin -module_name FWD_MEM -module_type generic_data -module_exec ps auxmw | grep " fwd" | grep -v grep | tr -s " " " " | awk '{ print $4 }' -module_end - -module_begin -module_name FWD_CPU -module_type generic_data -module_exec ps auxmw | grep " fwd" | grep -v grep | tr -s " " " " | awk '{ print $3 }' -module_end - -module_begin -module_name CPD_MEM -module_type generic_data -module_exec ps auxmw | grep " cpd" | grep -v grep | tr -s " " " " | awk '{ print $4 }' -module_end - -module_begin -module_name CPD_CPU -module_type generic_data -module_exec ps auxmw | grep " cpd" | grep -v grep | tr -s " " " " | awk '{ print $3 }' -module_end diff --git a/pandora_agents/bsd-ipso/pandora_agent.sh b/pandora_agents/bsd-ipso/pandora_agent.sh index 9253b0b7c3..e33c2e7ad1 100755 --- a/pandora_agents/bsd-ipso/pandora_agent.sh +++ b/pandora_agents/bsd-ipso/pandora_agent.sh @@ -2,12 +2,13 @@ # ********************************************************************** # Agente Generico Pandora # FreeBSD/IPSO version -# (c) Sancho Lerena 2003-2005, slerena@gmail.com +# (c) Sancho Lerena 2003-2007, slerena@gmail.com # Este codigo esta licenciado bajo la licencia GPL 2.0 # This code is licenced under GPL 2.0 licence. # ********************************************************************** -AGENT_VERSION=1.2a +AGENT_VERSION=1.3 +BUILD_VERSION=070801 OLDIFS=$IFS # Stupid trick to use IFS in some unix ... doesnt work linux standard $'\n' :-? @@ -40,13 +41,21 @@ fi echo "$TIMESTAMP - Reading general config parameters from .conf file" >> $PANDORA_HOME/pandora.log # Default values -CHECKSUM_MODE=1 +CHECKSUM_MODE=0 DEBUG_MODE=0 +PANDORA_HARMLESS=1 +INTERVAL=300 + IFS=$NEWIFS for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v "^#" | grep -v "^module" ` do - a=`echo $a | tr -s " " " "` + if [ "$PANDORA_HARMLESS" = "1" ] + then + sleep 1 + fi + + a=`echo $a | tr -s " " " "` # Get general configuration parameters from config file if [ ! -z "`echo $a | grep '^server_ip'`" ] then @@ -73,16 +82,21 @@ do NOMBRE_HOST=`echo $a | awk '{ print $2 }' ` echo "$TIMESTAMP - [SETUP] - Agent name is $NOMBRE_HOST " >> $PANDORA_HOME/pandora.log fi - if [ ! -z "`echo $a | grep '^debug'`" ] + if [ ! -z "`echo $a | grep '^debug'`" ] then DEBUG_MODE=`echo $a | awk '{ print $2 }' ` echo "$TIMESTAMP - [SETUP] - Debug mode is $DEBUG_MODE " >> $PANDORA_HOME/pandora.log fi - if [ ! -z "`echo $a | grep '^checksum'`" ] + if [ ! -z "`echo $a | grep '^checksum'`" ] then CHECKSUM_MODE=`echo $a | awk '{ print $2 }' ` echo "$TIMESTAMP - [SETUP] - Checksum mode is $CHECKSUM_MODE " >> $PANDORA_HOME/pandora.log fi + if [ ! -z "`echo $a | grep -e '^harmless_mode'`" ] + then + PANDORA_HARMLESS=`echo $a | awk '{ print $2 }' ` + echo "$TIMESTAMP - [SETUP] - Pandora Harmless mode is $PANDORA_HARMLESS" >> $PANDORA_HOME/pandora.log + fi done # MAIN Program loop begin @@ -110,13 +124,18 @@ do # Makes data packet echo "" > $DATA - if [ $DEBUG_MODE = 1 ] - then - echo "$TIMESTAMP - Reading module adquisition data from .conf file" >> $PANDORA_HOME/pandora.log - fi + if [ $DEBUG_MODE = 1 ] + then + echo "$TIMESTAMP - Reading module adquisition data from .conf file" >> $PANDORA_HOME/pandora.log + fi for a in `cat $PANDORA_HOME/pandora_agent.conf | grep -v "^#" | grep "^module" ` do + if [ "$PANDORA_HARMLESS" = "1" ] + then + sleep 1 + fi + a=`echo $a | tr -s " " " "` if [ ! -z "`echo $a | grep '^module_exec'`" ] then @@ -136,17 +155,21 @@ do echo "" >> $DATA fi - if [ ! -z "`echo $a | grep '^module_max' `" ] - then - max=`echo $a | awk '{ print $2 }' ` - echo "$max" >> $DATA - fi + if [ "$PANDORA_HARMLESS" = "0" ] + then + if [ ! -z "`echo $a | grep '^module_max' `" ] + then + max=`echo $a | awk '{ print $2 }' ` + echo "$max" >> $DATA + fi + + if [ ! -z "`echo $a | grep '^module_min'`" ] + then + min=`echo $a | awk '{ print $2 }' ` + echo "$min" >> $DATA + fi + fi - if [ ! -z "`echo $a | grep '^module_min'`" ] - then - min=`echo $a | awk '{ print $2 }' ` - echo "$min" >> $DATA - fi if [ ! -z "`echo $a | grep '^module_description'`" ] then desc=`echo $a | awk '{ print substr($0, 20)}' ` @@ -174,20 +197,20 @@ do echo "" >> $DATA # Calculate Checksum and prepare MD5 file if [ $CHECKSUM_MODE = 0 ] - then - CHECKSUM_DATA="No valid checksum" - else - CHECKSUM_DATA=`cat $DATA | /sbin/md5 ` - fi + then + CHECKSUM_DATA="No valid checksum" + else + CHECKSUM_DATA=`cat $DATA | /sbin/md5 ` + fi echo $CHECKSUM_DATA $DATA> $CHECKSUM - # Send packets to server and detele it - scp -B $PANDORA_FILES pandora@$SERVER_IP:$SERVER_PATH > /dev/null 2> /dev/null + # Send packets to server and detele it + scp -B $PANDORA_FILES pandora@$SERVER_IP:$SERVER_PATH > /dev/null 2> /dev/null if [ $DEBUG_MODE = 1 ] then echo "$TIMESTAMP - Copying $PANDORA_FILES to $SERVER_IP:$SERVER_PATH" >> $PANDORA_HOME/pandora.log - exit + exit fi rm -f $PANDORA_FILES> /dev/null diff --git a/pandora_agents/bsd-ipso/pandora_agent_daemon b/pandora_agents/bsd-ipso/pandora_agent_daemon index ae131bbed2..4f4f1a4191 100755 --- a/pandora_agents/bsd-ipso/pandora_agent_daemon +++ b/pandora_agents/bsd-ipso/pandora_agent_daemon @@ -4,7 +4,7 @@ # Version para IPSO/BSD (csh) # version 1.1 -set PANDORA_PATH=/usr/share/pandora_agent +set PANDORA_PATH=/opt/pandora_agent set DAEMON=pandora_agent.sh set PIDFILE=/var/run/pandora.pid test -x $PANDORA_PATH/$DAEMON || exit diff --git a/pandora_agents/bsd-ipso/pandora_user.conf b/pandora_agents/bsd-ipso/pandora_user.conf index 96ef653353..8e3f0396c3 100755 --- a/pandora_agents/bsd-ipso/pandora_user.conf +++ b/pandora_agents/bsd-ipso/pandora_user.conf @@ -12,18 +12,3 @@ # a little example, to monitor changes on DNS versus actual IP on interface ppp0 # Uncomment below this line to execute. All output needs to be in Pandora XML Agent-Output format -#PLC_DNS=`dig @194.179.1.101 plc.genterara.com A +short | tail -1 ` -#PLC_LOCAL=`ifconfig ppp0 | head -2 | tail -1 | tr -s ":" " " | awk ' { print $3 } '` -#if [ "$PLC_DNS" == "$PLC_LOCAL" ] -#then -# PLC_STATUS=1 -#else -# PLC_STATUS=0 -#fi -# -#echo "" -#echo "PLC_DNS_CHECK" -#echo "generic_proc" -#echo "$PLC_STATUS" -#echo "" -