tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
pandorafms/pandora_agents/linux/plugins/iptables_plugin

96 lines
3.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# -----------------------------------------------------------------
# Netfilter / GNULinux Network IPTables plugin for Pandora FMS
# (c) Sancho Lerena 2008-2009.
# This is an agent plugin, used only on local agents
# NOTE: This agent needs the system command 'bc' to calculate hex data
# -----------------------------------------------------------------
TEMP=/tmp/network.tmp
cat /proc/net/stat/ip_conntrack | tail -1 | tr "[:lower:]" "[:upper:]" > $TEMP
CT_ENTRIES_T=`cat $TEMP | awk '{ print $1 }'`
CT_ENTRIES=`echo "ibase=16; $CT_ENTRIES_T" | bc`
CT_NEW_T=`cat $TEMP | awk '{ print $3 }'`
CT_NEW=`echo "ibase=16; $CT_NEW_T" | bc`
CT_INVALID_T=`cat $TEMP | awk '{ print $4 }'`
CT_INVALID=`echo "ibase=16; $CT_INVALID_T" | bc`
rm $TEMP 2> /dev/null
CONTRACKFILE=/tmp/conntrack.pandora
cat /proc/net/ip_conntrack > $CONTRACKFILE 2> /dev/null
fw_con_established=`cat $CONTRACKFILE | grep ESTABLISH | wc -l`
fw_con_timewait=`cat $CONTRACKFILE | grep TIME_WAIT | wc -l`
fw_con_syn_wait=`cat $CONTRACKFILE | grep SYN_ | wc -l`
fw_con_fin_wait=`cat $CONTRACKFILE | grep FIN_WAIT | wc -l`
fw_con_unreplied=`cat $CONTRACKFILE | grep UNREPLIED | wc -l`
fw_enabled=`cat /proc/sys/net/ipv4/ip_forward`
rm $CONTRACKFILE 2> /dev/null
echo "<module>"
echo "<name>Conntrack Active Entries</name>"
echo "<type>generic_data</type>"
echo "<description>Get active entries in Netfilter conntrack session table</description>"
echo "<data>$CT_ENTRIES</data>"
echo "</module>"
echo "<module>"
echo "<name>Conntrack New</name>"
echo "<type>generic_data_inc</type>"
echo "<description>Get new connections in Netfilter conntrack session table</description>"
echo "<data>$CT_NEW</data>"
echo "</module>"
echo "<module>"
echo "<name>Conntrack Invalid</name>"
echo "<type>generic_data_inc</type>"
echo "<description>Get invalid entries in Netfilter conntrack session table</description>"
echo "<data>$CT_INVALID</data>"
echo "</module>"
echo "<module>"
echo "<name>fw_con_established</name>"
echo "<type>generic_data</type>"
echo "<description>Established connetions on Firewall</description>"
echo "<data>$fw_con_established</data>"
echo "</module>"
echo "<module>"
echo "<name>fw_con_timewait</name>"
echo "<type>generic_data</type>"
echo "<description>Established connections pending to timeout</description>"
echo "<data>$fw_con_timewait</data>"
echo "</module>"
echo "<module>"
echo "<name>fw_con_syn_wait</name>"
echo "<type>generic_data</type>"
echo "<description>Not-established connections, waiting to other side</description>"
echo "<data>$fw_con_syn_wait</data>"
echo "</module>"
echo "<module>"
echo "<name>fw_con_fin_wait</name>"
echo "<type>generic_data</type>"
echo "<description>Established connections waiting FIN on other side</description>"
echo "<data>$fw_con_fin_wait</data>"
echo "</module>"
echo "<module>"
echo "<name>fw_con_unreplied</name>"
echo "<type>generic_data</type>"
echo "<description>Unreplied connection attempts</description>"
echo "<data>$fw_con_unreplied</data>"
echo "</module>"
echo "<module>"
echo "<name>fw_enabled</name>"
echo "<type>generic_proc</type>"
echo "<description>Forwarding enabled</description>"
echo "<data>$fw_enabled</data>"
echo "</module>"
Reference in New Issue View Git Blame Copy Permalink