> Ran as nagios user and please find the details below. ( iptables Stopped) > > > [nagios@server ~]$ /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | > /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l| echo $? > 0
That 'echo $?' was supposed to be on the next line, not a continuation of the command. Can you run that again, but as two separate commands, one right after the other? I want to see the result of your first command (the iptables one). > [nagios@server ~]$ /usr/bin/sudo /sbin/iptables -nvL > Chain INPUT (policy ACCEPT 9089 packets, 3303K bytes) > pkts bytes target prot opt in out source > destination > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) > pkts bytes target prot opt in out source > destination > > Chain OUTPUT (policy ACCEPT 7812 packets, 3436K bytes) > pkts bytes target prot opt in out source > destination > [nagios@server ~]$ I'm assuming "server" == "zurich", right? I wonder if you can cut out the first grep and awk, and just look for 'Cid' ? > -----Original Message----- > From: C. Bensend [mailto:be...@bennyvision.com] > Sent: Thursday, 30 May 2013 8:44 PM > To: nagios-users@lists.sourceforge.net > Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring > > > I'm assuming that this check is running *on* the host 'zurich'? > > /var/log/secure should be listing an entry, if sudo is being run. > > Manually, *as the nagios user*, what happens when you do the following? > > /usr/bin/sudo /sbin/iptables -nvL | /bin/grep 'Chain' | \ > /bin/awk '{ print $2 }'| /bin/grep Cid | /usr/bin/wc -l echo $? > > > How about just (again, as the nagios user): > > /usr/bin/sudo /sbin/iptables -nvL > > >> Please find the details >> >> Sudoers Definition:- >> >> nagios zurich= NOPASSWD: /sbin/iptables, >> /usr/local/nagios/libexec/check_iptables.sh, >> /usr/local/nagios/libexec/check_nrpe >> >> /var/log/secure: >> >> su: pam_unix(su:session): session opened for user nagios by >> root(uid=0) >> su: pam_unix(su:session): session closed for user nagios >> >> >> >> -----Original Message----- >> From: C. Bensend [mailto:be...@bennyvision.com] >> Sent: Wednesday, 29 May 2013 7:59 PM >> To: >> nagios-users@lists.sourceforge.net<mailto:nagios-users@lists.sourceforge.net> >> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >> >> >> Where's your sudoers definition that allows the nagios user to run any >> commands via sudo? >> >> And what does /var/log/secure (or equivalent) think about the nagios >> user trying to run sudo? >> >> >>> I have tested with nagios user as well.. still no luck with that. >>> Could you some one update if you have any solution on this case. >>> >>> Kind Regards, >>> Thilak >>> >>> From: Deborah Martin [mailto:deborah.mar...@kognitio.com] >>> Sent: Tuesday, 14 May 2013 7:30 PM >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Ok - if I look at your output, manually, when the plugin is run as >>> the "root" user it produces the correct result. >>> >>> But, you haven't said what the nrpe user is that is running on the >>> remote node and whether the same manual run of the check produces >>> the same output. >>> For example, I run remote plugins through nrpe as the "nagios" user >>> so if I want to manually test a plugin on the remote node, I would >>> first login as the nagios user to ensure I've got the same >>> environment that would be used when running via nrpe. It might be >>> that the variables you have set in the script only work as the root >>> user. It's never a good idea to test as the root user but only as >>> the same user as that used by nagios or nrpe. >>> >>> Regards, >>> Deborah >>> >>> From: Thilakraj.Shanmugam >>> [mailto:thilakraj.shanmu...@canberra.edu.au] >>> Sent: 14 May 2013 09:58 >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Hi Deborah, Thanks for the response.. please find the details below. >>> >>> >>> [root@abc libexec]# pwd >>> /usr/local/nagios/libexec >>> [root@abc libexec]# ./check_iptables.sh >>> <----- Executing manually script >>> + IPT=/sbin/iptables >>> + GREP=/bin/grep >>> + AWK=/bin/awk >>> + EXPR=/usr/bin/expr >>> + WC=/usr/bin/wc >>> + A=/usr/bin/sudo >>> + E_SUCCESS=0 >>> + E_CRITICAL=2 >>> + E_UNKNOWN=3 >>> ++ /usr/bin/sudo /sbin/iptables -nvL >>> ++ /bin/grep Chain >>> ++ /bin/awk '{ print $2 }' >>> ++ /bin/grep Cid >>> ++ /usr/bin/wc -l >>> + CHAINS=5 >>> + '[' 5 -ne 0 ']' >>> + echo 'Firewall is running!' >>> Firewall is running! >>> + exit 0 >>> <------ it shows >>> firewall >>> running ( correct output ) >>> [root@abc libexec]# >>> >>> >>> Client - NRPE config file >>> >>> [root@abc libexec]# cat /usr/local/nagios/etc/nrpe.cfg |grep -i >>> iptable >>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>> [root@abc libexec]# >>> >>> >>> [root@abc libexec]# ./check_nrpe -H localhost -c check_iptables >>> Firewall is not running >>> <----- executing >>> via >>> check_nrpe ( wrong output ) >>> [root@abc libexec]# >>> >>> >>> NRPE Logs >>> ------------- >>> >>> May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_Partion_db]=/usr/local/nagios/libexec/check_disk -w 15% >>> -c 5% -p /db May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_Partion_app]=/usr/local/nagios/libexec/check_disk -w >>> 15% -c 5% -p /app May 14 18:52:28 abc nrpe[31158]: Added >>> command[check_iptables]=/usr/local/nagios/libexec/check_iptables.sh >>> May 14 18:52:28 abc nrpe[31158]: INFO: SSL/TLS initialized. All >>> network traffic will be encrypted. >>> May 14 18:52:28 abc nrpe[31158]: Handling the connection... >>> May 14 18:52:28 abc nrpe[31158]: Host is asking for command >>> 'check_iptables' to be run... >>> May 14 18:52:28 abc nrpe[31158]: Running command: >>> /usr/local/nagios/libexec/check_iptables.sh >>> May 14 18:52:28 abc nrpe[31158]: Command completed with return code 2 >>> and >>> output: Firewall is not running >>> May 14 18:52:28 abc nrpe[31158]: Return Code: 2, Output: Firewall is >>> not running >>> >>> >>> Kind Regards, >>> Thilak >>> >>> >>> From: Deborah Martin [mailto:deborah.mar...@kognitio.com] >>> Sent: Tuesday, 14 May 2013 6:44 PM >>> To: Nagios Users List >>> Subject: Re: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Hi, >>> What is the wrong output being returned ? This might give us all a >>> clue as to the cause of the problem. >>> When you run the check manually, are you doing this as the same user >>> that check_nrpe will use ? >>> >>> Regards, >>> Deborah >>> >>> >>> >>> From: Thilakraj.Shanmugam >>> [mailto:thilakraj.shanmu...@canberra.edu.au] >>> Sent: 14 May 2013 08:43 >>> To: >>> nagios-users@lists.sourceforge.net<mailto:nagios-users@lists.sourcefo<mailto:nagios-users@lists.sourceforge.net<mailto:nagios-users@lists.sourcefo> >>> r<mailto:nagios-users@lists.sourceforge.net<mailto:nagios-users@lists >>> .sourcefor> >>> ge.net> >>> Subject: [Nagios-users] Nagios Plugin for IPTABLES Monitoring >>> >>> Greetings! >>> >>> Could someone send me nagios plugin which is tested and works well >>> for monitoring IPTABLES in Linux. >>> >>> I have tested below script but it is not returning correct output to >>> nagios server. >>> >>> If I execute script manually, it shows correct output... >>> >>> But if I execute via ./check_nrpe - H localhost -c check_iptables, >>> it shows wrong output. >>> >>> >>> >>> Below is my plugin >>> ------------------------------ >>> >>> #!/bin/bash >>> set -x >>> >>> IPT='/sbin/iptables' >>> GREP='/bin/grep' >>> AWK='/bin/awk' >>> EXPR='/usr/bin/expr' >>> WC='/usr/bin/wc' >>> A='/usr/bin/sudo' >>> >>> E_SUCCESS="0" >>> E_CRITICAL="2" >>> E_UNKNOWN="3" >>> >>> CHAINS=`$A $IPT -nvL | $GREP 'Chain' | $AWK '{ print $2 }'| $GREP Cid >>> | $WC -l` >>> >>> if [ $CHAINS -ne 0 ] ; then >>> echo "Firewall is running!" >>> exit ${E_SUCCESS} >>> >>> elif [ $CHAINS -eq 0 ] ; then >>> echo "Firewall is not running" >>> exit ${E_CRITICAL} >>> fi >>> >>> >>> >>> This e-mail and any files transmitted with it are strictly >>> confidential and intended solely for the use of the individual or >>> entity to whom they are addressed. If you are not the intended >>> recipient, please delete this e-mail immediately. Any unauthorised >>> distribution or copying is strictly prohibited. >>> >>> Whilst Kognitio endeavours to prevent the transmission of viruses via >>> e-mail, we cannot guarantee that any e-mail or attachment is free >>> from computer viruses and you are strongly advised to undertake your >>> own anti-virus precautions. Kognitio grants no warranties regarding >>> performance, use or quality of any e-mail or attachment and >>> undertakes no liability for loss or damage, howsoever caused. >>> >>> >>> This e-mail and any files transmitted with it are strictly >>> confidential and intended solely for the use of the individual or >>> entity to whom they are addressed. If you are not the intended >>> recipient, please delete this e-mail immediately. Any unauthorised >>> distribution or copying is strictly prohibited. >>> >>> Whilst Kognitio endeavours to prevent the transmission of viruses via >>> e-mail, we cannot guarantee that any e-mail or attachment is free >>> from computer viruses and you are strongly advised to undertake your >>> own anti-virus precautions. Kognitio grants no warranties regarding >>> performance, use or quality of any e-mail or attachment and >>> undertakes no liability for loss or damage, howsoever caused. >>> --------------------------------------------------------------------- >>> - >>> -------- Introducing AppDynamics Lite, a free troubleshooting tool >>> for Java/.NET Get 100% visibility into your production application - >>> at no cost. >>> Code-level diagnostics for performance bottlenecks with <2% overhead >>> Download for free and get started troubleshooting in minutes. >>> http://p.sf.net/sfu/appdyn_d2d_ap1___________________________________ >>> _ >>> ___________ >>> Nagios-users mailing list >>> Nagios-users@lists.sourceforge.net<mailto:Nagios-users@lists.sourcefo<mailto:Nagios-users@lists.sourceforge.net<mailto:Nagios-users@lists.sourcefo> >>> rge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >>> ::: Please include Nagios version, plugin version (-v) and OS when >>> reporting any issue. >>> ::: Messages without supporting info will risk being sent to >>> /dev/null >> >> >> -- >> "The very existence of flamethrowers proves that sometime, somewhere, >> someone said to themselves, 'You know, I want to set those people over >> there on fire, but I'm just not close enough to get the job >> done.'" -- George Carlin >> >> >> ---------------------------------------------------------------------- >> -------- Introducing AppDynamics Lite, a free troubleshooting tool for >> Java/.NET Get 100% visibility into your production application - at no >> cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1 >> _______________________________________________ >> Nagios-users mailing list >> Nagios-users@lists.sourceforge.net<mailto:Nagios-users@lists.sourcefor<mailto:Nagios-users@lists.sourceforge.net<mailto:Nagios-users@lists.sourcefor> >> ge.net> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null >> >> ---------------------------------------------------------------------- >> -------- Introducing AppDynamics Lite, a free troubleshooting tool for >> Java/.NET Get 100% visibility into your production application - at no >> cost. >> Code-level diagnostics for performance bottlenecks with <2% overhead >> Download for free and get started troubleshooting in minutes. >> http://p.sf.net/sfu/appdyn_d2d_ap1____________________________________ >> ___________ >> Nagios-users mailing list >> Nagios-users@lists.sourceforge.net<mailto:Nagios-users@lists.sourceforge.net> >> https://lists.sourceforge.net/lists/listinfo/nagios-users >> ::: Please include Nagios version, plugin version (-v) and OS when >> reporting any issue. >> ::: Messages without supporting info will risk being sent to /dev/null > > > -- > "The very existence of flamethrowers proves that sometime, somewhere, > someone said to themselves, 'You know, I want to set those people over > there on fire, but I'm just not close enough to get the job > done.'" -- George Carlin > > > ------------------------------------------------------------------------------ > Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET > Get 100% visibility into your production application - at no cost. > Code-level diagnostics for performance bottlenecks with <2% overhead > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap1 > _______________________________________________ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net<mailto:Nagios-users@lists.sourceforge.net> > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null > > ------------------------------------------------------------------------------ > Get 100% visibility into Java/.NET code with AppDynamics Lite > It's a free troubleshooting tool designed for production > Get down to code-level detail for bottlenecks, with <2% overhead. > Download for free and get started troubleshooting in minutes. > http://p.sf.net/sfu/appdyn_d2d_ap2_______________________________________________ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when > reporting any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- "The very existence of flamethrowers proves that sometime, somewhere, someone said to themselves, 'You know, I want to set those people over there on fire, but I'm just not close enough to get the job done.'" -- George Carlin ------------------------------------------------------------------------------ Get 100% visibility into Java/.NET code with AppDynamics Lite It's a free troubleshooting tool designed for production Get down to code-level detail for bottlenecks, with <2% overhead. Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap2 _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null