Ad Widget

Collapse

Check iptables

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • frater
    Senior Member
    • Oct 2010
    • 340
    #1

    Check iptables

    If one of your colleagues modifies the firewall on one of the servers, you will get a notification which may help when some strange things occur

    Code:
    echo "UserParameter=net.iptables.cksum,sudo iptables-save | grep -v '^[#:]' | md5sum | tr -cd 0-9 | cut -b1-10" >>/etc/zabbix/zabbix_agentd.conf

echo "zabbix ALL = NOPASSWD: `which iptables-save`" >>/etc/sudoers

/etc/init.d/zabbix-agent restart
    You only need to create the item: net.iptables.cksum with a refresh of 600 seconds
    and the trigger: net.iptables.cksum.diff(0)}>0
    Last edited by frater; 02-12-2010, 11:48.
    Zabbix agents on Linux, FreeBSD, Windows, AVM-Fritz!box, DD-WRT and QNAP
    Tags: None
    • frater
      Senior Member
      • Oct 2010
      • 340
      #2
      It didn't work on all my servers, but luckily I found the culprit.
      Your /etc/sudoers may contain the line 'Defaults requiretty'
      This means any sudo command will fail....

      This was in my /var/log/zabbix/zabbix_agentd.log
      Code:
      sudo: sorry, you must have a tty to run sudo
      You can comment it out with visudo or just this command:
      Code:
      sed -i -e 's/^Defaults.*requiretty/# &/' /etc/sudoers
      Zabbix agents on Linux, FreeBSD, Windows, AVM-Fritz!box, DD-WRT and QNAP

        Comment

        Previous template Next
        Working...