Ad Widget

Collapse

Monitor IpTables Rules

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • samarcos
    Junior Member
    • May 2021
    • 17
    #1

    Monitor IpTables Rules

    Hi,
    I am trying to setup a way to monitor the number of active rules from iptables,
    I created an item:
    Code:
    system.run[/home/zabbix/count-rules.sh]
    and the count-rules.sh:
    Code:
    #!/bin/bash

# Use the iptables-save command to get a list of all rules and count the lines.
rule_count=$(iptables-save | grep -c "^\-A")

echo $rule_count
    I was trying to setup a graph to display the rules loaded, if there was a change, then it means something was wrong.
    but I am having permission issues.

    is there a better way to monitor rules in IPtables, or to monitor changes to iptables?
    I looked at the templates, but was unable to find any template for iptables.


    Tags: None
    • dimir
      Zabbix developer
      • Apr 2011
      • 1080
      #2
      This script is run by Zabbix, so supposedly by zabbix user, which probably is missing some capabilities. Here's the related post, I think: https://unix.stackexchange.com/quest...t-user-and-why

        Comment

        • samarcos
          Junior Member
          • May 2021
          • 17
          #3
          Maybe there is a better way to monitor IPTables?

            Comment

            • BigSmooth
              Member
              • Jun 2023
              • 46
              #4
              I guess doing a checksum (md5sum) instead of line count would be more accurate. We can imagine one rule removed and one rule created between two checks would not be detected.

                Comment

                Previous template Next
                Working...