Menu
▾
▴
[Fail2ban-commit] SF.net SVN: fail2ban:[721] branches/FAIL2BAN-0_8
|
From: <los...@us...> - 2009-01-27 22:58:33
|
Revision: 721
http://fail2ban.svn.sourceforge.net/fail2ban/?rev=721&view=rev
Author: lostcontrol
Date: 2009-01-27 22:58:29 +0000 (Tue, 27 Jan 2009)
Log Message:
-----------
- Added nagios script. Thanks to Sebastian Mueller.
Modified Paths:
--------------
branches/FAIL2BAN-0_8/ChangeLog
branches/FAIL2BAN-0_8/MANIFEST
Added Paths:
-----------
branches/FAIL2BAN-0_8/files/nagios/
branches/FAIL2BAN-0_8/files/nagios/check_fail2ban
branches/FAIL2BAN-0_8/files/nagios/f2ban.txt
Modified: branches/FAIL2BAN-0_8/ChangeLog
===================================================================
--- branches/FAIL2BAN-0_8/ChangeLog 2009-01-20 23:08:59 UTC (rev 720)
+++ branches/FAIL2BAN-0_8/ChangeLog 2009-01-27 22:58:29 UTC (rev 721)
@@ -24,6 +24,7 @@
crashed. Thanks to Detlef Reichelt.
- Removed begin-line anchor for "standard" timestamp. Fixed
Debian bug #500824.
+- Added nagios script. Thanks to Sebastian Mueller.
ver. 0.8.3 (2008/07/17) - stable
----------
Modified: branches/FAIL2BAN-0_8/MANIFEST
===================================================================
--- branches/FAIL2BAN-0_8/MANIFEST 2009-01-20 23:08:59 UTC (rev 720)
+++ branches/FAIL2BAN-0_8/MANIFEST 2009-01-27 22:58:29 UTC (rev 721)
@@ -116,3 +116,5 @@
files/cacti/fail2ban_stats.sh
files/cacti/cacti_host_template_fail2ban.xml
files/cacti/README
+files/nagios/check_fail2ban
+files/nagios/f2ban.txt
Added: branches/FAIL2BAN-0_8/files/nagios/check_fail2ban
===================================================================
--- branches/FAIL2BAN-0_8/files/nagios/check_fail2ban (rev 0)
+++ branches/FAIL2BAN-0_8/files/nagios/check_fail2ban 2009-01-27 22:58:29 UTC (rev 721)
@@ -0,0 +1,106 @@
+#!/bin/bash
+#
+# Usage: ./check_fail2ban
+###############################################################################################
+# Description:
+# This plugin will check the status of Fail2ban.
+#
+# Created: 2008-10-25 (Sebastian Mueller)
+#
+# Changes: 2008-10-26 fixed some issues (Sebastian Mueller)
+# Changes: 2009-01-25 add the second check, when server is not replying and the
+# process is hang-up (Sebastian Mueller)
+#
+# please visit my website http://www.elchtest.eu or my personal WIKI http://wiki.elchtest.eu
+#
+################################################################################################
+# if you have any questions, send a mail to li...@kr...
+#
+# this script is for my personal use. read the script before running/using it!!!
+#
+#
+# YOU HAVE BEEN WARNED. THIS MAY DESTROY YOUR MACHINE. I ACCEPT NO RESPONSIBILITY.
+###############################################################################################
+
+
+SECOND_CHECK=0
+STATE_OK=0
+STATE_CRITICAL=2
+
+######################################################################
+# Read the Status from fail2ban-client
+######################################################################
+check_processes_fail2ban()
+{
+
+ F2B=`sudo -u root fail2ban-client ping | awk -F " " '{print $3}'`
+ exit_fail2ban=0
+
+ if [[ $F2B = "pong" ]]; then
+ exit_fail2ban=$STATE_OK
+ else
+ exit_fail2ban=$STATE_CRITICAL
+ fi
+
+}
+######################################################################
+# first check in the Background, PID will be killed when no response
+# after 10 seconds, might be possible, otherwise the scipt will be
+# pressent in your memory all the time
+#
+######################################################################
+
+check_processes_fail2ban &
+pid=$!
+
+typeset -i i=0
+while ps $pid >/dev/null
+do
+ sleep 1
+ i=$i+1
+if [ $i -ge 10 ]
+ then
+ kill $pid
+ SECOND_CHECK=1
+ exit_fail2ban=$STATE_CRITICAL
+ break
+fi
+done
+
+######################################################################
+# when the Server response (doesent mean the FAIL2BAN is working)
+# in the first step, then it will run again and test the Service
+# and provide the real status
+######################################################################
+
+
+if [ $SECOND_CHECK -eq 0 ]; then
+ check_processes_fail2ban
+ elif [ $SECOND_CHECK -eq 1 ]; then
+ exit_fail2ban=$STATE_CRITICAL
+fi
+
+
+
+######################################################################
+# Mainmenu
+######################################################################
+
+
+final_exit=$exit_fail2ban
+if [ $final_exit -eq 0 ]; then
+ echo "SYSTEM OK - Fail2ban is working normaly"
+ exitstatus=$STATE_OK
+elif [ $final_exit -ne "0" ]; then
+ echo "SYSTEM WARNING - Fail2Ban is not working"
+######################################################################
+# If don't have a Nagios Server for monitoring, remove the comment and
+# add your Mail Addres. You can check it with a Cron Job once a hour.
+# put a txt file on your server and describe how to fix the issue, this
+# could be attached to the mail.
+######################################################################
+# mutt -s "FAIL2BAN NOT WORKING" yo...@em... < /home/f2ban.txt
+
+ exitstatus=$STATE_CRITICAL
+fi
+exit $exitstatus
Added: branches/FAIL2BAN-0_8/files/nagios/f2ban.txt
===================================================================
--- branches/FAIL2BAN-0_8/files/nagios/f2ban.txt (rev 0)
+++ branches/FAIL2BAN-0_8/files/nagios/f2ban.txt 2009-01-27 22:58:29 UTC (rev 721)
@@ -0,0 +1,18 @@
+It seems that Fail2ban is currently not working, please login and check
+
+HELP:
+
+1.) stop the Service
+/etc/init.d/fail2ban stop
+
+2.) delete the socket if avalible
+rm /tmp/fail2ban.sock
+
+3.) start the Service
+/etc/init.d/fail2ban start
+
+4.) check if fail2ban is working
+fail2ban-client ping
+Answer should be "pong"
+
+5.) if the answer is not "pong" run away or CRY FOR HELP ;-)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|