how to check the iptables service running

[Olin]

hi,
how to check the iptables service running ,thank you !!

[kyang]

Are you checking a remote host or localhost? Either way, it will work the same except for using the NRPE Agent.
If you just want the check to display whether it's running or not here is a way that was suggested in a customer related thread.

By lmiltchev,

Initially, I thought you could simply use check_init_service with check_nrpe, for example:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H x.x.x.x -c check_init_service -a 'iptables'

However, this produces lots of output as it shows the firewall rules, instead of just stating: "iptables is running...". I haven't been able to find a specific plugin that is going to do the job, so I decided to use a simple bash script, and a custom command.

Here's what I did.

ON THE REMOTE MACHINE

I placed the following script (named "check_iptables") to the plugins directory (/usr/local/nagios/libexec):

Code: Select all

#!/bin/bash
 /sbin/service iptables status > /dev/null 2>&1
if [ $? = 0 ]; then
        echo "iptables is running"
        exit 0;
else
        echo "iptables is not running"
        exit 2;
fi

and made it executable.

Code: Select all

chmod +x /usr/local/nagios/libexec/check_iptables.sh

I added the following command to "/usr/local/nagios/etc/nrpe/common.cfg" file:

Code: Select all

command[check_iptables]=sudo /usr/local/nagios/libexec/check_iptables.sh

saved, exited, and restarted nrpe:

Code: Select all

service nrpe restart

Note: You can add the command to the "/usr/local/nagios/etc/nrpe.cfg" too if you wish. Also, if you are running NRPE under xinetd, you will need to restart xinetd (instead of nrpe deamon):

Code: Select all

service xinetd restart

Next, I modified /etc/sudoers (by running visudo) by adding this line:

Code: Select all

nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_iptables.sh

ON THE NAGIOS XI SERVER

I tested my check from the command line:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H <client ip> -c 'check_iptables'
iptables is running

Once I saw it was running, I created a new service check in XI:

Code: Select all

define service {
	host_name			CentOS6-NRPE
	service_description		iptables
	use				xiwizard_nrpe_service
	check_command			check_nrpe!check_iptables!!!!!!!
	max_check_attempts		5
	check_interval			5
	retry_interval			1
	check_period			xi_timeperiod_24x7
	notification_interval		60
	notification_period		xi_timeperiod_24x7
	notifications_enabled		1
	contacts			nagiosadmin
	_xiwizard			linux-server
	register			1
	}

ex2.PNG

I scheduled a forced, immediate check in the GUI (under the Service Status Detail page):

ex1.PNG

Hope this helps.

[Olin]

Thank you very much !!

Are you doing checking a remote host or localhost? Either way, it will work the same except for using the NRPE Agent.
If you just want the check to display whether it's running or not here is a way that was suggested in a customer related thread.

By lmiltchev,
Initially, I thought you could simply use check_init_service with check_nrpe, for example:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H x.x.x.x -c check_init_service -a 'iptables'

However, this produces lots of output as it shows the firewall rules, instead of just stating: "iptables is running...". I haven't been able to find a specific plugin that is going to do the job, so I decided to use a simple bash script, and a custom command.

Here's what I did.

ON THE REMOTE MACHINE

I placed the following script (named "check_iptables") to the plugins directory (/usr/local/nagios/libexec):

Code: Select all

#!/bin/bash
 /sbin/service iptables status > /dev/null 2>&1
if [ $? = 0 ]; then
        echo "iptables is running"
        exit 0;
else
        echo "iptables is not running"
        exit 2;
fi

and made it executable.

Code: Select all

chmod +x /usr/local/nagios/libexec/check_iptables.sh

I added the following command to "/usr/local/nagios/etc/nrpe/common.cfg" file:

Code: Select all

command[check_iptables]=sudo /usr/local/nagios/libexec/check_iptables.sh

saved, exited, and restarted nrpe:

Code: Select all

service nrpe restart

Note: You can add the command to the "/usr/local/nagios/etc/nrpe.cfg" too if you wish. Also, if you are running NRPE under xinetd, you will need to restart xinetd (instead of nrpe deamon):

Code: Select all

service xinetd restart

Next, I modified /etc/sudoers (by running visudo) by adding this line:

Code: Select all

nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_iptables.sh

ON THE NAGIOS XI SERVER

I tested my check from the command line:

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H <client ip> -c 'check_iptables'
iptables is running

Once I saw it was running, I created a new service check in XI:

Code: Select all

define service {
	host_name			CentOS6-NRPE
	service_description		iptables
	use				xiwizard_nrpe_service
	check_command			check_nrpe!check_iptables!!!!!!!
	max_check_attempts		5
	check_interval			5
	retry_interval			1
	check_period			xi_timeperiod_24x7
	notification_interval		60
	notification_period		xi_timeperiod_24x7
	notifications_enabled		1
	contacts			nagiosadmin
	_xiwizard			linux-server
	register			1
	}

ex2.PNG

I scheduled a forced, immediate check in the GUI (under the Service Status Detail page):

ex1.PNG

Hope this helps.

[dwhitfield]

Thank you very much !!

Are we ready to close this thread or did you have anything else to add?

[Olin]

yes we can close. thanks a lot.

Thank you very much !!

Are we ready to close this thread or did you have anything else to add?

[kyang]

Sounds good! I'll be closing this thread!

If you have any more questions, feel free to create another thread.

Thanks for using the Nagios Support Forum!