Home Directory Plugins Security Check Iptables

Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

Check Iptables

Current Version
0.6.1
Last Release Date
2011-02-10
Compatible With
  • Nagios 1.x
  • Nagios 2.x
  • Nagios 3.x
Owner
License
GPL
Hits
109904
Files:
FileDescription
check_iptables_status.sh0.6.1 version - Fixes to error handling, and coding mistakes.
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
This plugin check if the number of iptables rules loaded and the ones that are supposed to be loaded are the same. If the numbers are not ok it notifies nagios and logs on /var/log/iptables the users logged in at the time.
Documentation about iptables: ~:# man iptables
This scripts is intended to be used to check if your iptables rules are set correctly load at any time, I didn't find a better way to check if a server has your rules loaded so I check the number of configured rules and if they are less than they should be Nagios will send an alert using it notify service.
Reviews (1)
byshawnbrito, July 10, 2011
1 of 1 people found this review helpful
Hi...
I managed to get this somewhat operational on the local machine by adding the nagios user to the sudoers file..
nagios ALL= NOPASSWD: /sbin/iptables

Then I added the sudo to the plugin..
CHKIPTBLS=`sudo /sbin/iptables -n -t filter -L |wc -l`

However that only sorted out the local execution environment.. When I try to invoke from the foreign Nagios server, it still doesn't quite execute :(
[The Command]
/usr/local/nagios/libexec/check_nrpe -H {the_other_machine_ip} -c check_iprule_no -a RH-Firewall-1-INPUT 15

[The Output]
CRITICAL - Iptables are CRITICAL The Table RH-Firewall-1-INPUT and Chain has 0 rules configured

However it works nicely on the NRPE local machine..
[Output]
OK - Iptables are OK The Table RH-Firewall-1-INPUT and Chain has 28 rules configured