From 5fc88a3872d0e138b611fd6d1341979232a1de90 Mon Sep 17 00:00:00 2001 From: krebs Date: Mon, 23 May 2011 16:22:29 +0200 Subject: updated shack infrastructure according to wiki see: http://cert.eulerpfad.com/infrastruktur:topo added access points including icons added vdsl-modem,extern-switch updated parents according to plan updated coreswitch and serverswitch infrastructure added check_sip script a lot of more stuff probably --- modules/Monitoring/conf/krebs_hosts.cfg | 12 +- modules/Monitoring/conf/shack_infrastructure.cfg | 193 ++++++++++++---- modules/Monitoring/conf/shacknet.cfg | 34 +++ modules/Monitoring/conf/tinc_hosts.cfg | 6 +- .../images/logos/krebs/wireless_access_point.gd2 | Bin 0 -> 1047 bytes .../images/logos/krebs/wireless_access_point.png | Bin 0 -> 883 bytes .../logos/krebs/wireless_access_point_64.png | Bin 0 -> 5364 bytes modules/Monitoring/plugins/check_sip | 252 +++++++++++++++++++++ 8 files changed, 438 insertions(+), 59 deletions(-) create mode 100644 modules/Monitoring/conf/shacknet.cfg create mode 100644 modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 create mode 100644 modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png create mode 100644 modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png create mode 100755 modules/Monitoring/plugins/check_sip (limited to 'modules/Monitoring') diff --git a/modules/Monitoring/conf/krebs_hosts.cfg b/modules/Monitoring/conf/krebs_hosts.cfg index 6857cd45..4903020c 100644 --- a/modules/Monitoring/conf/krebs_hosts.cfg +++ b/modules/Monitoring/conf/krebs_hosts.cfg @@ -7,8 +7,8 @@ define host{ host_name krebs.shack alias krebs _tinc_address 10.7.7.156 - address 10.42.23.5 - parents shack-router + address 10.42.23.5 + parents shack-coreswitch hostgroups krebs-machines,tinc-nodes,ssh-servers } # @@ -20,7 +20,7 @@ define host{ alias UTART _tinc_address 10.7.7.66 address 10.42.23.23 - parents shack-router + parents shack-coreswitch hostgroups krebs-machines,tinc-nodes,ssh-servers } # @@ -31,7 +31,7 @@ define host{ host_name ytart alias ytart _tinc_address 10.7.7.201 - parents shack-router + parents shack-coreswitch address 10.42.1.227 hostgroups krebs-machines,tinc-nodes,ssh-servers } @@ -44,7 +44,7 @@ define host{ alias uPM Virtual Machine _tinc_address 10.7.7.99 address upm.shack - parents shack-vplatform + parents shack-node1 hostgroups krebs-machines,ssh-servers,shack-rz #,tinc-nodes } @@ -61,7 +61,7 @@ define host{ alias genericore Virtual Machine #_tinc_address 10.7.7.XX address genericore.shack - parents shack-vplatform + parents shack-node1 hostgroups ssh-servers,shack-rz #,tinc-nodes,krebs-machines } diff --git a/modules/Monitoring/conf/shack_infrastructure.cfg b/modules/Monitoring/conf/shack_infrastructure.cfg index 2b75a241..3adf193b 100644 --- a/modules/Monitoring/conf/shack_infrastructure.cfg +++ b/modules/Monitoring/conf/shack_infrastructure.cfg @@ -1,46 +1,160 @@ # -define hostgroup { - hostgroup_name shack-rz - alias Shack RZ Infrastructure - } -define hostextinfo{ - hostgroup_name shack-rz - notes Shack RZ Infrastructure -# notes_url http://webserver.localhost.localdomain/hostinfo.pl?host=netware1 - icon_image krebs/shack.png - icon_image_alt shack-RZ - vrml_image shack.png - statusmap_image krebs/shack.gd2 - } # # Shack Virtual Machine Hoster Platform # + +# +# Virtualization and storage +# define host{ use generic-host - host_name shack-vplatform + host_name shack-node1 alias Shack Virtualization Server - address node0.shack - parents shack-router + address 10.42.0.10 + parents shack-serverswitch hostgroups shack-rz,ssh-servers } define host{ use generic-host - host_name shack-router - alias Shack Cisco Router - address 10.42.0.3 + host_name shack-zetbox + alias Shack Virtualization Server + address 10.42.0.10 + parents shack-serverswitch hostgroups shack-rz,ssh-servers } - define host{ use generic-host host_name shack-plattenschwein - parents shack-router + parents shack-serverswitch alias Shack Plattenschwein - address plattenschwein.shack + address 10.42.0.12 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-gauda0 + parents shack-serverswitch + alias Shack gauda0 Mining Server + address 10.42.0.99 + hostgroups shack-rz + } +# +# Network Infrastructure +# + +# +## Shack gateway (no gateway-no internet) +# +define host{ + use generic-host + host_name shack-gw + parents shack-coreswitch + alias Watchguard Shack Gateway + address 10.42.0.1 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-modem + parents shack-gw + alias Shack Telecom VDSL Router + address 192.168.2.1 + hostgroups shack-rz + } +define host{ + use generic-host + host_name shack-externswitch + parents shack-gw + alias Shack External Switch (2.OG) + address 10.0.10.2 + hostgroups shack-rz + } + +define service { + host_name shack-gw + service_description DNS Service + use generic-service + check_command check_dns + } +define host{ + use generic-host + host_name shack-coreswitch + alias Shack Cisco Router Coreswitch + address 10.42.0.3 + hostgroups shack-rz,ssh-servers + } +define host{ + use generic-host + host_name shack-serverswitch + parents shack-coreswitch + alias Shack Cisco Router Serverswitch + address 10.42.0.4 hostgroups shack-rz,ssh-servers } +define host{ + use generic-host + host_name shack-wlan-ap1 + parents shack-coreswitch + alias Shack Wlan Access Point 1 + address 10.42.0.5 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap2 + parents shack-coreswitch + alias Shack Wlan Access Point 2 + address 10.42.0.6 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap3 + parents shack-coreswitch + alias Shack Wlan Access Point 3 + address 10.42.0.7 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap4 + parents shack-coreswitch + alias Shack Wlan Access Point 4 + address 10.42.0.8 + hostgroups wlan-ap + } +define host{ + use generic-host + host_name shack-wlan-ap5 + parents shack-coreswitch + alias Shack Wlan Access Point 5 + address 10.42.0.9 + hostgroups wlan-ap + } +# +# Voip Infrastructure +# +define host{ + use generic-host + host_name shack-voip + alias Shack Cisco VOIP Gateway + address 10.42.0.2 + parents shack-coreswitch + hostgroups shack-rz,http-servers + } + +define service{ + host_name shack-voip + service_description SIP Service + use generic-service + check_command check_sip + } + + + + # # Shack DNS Server @@ -49,7 +163,7 @@ define host{ define host{ use generic-host host_name shack-dns - parents shack-vplatform + parents shack-zetbox alias Shack DNS Virtual Host address dns.shack hostgroups shack-rz @@ -60,23 +174,20 @@ define service { use generic-service check_command check_dns_shack } -define command { - command_name check_dns_shack - command_line /usr/lib/nagios/plugins/check_dns -H shack.shack -s '$HOSTADDRESS$' - } define host{ use generic-host host_name shack-pxe - parents shack-vplatform + parents shack-zetbox alias Shack PXEBoot Vhost address pxeboot.shack hostgroups shack-rz } + define host{ use generic-host host_name shack-printsrv - parents shack-vplatform + parents shack-node1 alias Shack Print Server address printer.shack hostgroups shack-rz @@ -85,7 +196,7 @@ define host{ define host{ use generic-host host_name shack-aptproxy - parents shack-vplatform + parents shack-zetbox alias Shack Apt-proxy address aptproxy.shack hostgroups shack-rz @@ -94,7 +205,7 @@ define host{ define host{ use generic-host host_name shack-shack - parents shack-vplatform + parents shack-node1 alias Shack Data Exchange address shack.shack hostgroups shack-rz,ssh-servers @@ -106,7 +217,7 @@ define host{ define host{ use generic-host host_name shack-ldap - parents shack-vplatform + parents shack-zetbox alias Shack LDAP Server address ldap.shack hostgroups shack-rz @@ -118,21 +229,3 @@ define service { check_command check_ldap!shammunity } -# -# Shack gateway -# -define host{ - use generic-host - host_name shack-gw - parents shack-router - alias Watchguard Shack Gateway - address 10.42.0.1 - hostgroups shack-rz,ssh-servers - } -define service { - host_name shack-gw - service_description DNS Service - use generic-service - check_command check_dns - } - diff --git a/modules/Monitoring/conf/shacknet.cfg b/modules/Monitoring/conf/shacknet.cfg new file mode 100644 index 00000000..7658ab80 --- /dev/null +++ b/modules/Monitoring/conf/shacknet.cfg @@ -0,0 +1,34 @@ +define hostgroup { + hostgroup_name shack-rz + alias Shack RZ Infrastructure + } +define hostgroup { + hostgroup_name wlan-ap + alias Shack Wlan Access Points + } +define hostextinfo{ + hostgroup_name wlan-ap + notes Access Points for Shack + icon_image krebs/wireless_access_point.png + icon_image_alt wireless_access_point + vrml_image wireless_access_point.png + statusmap_image krebs/wireless_access_point.gd2 + } +define hostextinfo{ + hostgroup_name shack-rz + notes Shack RZ Infrastructure + icon_image krebs/shack.png + icon_image_alt shack-RZ + vrml_image shack.png + statusmap_image krebs/shack.gd2 + } + +define command { + command_name check_sip + command_line $USER1$/check_tcp -H $HOSTADDRESS$ -p 5060 + } + +define command { + command_name check_dns_shack + command_line $USER1$/check_dns -H shack.shack -s '$HOSTADDRESS$' + } diff --git a/modules/Monitoring/conf/tinc_hosts.cfg b/modules/Monitoring/conf/tinc_hosts.cfg index 4b1ad9ab..23c2b75e 100644 --- a/modules/Monitoring/conf/tinc_hosts.cfg +++ b/modules/Monitoring/conf/tinc_hosts.cfg @@ -9,7 +9,7 @@ define host{ alias Supernode External _TINC_ADDRESS 10.7.7.1 address miefda.org - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers,http-servers } @@ -28,7 +28,7 @@ define host{ alias PA Sharepoint address 141.31.8.11 _TINC_ADDRESS 10.7.7.5 - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers } # @@ -40,6 +40,6 @@ define host{ alias no_omo address leechi.kicks-ass.org _TINC_ADDRESS 10.7.7.111 - parents shack-gw + parents shack-modem hostgroups tinc-nodes,ssh-servers,http-servers } diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 new file mode 100644 index 00000000..6e740ec4 Binary files /dev/null and b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.gd2 differ diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png new file mode 100644 index 00000000..9febe45e Binary files /dev/null and b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point.png differ diff --git a/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png new file mode 100644 index 00000000..fe9788af Binary files /dev/null and b/modules/Monitoring/htdocs/images/logos/krebs/wireless_access_point_64.png differ diff --git a/modules/Monitoring/plugins/check_sip b/modules/Monitoring/plugins/check_sip new file mode 100755 index 00000000..24374727 --- /dev/null +++ b/modules/Monitoring/plugins/check_sip @@ -0,0 +1,252 @@ +#!/usr/bin/perl -w +# +# check_sip plugin for nagios +# $Revision: 1.2 $ +# +# Nagios plugin to check SIP servers +# +# By Sam Bashton, Bashton Ltd +# bashton.com/content/nagiosplugins +# Michael Hirschbichler, Institute of Broadband Communications, +# Vienna University of Technology +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +use strict; +use lib "/usr/lib/nagios/plugins"; +use utils qw($TIMEOUT %ERRORS &print_revision &support); +use vars qw($PROGNAME); +use IO::Socket::INET; +#use Sys::Hostname; +use Time::HiRes qw(gettimeofday); +use Net::Domain qw (hostname hostfqdn hostdomain); + +$PROGNAME = "check_sip"; +my $VERSION = "1.2"; + +$ENV{'BASH_ENV'}=''; +$ENV{'ENV'}=''; +$ENV{'PATH'}=''; +$ENV{'LC_ALL'}='C'; + +my ($opt_V,$opt_h,$opt_u,$opt_p,$opt_H, $opt_w, $opt_s, $opt_f); +$opt_V = $opt_h = $opt_u = $opt_p = $opt_H = $opt_w = $opt_s = $opt_f = ''; + +my $state = 'UNKNOWN'; + +use Getopt::Long; +Getopt::Long::Configure('bundling'); +GetOptions( + "V" => \$opt_V, "version" => \$opt_V, + "h" => \$opt_h, "help" => \$opt_h, + "s" => \$opt_s, + "f=s" => \$opt_f, "fromuri=s" => \$opt_f, + "u=s" => \$opt_u, "uri=s" => \$opt_u, + "p=s" => \$opt_p, "port=s" => \$opt_p, + "H=s" => \$opt_H, "host=s" => \$opt_H, + "w=s" => \$opt_w, "warn=s" => \$opt_w +); + +# -h displays help +if ($opt_h) { printHelp(); exit $ERRORS{'OK'}; } + +# -V display version number +if ($opt_V) { + print_revision($PROGNAME, $VERSION); + exit $ERRORS{'OK'}; +}; + +# Check the sip URI is OK +unless ($opt_u) { printHelp(); exit $ERRORS{'UNKNOWN'} } + +# Port is 5060 unless otherwise specified +unless ($opt_p) { $opt_p = 5060 } + +# Determine the host from the sip URI if it wasn't specified with -H +unless ($opt_H) { $opt_H = hostFromURI($opt_u) } + +# Check the host is valid +unless (utils::is_hostname($opt_H)) +{ + print "$opt_H is not a valid hostname\n"; + printHelp(); + exit $ERRORS{"UNKNOWN"}; +} + +unless ($opt_w) { $opt_w = 5 } # Warn if response takes longer than 5 seconds + +### Main code ############################################################### + +# Timeout if we don't recieve a response within a suitable timeframe.. +$SIG{'ALRM'} = sub { + print ("SIP timeout: No response from SIP server after $TIMEOUT seconds\n"); + exit $ERRORS{"CRITICAL"}; +}; +alarm($TIMEOUT); + +my $localhost = hostfqdn(); +$opt_f = getFromURI($opt_f,$localhost,$opt_p); +my $user=getUserPart($opt_f); +my $socket = uconnect($opt_H, $opt_p); +my @localinfo = unpack_sockaddr_in($socket->sockname); +my $req = buildReq($localinfo[0], $opt_u, $opt_f,$user,$localhost); +my (undef, $starttime) = gettimeofday; +$socket->send($req); +my $response; +$socket->recv($response, 1024) or $state = 'CRITICAL'; + +#get rid of the 100 Trying - provisional response ... +if (getResponseCode($response) eq "100"){ + $socket->recv($response, 1024) or $state = 'CRITICAL'; +} + +my (undef, $finishtime) = gettimeofday; +my $rtime = ($finishtime - $starttime) / 1000000; # Time taken in seconds +if(checkResponse($response,$rtime,$opt_s)) +{ + if ($rtime > $opt_w) { $state = 'WARNING' } + else { $state = 'OK' } +} +else { $state = 'CRITICAL' } + +exit $ERRORS{$state}; + +### Subroutines ############################################################## + + +sub uconnect +{ + my ($host, $port) = @_; + my $socket = new IO::Socket::INET->new(PeerPort=>$port, Proto=>'udp', PeerAddr=>$host); + unless ($socket) { print "Unable to connect to $host\n"; exit $ERRORS{'UNKNOWN'} } + return $socket; +} + +sub getFromURI{ + my ($from, $localhost,$localport) = @_; + if (!("$from" eq "")){ + return "$from:$localport"; + }else + { + return "sip:checksip\@$localhost:$localport"; + } +} + +sub getUserPart{ + my ($uri) = @_; + my @uris=split(/\@/,$uri); + my $user=$uris[0]; + return $user; +} + +sub hostFromURI +{ + my ($uri) = @_; + $uri =~ s/sip:[^\@]+@//; + return $uri; +} + +sub getResponseCode +{ + my ($message) = @_; + my @messageparts=split(/\ /,$message); + return $messageparts[1]; +} + +sub buildReq +{ + my ($localport, $dsturi, $fromuri,$user,$localhost) = @_; + + my $req; + my $tag = genTag(); + my $idtag = genTag(); + $req.= "OPTIONS $dsturi SIP/2.0\r\n"; + $req.= "Via: SIP/2.0/UDP $localhost:$localport;branch=z9hG4bKhjhs8ass877\r\n"; + $req.= "Max-Forwards: 70\r\n"; + $req.= "To: $dsturi\r\n"; + $req.= "From: $fromuri;tag=$tag\r\n"; + $req.= "Call-ID: $idtag\@$localhost\r\n"; + $req.= "CSeq: 1 OPTIONS\r\n"; + $req.= "Contact: <$user\@$localhost:$localport>\r\n"; + $req.= "Accept: application/sdp\r\n"; + $req.= "Content-Length: 0\r\n\r\n"; + return $req; +} + +sub genTag +{ + my $tag; + my @chars = ('a','b','c','d','e','f','g','h','i','j','k','l','m','n','o','p', + 'q','r','s','t','u','v','w','x','y','z','0','1','2','3','4','5','6','7','8', + '9'); + + for (my $i = 0; $i < 6; $i++) + { + $tag .= $chars[rand(scalar @chars)]; + } + return $tag; +} + +sub printHelp +{ + print "This plugin tests the sip service on the specified host.\n\n"; + print "Usage: $PROGNAME -u sip:uri\@example.com [-H host -p PORT -f sip:fromuri\@example.com -w WARNTIME -s]\n"; + print " $PROGNAME [-h | --help]\n"; + print " $PROGNAME [-V | --version]\n\n"; + print "Options:\n"; + print " -u sip:uri\@example.com\n"; + print " Full SIP uri, eg sip:uri\@example.com\n"; + print " -h, --help\n"; + print " Print this help\n"; + print " -V, --version\n"; + print " Print version information\n"; + print " -H host\n"; + print " Host name or IP Address to connect to\n"; + print " -p port\n"; + print " Port to connect to\n"; + print " -f sip:fromuri\@example.com\n"; + print " Full SIP uri, will be used for the \"From:\"-Header\n"; + print " -s\n"; + print " Changes default behavior: all SIP-responses will result in an \"OK\"\n\n"; + + +} + +sub checkResponse +{ + my ($response, $rtime, $sp_behavior) = @_; + my @header=split(/\r/,$response); + my $tstring=$header[0]; + my $rcode=getResponseCode($response); + if (!$sp_behavior){ + #in this case, we want to see if the SIP-server is respoding positively to our request + # Some SUT respond with 100 Trying - assume everything is OK if we get this + if ($response =~ /^SIP.+[12]00/){ + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 1; + } + elsif ($response =~ /^SIP.+404 Not Found/) { + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 0 } + else { print "Unknown error: $tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; return 0; } + }else{ + #in this case, we accept every response from the server, as long it is SIP + if ($response =~ /^SIP./){ + print "$tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; + return 1; + } + else { print "Unknown error: $tstring, $rtime seconds response time|rtt=".$rtime."s;0.5s;1s;0:10; code=".$rcode."\n"; return 0; } + } +} -- cgit v1.2.3