Provide IPFire specific items for the Zabbix server to monitor: - ipfire.net.gateway.pingtime: Internet Line Quality - ipfire.net.gateway.ping: Internet connection - ipfire.net.fw.hits.raw: JSON formatted list of Firewall hits/chain - ipfire.dhcpd.clients: Number of active DHCP leases - ipfire.captive.clients: Number of Captive Portal clients
Signed-off-by: Robin Roevens robin.roevens@disroot.org --- config/rootfiles/packages/zabbix_agentd | 1 + config/zabbix_agentd/sudoers | 2 +- config/zabbix_agentd/userparameter_ipfire.conf | 12 ++++++++++++ lfs/zabbix_agentd | 5 ++++- 4 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 config/zabbix_agentd/userparameter_ipfire.conf
diff --git a/config/rootfiles/packages/zabbix_agentd b/config/rootfiles/packages/zabbix_agentd index b5325c636..6f2c831d7 100644 --- a/config/rootfiles/packages/zabbix_agentd +++ b/config/rootfiles/packages/zabbix_agentd @@ -20,4 +20,5 @@ var/ipfire/zabbix_agentd var/ipfire/zabbix_agentd/zabbix_agentd_ipfire_mandatory.conf var/ipfire/zabbix_agentd/userparameters var/ipfire/zabbix_agentd/userparameters/userparameter_pakfire.conf +var/ipfire/zabbix_agentd/userparameters/userparameter_ipfire.conf #var/log/zabbix diff --git a/config/zabbix_agentd/sudoers b/config/zabbix_agentd/sudoers index cb4263ff6..2d71ae78f 100644 --- a/config/zabbix_agentd/sudoers +++ b/config/zabbix_agentd/sudoers @@ -8,4 +8,4 @@ # To add more sudo rights to zabbix agent, you should modify the sudoers file zabbix_agentd_user # Defaults:zabbix !requiretty -zabbix ALL=(ALL) NOPASSWD: /opt/pakfire/pakfire status +zabbix ALL=(ALL) NOPASSWD: /opt/pakfire/pakfire status, /usr/sbin/fping, /usr/local/bin/getipstat diff --git a/config/zabbix_agentd/userparameter_ipfire.conf b/config/zabbix_agentd/userparameter_ipfire.conf new file mode 100644 index 000000000..10c09c25d --- /dev/null +++ b/config/zabbix_agentd/userparameter_ipfire.conf @@ -0,0 +1,12 @@ +# Parameters for monitoring IPFire specific metrics +# +# Internet Gateway ping timings, can be used to measure "Internet Line Quality" +UserParameter=ipfire.net.gateway.pingtime,sudo /usr/sbin/fping -c 3 gateway 2>&1 | tail -n 1 | awk '{print $NF}' | cut -d '/' -f2 +# Internet Gateway availability, can be used to check Internet connection +UserParameter=ipfire.net.gateway.ping,sudo /usr/sbin/fping -q -r 3 gateway; [ ! $? ]; echo $? +# Firewall Filter Forward chain drops in bytes/chain (JSON), can be used for discovery of firewall chains and monitoring of firewall hits on each chain +UserParameter=ipfire.net.fw.hits.raw,sudo /usr/local/bin/getipstat -xf | grep "/* DROP_.* */$" | awk 'BEGIN { ORS = ""; print "["} { printf "%s{"chain": "%s", "bytes": "%s"}", separator, substr($11, 6), $2; separator = ", "; } END { print"]" }' +# Number of currently Active DHCP leases +UserParameter=ipfire.dhcpd.clients,grep -s -E 'lease|bind' /var/state/dhcp/dhcpd.leases | sed ':a;/{$/{N;s/\n//;ba}' | grep "state active" | wc -l +# Number of Captive Portal clients +UserParameter=ipfire.captive.clients,awk -F ',' 'length($2) == 17 {sum += 1} END {if (length(sum) == 0) print 0; else print sum}' /var/ipfire/captive/clients \ No newline at end of file diff --git a/lfs/zabbix_agentd b/lfs/zabbix_agentd index f8fbdae5e..73c5dc0b6 100644 --- a/lfs/zabbix_agentd +++ b/lfs/zabbix_agentd @@ -35,7 +35,8 @@ DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = zabbix_agentd PAK_VER = 5 -DEPS = + +DEPS = fping
SERVICES = zabbix_agentd
@@ -107,6 +108,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) /var/ipfire/zabbix_agentd/zabbix_agentd_ipfire_mandatory.conf install -v -m 644 $(DIR_SRC)/config/zabbix_agentd/userparameter_pakfire.conf \ /var/ipfire/zabbix_agentd/userparameters/userparameter_pakfire.conf + install -v -m 644 $(DIR_SRC)/config/zabbix_agentd/userparameter_ipfire.conf \ + /var/ipfire/zabbix_agentd/userparameters/userparameter_ipfire.conf
# Create directory for additional agent modules -mkdir -pv /usr/lib/zabbix