Thought this might be useful to someone.
Currently this script works on centos based installs.
I did not write this originally so not attempting to take the credit for whom-ever did ..
I have this scheduled every 5 mins on other asterisk boxes.
Will be attempting to modify this for my viciBox cluster
***********
#!/bin/bash
DIR_PATH="/tmp/fwscript"
FILE="/var/log/fwstatus"
CHK="$DIR_PATH/chkfile"
MAILPROG="/bin/mail"
SUBJECT="IPTables service is OFF on $HOSTNAME"
EMAIL="put-your-email-here@yourdomain.com"
/sbin/service iptables status | if grep ESTABLISHED 1> /dev/null 2> /dev/null
then
rm -f $CHK
/bin/echo "Firewall Running on Server"
else
echo `date` | tee $FILE
echo | tee -a $FILE
echo "Firewall not Running" | tee -a $FILE
echo | tee -a $FILE
echo "Starting a Firewall Service" | tee -a $FILE
echo | tee -a $FILE
/sbin/service iptables start |tee -a $FILE
echo | tee -a $FILE
echo | tee -a $FILE
if test $? = 0
then
echo "Firewall was started sucessfully" | tee -a $FILE
else
echo "Firewall failed to start" | tee -a $FILE
fi
echo "Now sending mail"
$MAILPROG -s "$SUBJECT" "$EMAIL" < $FILE
echo "Creating CHK File"
touch $CHK
fi
***********
check iptables firewall is running bash script
Moderators: gerski, enjay, williamconley, Op3r, Staydog, gardo, mflorell, MJCoate, mcargile, Kumba, Michael_N
3 posts
• Page 1 of 1
check iptables firewall is running bash script
by garfunct » Wed Jun 29, 2011 9:44 am
- garfunct
- Posts: 38
- Joined: Tue Aug 07, 2007 9:55 am
by williamconley » Wed Jun 29, 2011 9:53 am
Interesting. I've never had iptables fail on a machine to date.
You may want to look at Webmin. Webmin has a cool feature that will check the running status of any application/process and "take action" based on that status. It will also email a notification if you so request.
So it can be used to notify you that ANY process failed and it can then attempt to restart that process AND EMAIL.
I like webmin.
On a side note: It also has modules to configure virtually any standard "app" for a linux server (like IPTables!). It can also be used to create special "buttons" that can be used to edit files on the server without ssh. Right in the web browser. It even has a Usermin module system that can cause ONLY specific features to be available to "users" instead of admins. (IE: You can allow specific users to modify specific configuration files ... without access to anything else!)
You may want to look at Webmin. Webmin has a cool feature that will check the running status of any application/process and "take action" based on that status. It will also email a notification if you so request.
So it can be used to notify you that ANY process failed and it can then attempt to restart that process AND EMAIL.
I like webmin.
On a side note: It also has modules to configure virtually any standard "app" for a linux server (like IPTables!). It can also be used to create special "buttons" that can be used to edit files on the server without ssh. Right in the web browser. It even has a Usermin module system that can cause ONLY specific features to be available to "users" instead of admins. (IE: You can allow specific users to modify specific configuration files ... without access to anything else!)
Vicidial Installation and Repair, plus Hosting and Colocation
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
Newest Product: Vicidial Agent Only Beep - Beta
http://www.PoundTeam.com # 352-269-0000 # +44(203) 769-2294
- williamconley
- Posts: 20019
- Joined: Wed Oct 31, 2007 4:17 pm
- Location: Davenport, FL (By Disney!)
by garfunct » Wed Jun 29, 2011 10:29 am
Have to admit I like webmin too 
This script dare I say it I originally used on Trixbox installs
The default install writes the iptables on "Start" (from what I recall) making it impossible to use webmin for editing iptables conf file.. guess I could reconfigure iptables to work better with webmin...
The other reason for the script is that I work with varied degrees of experienced administrators in different countries and some of which may edit/set up firewalls and forget to turn them on
Will be looking into webmin for checking running process as this sounds good too.
I have lost a couple of boxes in the past so more the merrier when it comes to security solution.
This script dare I say it I originally used on Trixbox installs
The default install writes the iptables on "Start" (from what I recall) making it impossible to use webmin for editing iptables conf file.. guess I could reconfigure iptables to work better with webmin...
The other reason for the script is that I work with varied degrees of experienced administrators in different countries and some of which may edit/set up firewalls and forget to turn them on
Will be looking into webmin for checking running process as this sounds good too.
I have lost a couple of boxes in the past so more the merrier when it comes to security solution.
- garfunct
- Posts: 38
- Joined: Tue Aug 07, 2007 9:55 am
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 94 guests