Add support for Checkmk monitoring service.
This commit is contained in:
parent
aead4e0ba8
commit
07ffaea9a7
@ -30,6 +30,7 @@ standard_cups_port=$standard_ipp_port
|
||||
standard_print_raw_port=515
|
||||
standard_print_port=9100
|
||||
standard_remote_console_port=5900
|
||||
standard_checkmk_port=6556
|
||||
|
||||
# - IPsec - Internet Security Association and
|
||||
# - Key Management Protocol
|
||||
|
||||
@ -852,6 +852,25 @@ declare -A munin_local_client_ip_arr
|
||||
munin_local_port=4949
|
||||
|
||||
|
||||
# ======
|
||||
# - Checkmk Monitoring Service (local network)
|
||||
# ======
|
||||
|
||||
# - Checkmk Service Gateway (usually TCP port 6556)
|
||||
# -
|
||||
checkmk_service_gateway=false
|
||||
|
||||
# - Checkmk Server local Networks (usually TCP port 6556)
|
||||
# -
|
||||
# - Blank separated list
|
||||
# -
|
||||
checkmk_local_server_ips=""
|
||||
|
||||
# - checkmk Port
|
||||
# -
|
||||
checkmk_local_port="$standard_checkmk_port"
|
||||
|
||||
|
||||
# ======
|
||||
# - PowerChut Network Shutdown (PCNS)
|
||||
# ======
|
||||
|
||||
@ -818,6 +818,25 @@ declare -A munin_local_client_ip_arr
|
||||
munin_local_port=4949
|
||||
|
||||
|
||||
# ======
|
||||
# - Checkmk Monitoring Service (local network)
|
||||
# ======
|
||||
|
||||
# - Checkmk Service Gateway (usually TCP port 6556)
|
||||
# -
|
||||
checkmk_service_gateway=false
|
||||
|
||||
# - Checkmk Server local Networks (usually TCP port 6556)
|
||||
# -
|
||||
# - Blank separated list
|
||||
# -
|
||||
checkmk_local_server_ips=""
|
||||
|
||||
# - checkmk Port
|
||||
# -
|
||||
checkmk_local_port="$standard_checkmk_port"
|
||||
|
||||
|
||||
# ======
|
||||
# - PowerChut Network Shutdown (PCNS)
|
||||
# ======
|
||||
|
||||
@ -335,6 +335,14 @@ for _ip in $munin_local_server_ips ; do
|
||||
munin_local_server_ip_arr+=("$_ip")
|
||||
done
|
||||
|
||||
# ---
|
||||
# - IP Adresses Checkmk Monitoring Service
|
||||
# ---
|
||||
declare -a checkmk_local_server_ip_arr
|
||||
for _ip in $checkmk_local_server_ips ; do
|
||||
checkmk_local_server_ip_arr+=("$_ip")
|
||||
done
|
||||
|
||||
# ---
|
||||
# - IP Adresses XyMon
|
||||
# ---
|
||||
|
||||
@ -3665,6 +3665,56 @@ else
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - Checkmk Monitoring Service Gateway
|
||||
# ---
|
||||
|
||||
echononl "\t\tCheckmk Monitoring Service Gateway (only local network)"
|
||||
|
||||
if $checkmk_service_gateway ; then
|
||||
|
||||
for _dev in ${local_if_arr[@]} ; do
|
||||
$ip6t -A OUTPUT -o $_dev -p tcp --dport $checkmk_local_port -m conntrack --ctstate NEW -j ACCEPT
|
||||
done
|
||||
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - Checkmk Service local Networks
|
||||
# ---
|
||||
|
||||
echononl "\t\tCheckmk Monitoring Service local Networks"
|
||||
if [[ ${#checkmk_local_server_ip_arr[@]} -gt 0 ]] ; then
|
||||
for _ip in ${checkmk_local_server_ip_arr[@]} ; do
|
||||
$ip6t -A INPUT -s $_ip -p tcp --dport $checkmk_local_port -m conntrack --ctstate NEW -j ACCEPT
|
||||
|
||||
if $kernel_forward_between_interfaces && ! $permit_between_local_networks ; then
|
||||
for _dev in ${local_if_arr[@]} ; do
|
||||
if ! $permit_between_local_networks ; then
|
||||
$ip6t -A FORWARD -i $_dev -s $_ip -p tcp --dport $checkmk_local_port -m conntrack --ctstate NEW -j ACCEPT
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# - Rule is needed if (local) interface aliases in use (like eth0:1)
|
||||
# -
|
||||
if $kernel_forward_between_interfaces && $local_alias_interfaces ; then
|
||||
$ip6t -A FORWARD -p tcp -d $_ip --sport $checkmk_local_port --tcp-flag ACK ACK -j ACCEPT
|
||||
$ip6t -A FORWARD -p tcp -s $_ip --dport $checkmk_local_port --tcp-flag ACK ACK -j ACCEPT
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - XyMon local service
|
||||
# ---
|
||||
|
||||
@ -4380,6 +4380,56 @@ else
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - Checkmk Monitoring Service Gateway
|
||||
# ---
|
||||
|
||||
echononl "\t\tCheckmk Monitoring Service Gateway (only local network)"
|
||||
|
||||
if $checkmk_service_gateway ; then
|
||||
|
||||
for _dev in ${local_if_arr[@]} ; do
|
||||
$ipt -A OUTPUT -o $_dev -p tcp --dport $checkmk_local_port -m conntrack --ctstate NEW -j ACCEPT
|
||||
done
|
||||
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - Checkmk Service local Networks
|
||||
# ---
|
||||
|
||||
echononl "\t\tCheckmk Monitoring Service local Networks"
|
||||
if [[ ${#checkmk_local_server_ip_arr[@]} -gt 0 ]] ; then
|
||||
for _ip in ${checkmk_local_server_ip_arr[@]} ; do
|
||||
$ipt -A INPUT -s $_ip -p tcp --dport $checkmk_local_port -m conntrack --ctstate NEW -j ACCEPT
|
||||
|
||||
if $kernel_activate_forwarding && ! $permit_between_local_networks ; then
|
||||
for _dev in ${local_if_arr[@]} ; do
|
||||
if ! $permit_between_local_networks ; then
|
||||
$ipt -A FORWARD -i $_dev -s $_ip -p tcp --dport $checkmk_local_port -m conntrack --ctstate NEW -j ACCEPT
|
||||
fi
|
||||
done
|
||||
fi
|
||||
|
||||
# - Rule is needed if (local) interface aliases in use (like eth0:1)
|
||||
# -
|
||||
if $kernel_activate_forwarding && $local_alias_interfaces ; then
|
||||
$ipt -A FORWARD -p tcp -d $_ip --sport $checkmk_local_port --tcp-flag ACK ACK -j ACCEPT
|
||||
$ipt -A FORWARD -p tcp -s $_ip --dport $checkmk_local_port --tcp-flag ACK ACK -j ACCEPT
|
||||
fi
|
||||
|
||||
done
|
||||
|
||||
echo_done
|
||||
else
|
||||
echo_skipped
|
||||
fi
|
||||
|
||||
|
||||
# ---
|
||||
# - XyMon local service
|
||||
# ---
|
||||
|
||||
Loading…
Reference in New Issue
Block a user