firewall/ipt-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add Prometheus Service

Browse Source
This commit is contained in:
Christoph
2024-11-05 17:21:05 +01:00
parent 0eca4f3eaf
commit e7311a3963
6 changed files with 161 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
ipt-firewall-server
View File

@ -1745,6 +1745,40 @@ done
echo_done
# ---
# - Prometheus Monitoring - local Server
# ---
echononl "\t\tLocal Prometheus Service"
if [[ ${#prometheus_local_server_ip_arr[@]} -gt 0 ]] ; then
for _ip in ${prometheus_local_server_ip_arr[@]} ; do
$ipt -A OUTPUT -p tcp -s $_ip -m multiport --dports $prometheus_remote_client_ports -m state --state NEW -j ACCEPT
done
echo_done
else
echo_skipped
fi
# ---
# - Prometheus Monitoring - local client
# ---
echononl "\t\tLocal Prometheus Client"
if [[ ${#prometheus_local_client_ip_arr[@]} -gt 0 ]] && [[ ${#prometheus_remote_server_ip_arr[@]} -gt 0 ]]; then
for _ip in ${prometheus_local_client_ip_arr[@]} ; do
for _ip in ${prometheus_remote_server_ip_arr[@]} ; do
$ipt -A INPUT -p tcp -d $_ip -m multiport --dports $prometheus_local_client_ports -m state --state NEW -j ACCEPT
done
done
echo_done
else
echo_skipped
fi
# ---
# - Munin remote service
# ---
@ -1753,9 +1787,9 @@ echononl "\t\tMunin remote service"
if [ "X$munin_remote_ip" != "X" ]; then
for _dev in ${ext_if_arr[@]} ; do
$ipt -A INPUT -i $_dev -p tcp --syn -s $munin_remote_ip --dport $munin_local_port -m state --state NEW -j ACCEPT
$ipt -A INPUT -i $_dev -p tcp -s $munin_remote_ip --dport $munin_local_port -m state --state NEW -j ACCEPT
if $kernel_activate_forwarding ; then
$ipt -A FORWARD -i $_dev -p tcp --syn -s $munin_remote_ip --dport $munin_local_port -m state --state NEW -j ACCEPT
$ipt -A FORWARD -i $_dev -p tcp-s $munin_remote_ip --dport $munin_local_port -m state --state NEW -j ACCEPT
fi
done
echo_done