Ron and Ella Wiki Page

Extremely Serious

Author: ron (Page 16 of 33)

Compiling Nagios Plugin 2.3.3 to Ubuntu 20.04

October 13, 2020 / / 0 Comments

Installing the Nagios Plugins

  1. Refresh the repository: 
    sudo apt-get update
  2. Install the dependencies: 
    sudo apt-get install -y autoconf gcc libc6 libmcrypt-dev make libssl-dev wget bc gawk dc build-essential snmp libnet-snmp-perl gettext
  3. Change the directory to your home directory: 
    cd ~
  4. Download the nagios plugins source codes: 
    wget --no-check-certificate -O nagios-plugins.tar.gz https://github.com/nagios-plugins/nagios-plugins/archive/release-2.3.3.tar.gz
  5. Extract the downloaded source codes: 
    tar zxf nagios-plugins.tar.gz
  6. Change to the directory of the newly extracted source codes: 
    cd nagios-plugins-release-2.3.3
  7. Setup and configure: 
    sudo ./tools/setup
sudo ./configure
  8. Compile the source codes: 
    sudo make
  9. Install the plugins to /usr/local/nagios/libexec directory: 
    sudo make install

Configuring NRPE 4 Daemon and Plugin to Ubuntu 20.04

October 12, 2020 / / 0 Comments

Installing NRPE

    1. Refresh the repository: 
      sudo apt-get update
    2. Install the dependencies: 
      sudo apt-get install autoconf automake gcc libc6 libmcrypt-dev make libssl-dev wget openssl -y
    3. Change the directory to your home directory: 
      cd ~
    4. Download the nrpe 4 source codes: 
      wget https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.3/nrpe-4.0.3.tar.gz
    5. Extract the downloaded source codes: 
      tar xvf nrpe-4.0.3.tar.gz
    6. Change to the directory of the newly extracted source codes: 
      cd nrpe-4.0.3
    7. Run the configure script that enables the command arguments for clients and uses ssl library: 
      sudo ./configure --enable-command-args --with-ssl-lib=/usr/lib/x86_64-linux-gnu/
    8. Compile the source codes: 
      sudo make all
    9. Install the nagios user and group: 
      sudo make install-groups-users
    10. Install both NRPE daemon and check_nrpe plugin: 
      sudo make install
    11. Install the nrpe config file (i.e. /usr/local/nagios/etc/nrpe.cfg): 
      sudo make install-config
    12. Install the init script: 
      sudo make install-init
    13. Enable the nrpe daemon: 
      sudo systemctl enable nrpe.service
    14. Update allowed_hosts field in the /usr/local/nagios/etc/nrpe.cfg file: to include your nagios server address (e.g. your nagios server address is 10.0.0.174 the allowed hosts is as follows): 
      allowed_hosts=127.0.0.1,::1,10.0.0.174
    15. Update the dont_blame_nrpe field: to 1 on the same configuration file to allow your clients to specify arguments: 
      dont_blame_nrpe=1
    16. Start the nrpe daemon: 
      sudo systemctl start nrpe.service

      The NRPE service is listening with the port 5666 by default.

Testing The NRPE Plugin

/usr/local/nagios/libexec/check_nrpe -H localhost

Expect to see the version of NRPE daemon

Related Post
Compiling NRPE 4 Plugin to Tinkerboard
Compiling Nagios Plugin 2.3.3 to Ubuntu 20.04

Compiling NRPE 4 Plugin to Tinkerboard

October 12, 2020 / / 0 Comments

Installing NRPE

  1. Refresh the repository: 
    sudo apt-get update
  2. Install the dependencies: 
    sudo apt-get install libssl-dev -y
  3. Change the directory to your home directory: 
    cd ~
  4. Download the nrpe 4 source codes: 
    wget https://github.com/NagiosEnterprises/nrpe/releases/download/nrpe-4.0.3/nrpe-4.0.3.tar.gz
  5. Extract the downloaded source codes: 
    tar xvf nrpe-4.0.3.tar.gz
  6. Change to the directory of the newly extracted source codes: 
    cd nrpe-4.0.3
  7. Run the configure script: 
    ./configure
  8. Compile the check_nrpe plugin only: 
    sudo make check_nrpe
  9. Install the newly compiled plugin: 
    sudo make install-plugin
  10. Update the file /usr/local/nagios/etc/objects/commands.cfg to add the following entry: 
    define command {
	command_name    check_nrpe
	command_line    /usr/local/nagios/libexec/check_nrpe -H $HOSTADDRESS$ -t 30 -c $ARG1$ $ARG2$
}

Testing The Plugin

Using the command check_nrpe we can check the load on the host 10.0.0.202 (i.e. NRPE daemon must be configured and listening on port 5666) using the following command:

/usr/local/nagios/libexec/check_nrpe -H 10.0.0.202 -c check_load

Expect to see the output of the check_load plugin executed on the host 10.0.0.202

Configuring Nagios 4 to Tinkerboard

October 12, 2020 / / 0 Comments

Installing Nagios

  1. Update the system: 
    sudo apt-get update && sudo apt-get upgrade
  2. Install the dependencies: 
    sudo apt-get install autoconf gcc libc6 make wget unzip apache2 php libapache2-mod-php libgd-dev libsasl2-modules mailutils -y
  3. Change the directory to your home directory: 
    cd ~
  4. Download the nagios 4 source codes: 
    wget https://assets.nagios.com/downloads/nagioscore/releases/nagios-4.4.6.tar.gz
  5. Extract the downloaded source codes: 
    tar xzf nagios-4.4.6.tar.gz
  6. Change to the directory of the newly extracted source codes: 
    cd nagios-4.4.6
  7. Run the configure script with integration to apache2: 
    ./configure --with-httpd-conf=/etc/apache2/sites-enabled
  8. Compile the source: 
    sudo make all
  9. Install the nagios user and group: 
    sudo make install-groups-users
  10. Make nagios user a member of the www-data group: 
    sudo usermod -aG nagios www-data
  11. Install nagios. 
    sudo make install
  12. Install the init script: 
    sudo make install-init
  13. Initialize the init script: 
    sudo make install-daemoninit
  14. Install and configures permissions on the directory for holding the external command: 
    sudo make install-commandmode
  15. Install the sample config files on the /usr/local/nagios/etc directory: 
    sudo make install-config
  16. Install the nagios config file to apache2: 
    sudo make install-webconf
  17. Update the SUID of the ping command: 
    sudo chmod 4755 /bin/ping

Installing the Nagios Plugins

  1. Run the following command: 
    sudo apt install nagios-plugins
  2. Update the $USER1$ property in the /usr/local/nagios/etc/resource.cfg file to have /usr/lib/nagios/plugins like as follows: 
    $USER1$=/usr/lib/nagios/plugins

Configuring Apache2 Web Server

  1. Enable the rewrite module: 
    sudo a2enmod rewrite
  2. Enable the CGI module: 
    sudo a2enmod cgi
  3. Create nagiosadmin as a nagios web user: 
    sudo htpasswd -c /usr/local/nagios/etc/htpasswd.users nagiosadmin

    Assign a strong password

  4. Restart the apache2 service: 
    sudo systemctl restart apache2

Related Post
Configuring NRPE 4 Daemon and Plugin to Ubuntu 20.04
Compiling NRPE 4 Plugin to Tinkerboard

Changing the Ubuntu Server Timezone

September 22, 2020 / / 0 Comments

Displaying the current timezone

timedatectl status

Listing the available timezones

timedatectl list-timezones

Changing the active timezone

sudo timedatectl set-timezone <TIMEZONE>

Example

Use the following command to change the timezone to Pacific/Auckland:

sudo timedatectl set-timezone Pacific/Auckland

Finding out the Banned IPs of Fail2Ban

September 17, 2020 / / 0 Comments

Use the following command to find out the active jail names:

sudo fail2ban-client status

Use the following command to find out the banned IP by jail name:

sudo fail2ban-client status <JAIL_NAME>

Where:

JAIL_NAME The name of the jail.

Example:

Use the following command to find out all the banned IPs of an sshd jail name:

sudo fail2ban-client status sshd

Importing a PKCS12 Key Store to Java Keystore

September 16, 2020 / / 0 Comments

Use the following command in importing a pkcs12 keystore to Java keystore:

The keytool is normally found in $JAVA_HOME/jre/bin (i.e. the $JAVA_HOME variable is where you've installed JDK).

keytool -importkeystore -v -srckeystore <SRC_KEYSTORE_FILE> -srcstoretype pkcs12 -destkeystore <DEST_KEYSTORE_FILE> -deststoretype JKS -storepass <KEYSTORE_PASSWORD>
Token Description
SRC_KEYSTORE_FILE The source keystore file (i.e. normally with the extension pfx) of type pkcs12.
DEST_KEYSTORE_FILE The destination keystore file (i.e. normally with the extension jks) of type jks.
KEYSTORE_PASSWORD The password for accessing the DEST_KEYSTORE_FILE

Template of Using SSL with JavaMail API

September 16, 2020 / / 0 Comments

Gradle dependency

compile group: 'com.sun.mail', name: 'javax.mail', version: '1.6.2'

Import to the Class File

import javax.mail.*;
import javax.mail.internet.InternetAddress;
import javax.mail.internet.MimeMessage;
import java.util.Properties;

The Template

// Recipient's email ID needs to be mentioned.
String to = <RECIPIENTS_EMAIL>;

//Sender's email ID needs to be mentioned
String from = <SENDERS_EMAIL>;

//The subject of the email.
String subject = <EMAIL_SUBJECT>;

//The body of the email.
String body = <EMAIL_BODY>;

//SMTP Server
final String host = <SMTP_SERVER>;

//SMTP Port
final String port = <SMTP_PORT>;

//SMTP Username
final String username = <USERNAME>;

//SMTP Password
final String password = <PASSWORD>;

try {
    //SMTP Configuration
    Properties props = new Properties();
    props.put("mail.smtp.socketFactory.class", "javax.net.ssl.SSLSocketFactory");
    props.put("mail.smtp.auth", "true");
    props.put("mail.smtp.starttls.enable", "true");
    props.put("mail.smtp.host", host);
    props.put("mail.smtp.port", port);

    // Create a session object.
    Session session = Session.getInstance(props,
        new javax.mail.Authenticator() {
            protected PasswordAuthentication getPasswordAuthentication() {
                return new PasswordAuthentication(username, password);
            }
        }
    );

    // Create a message object.
    Message message = new MimeMessage(session);

    // Set From: header field of the header.
    message.setFrom(new InternetAddress(from));

    // Set To: header field of the header.
    message.setRecipients(Message.RecipientType.TO, InternetAddress.parse(to));

    // Set Subject: header field
    message.setSubject(subject);

    // Now set the actual message
    message.setText(body);

    // Send message
    Transport.send(message);

    System.out.println("Sent message successfully....");

} catch (MessagingException e) {
    throw new RuntimeException(e);
}

Configuring Postfix as a Relay

September 15, 2020 / / 0 Comments

Installing Postfix

Run the following commands:

sudo apt-get update
sudo apt-get install postfix

Configuring Postfix

  1. Run the following command: 
    sudo dpkg-reconfigure postfix

    Configuration questions:

    1. Select OK to proceed.
    2. Choose Satellite system.
    3. System Mail Name: <EMAIL_DOMAIN>
    4. SMTP relay host: <RELAY_HOST>

      Where RELAY_HOST must include the port number (e.g. 192.168.1.1:465).

    5. Root and postmaster mail recipient: root
    6. Other destinations to accept mail for: <EMAIL_DOMAIN>, localhost.localdomain, localhost
    7. Force synchronous updates on mail queue? No
    8. Local networks: 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
    9. Mailbox size limit (bytes): 0
    10. Local address extension character: +
    11. Internet protocols to use: all

      Feel free to answer the preceding questions based on your setup. Just replace the EMAIL_DOMAIN (i.e. example.com) with a valid value.

  2. Create the file /etc/postfix/sasl_passwd with the following content: 
    <RELAY_HOST> username:password
  3. Create a postfix database based on /etc/postfix/sasl_passwd using the following command: 
    sudo postmap /etc/postfix/sasl_passwd
  4. Edit the file /etc/postfix/main.cf to have the following entries added or updated: 
    smtp_tls_security_level = encrypt
smtp_sasl_auth_enable = yes
smtp_tls_wrappermode = yes
smtp_sasl_security_options =
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
  5. Restart the postfix service with the following command: 
    sudo systemctl restart postfix

Blocking/Unblocking IP in Ubuntu

September 14, 2020 / / 0 Comments

Pre-requisite

Install the iptables-persistent package to automatically load saved iptables rules.

sudo apt-get install iptables-persistent

Lists the rules in a chain or all chains

sudo iptables -L [CHAIN]

Where CHAIN sample value could be one of the following: INPUT, FORWARD or OUTPUT. If this is not provided all the chains will be listed.

Blocking an IP Address

sudo iptables -A INPUT -s <IP_ADDR> -j DROP
sudo sh -c "iptables-save > /etc/iptables/rules.v4"

Where IP_ADDR is the IP address to be blocked.

Unblocking an IP Address

sudo iptables -D INPUT -s <IP_ADDR> -j DROP
sudo sh -c "iptables-save > /etc/iptables/rules.v4"

Where IP_ADDR is the IP address to be unblocked if you use the preceding blocking procedure.

« Older posts Newer posts »

© 2025 Ron and Ella Wiki Page

Theme by Anders NorenUp ↑