Difficiles Nugae Labs

shrew, an alternative to Cisco VPN Client

November 8th, 2011

Recently I had to install an IPsec Remote Access VPN client on a Windows7 64-bit system.

If You are looking for an alternative to the usual Cisco client, in my opinion shrew is a good alternative. You can download the client software for free (obviously donations are welcome).

Yesterday I get the error
“session terminated by the gateway”
and my end-point logged a

“Mismatch: Overriding phase 2 DH Group(DH group 0) with phase 1 group(DH group 2)”

after giving my username/password

I solved this issue setting to “group 2” the Phase 2->PFS exchange value in my settings.

Tags: 64-bit, shrew, vpn, windows 7
Posted in Notes | 1 Comment »

DHCP available address value monitored with nagios

September 14th, 2011

I have a DHCP server that sometime has no free IP addresses to assign. What can I do to monitor how many IP are still available?

Well, perl and NSClient++ installed on my Micro$oft DHCP server, I wrote a simple program to execute and parse the command

netsh dhcp server show mibinfo

that gives some output containing the data I need. The source is quite simple: it assume the DHCP server is on a 10.20.x.y network and prints a list of comma separated numbers: the network (30 means 10.20.30.0/24), the assigned address number, the free address number.

#!/bin/perl
# the output will be a list like this:
# (30,74,95) (31,139,7) (32,110,1)

$mystr=””;
@myoutput=`netsh dhcp server show mibinfo`;
foreach $myrow (@myoutput) {
if ( $myrow =~ /Subnet = 10\.20\.(.*)\.0\./ ) {
$mystr = $mystr . “($1,”;
}
if ( $myrow =~ /(.*) Addresses in use = (.*)\./ ) {
$mystr = $mystr . “$2,”;
}
if ( $myrow =~ /(.*) free Addresses = (.*)\./ ) {
$mystr = $mystr . “$2) “;
}
}
print “$mystr”;

Then I needed to add this line to the nsc.ini file, in order to run my perl script remotely

check_dhcp=C:\NSClient++\scripts\check_dhcp.pl

Once restarted the NSClient service, from my nagios server it’s possible to get the result from command line:

$ /usr/lib/nagios/plugins/check_nrpe -H myserverdhcp -c check_dhcp
(31,75,94) (32,144,2) (33,111,0)

A simple bash script plugin can be written to parse the result and getting nagios able to monitor the DHCP free address number value. E.g. this

#!/bin/bash
MYHOST=$1
MYNET=$2
ThresholdWARN=$3
ThresholdCRIT=$4
# Return values
RET_OK=”0″
RET_WARN=”1″
RET_CRIT=”2″
RET_UNKN=”3″

checkdata () {
VAL=`echo $2 | wc | awk ‘{print $2}’`
if [ $VAL -eq 0 ]; then
echo $1 is not set
exit $RET_UNKN
fi
}

# MAIN
checkdata “Remote IP” $MYHOST
checkdata “Network number” $MYNET
checkdata “Threshold WARN” $ThresholdWARN
checkdata “Threshold CRIT” $ThresholdCRIT

MYRETSTRING=`/usr/lib/nagios/plugins/check_nrpe -H $MYHOST -c check_dhcp`
MYFREEADDR=`echo $MYRETSTRING | sed -e “s/.*($MYNET,//” | sed -e “s/).*//” | sed -e “s/.*,//”`
checkdata “IP number” $MYFREEADDR

EXTRAMESSG=”|’DHCPfreeAddr’=$MYFREEADDR$MYNET””;$ThresholdWARN;$ThresholdCRIT”
if [ $MYFREEADDR -lt $ThresholdCRIT ]; then
echo “CRITICAL – Only $MYFREEADDR IP Available for $MYNET network$EXTRAMESSG”
exit $RET_CRIT
fi
if [ $MYFREEADDR -lt $ThresholdWARN ]; then
echo “WARNING – Only $MYFREEADDR IP Available for $MYNET network$EXTRAMESSG”
exit $RET_WARN
fi
echo “OK – $MYFREEADDR IP Available for $MYNET network$EXTRAMESSG”
exit $RET_OK

Then nagios has to be set up with the usual lines in the command configuration file

define command{
command_name check_nt_dhcp
command_line /usr/lib/nagios/plugins/check_nt_dhcp.sh $HOSTADDRESS$ $ARG1$ $ARG2$ $ARG3$

And in the services file:

define service{
use                             generic-service         ; Name of service template to use

host_name                       dhcpserver
service_description             Free IP on 10.20.33.0 network
is_volatile                     0
check_period                    24×7
max_check_attempts              10
normal_check_interval           30
retry_check_interval            30
contact_groups                  admins
notification_interval           240
notification_period             24×7
notification_options            c,r
check_command                   check_nt_dhcp!33!10!5
}

Tags: dhcp, nagios, NSCLient++
Posted in Notes | No Comments »

How to mount a windows share under AIX

September 8th, 2011

To mount a windows share from an AIX server it’s needed the CIFS support to be installed.

If Your server /sbin/helpers directory contains a file called mount_cifs no problem

ls -l /sbin/helpers
total 488
-r-xr-xr-x    1 root     system        33198 Jul 13 2010 aufsmnthelp
drwxrwxr-x    2 root     system         4096 Apr 15 2010 jfs2
-r-xr-xr-x    1 root     system        23224 Jul 13 2010 mount_cifs
-r-xr-xr-x    1 root     system        35638 Jul 13 2010 nfsmnthelp
-r-xr-xr-x    1 bin      bin            6268 Dec 18 2009 udfmnthelp
-r-xr-xr-x    1 bin      bin          138292 Dec 18 2009 v3fshelper

Otherwise You need to install it.

Then You can try to mount the Windows share using the mount command, specifying the cifs filesystem, the node name/IP, username, password and so on…

mount -v cifs -n node/username/passw [-o options] /winshare /directory

e.g.

mount -v cifs -n 192.168.1.28/george/HareKrishna \
-o wrkgrp=BEATLES,fmode=755 \
IndiaPics /opt/holidays/meditation/india1967

Tags: aix, samba
Posted in Notes | No Comments »

A sort of diff implementation in the MS-DOS world

July 7th, 2011

The MS-DOS FC.EXE programs is useful to compare two files. Differences between files are shown introduced by the string “*****” otherwise, if the files are equal, no asterisks will are displayed.
Redirecting the output on a temporary file, using SET /P it’s possible to define a variable in order to handle both the cases (the files are different or the files are equals).

A sort of *nix diff implementation made by a batch script may be the following:

@echo off
fc %1 %2|find /c “*****” > tempfile.out
SET /P TestVar=<tempfile.out
del tempfile.out
echo TestVar=%TestVar%
if %TestVar% == 0 GOTO:FEQUALS
echo %1 and %2 are different
GOTO:EOF
:FEQUALS
echo %1 and %2 are equals

Off corse if You need something better of this silly diff version, You may find useful djcpp, cygwin or other unix-like platforms

Tags: DOS
Posted in kludges | No Comments »

Nagios monitoring imap active connections

June 15th, 2011

To monitor with nagios the number of imap sessions running on a mail server, I used this way.

First, the command definition

define command {
command_name check_imapd_conn
command_line /usr/lib/nagios/plugins/check_imap_conn $HOSTADDRESS$ $ARG1$
}

Second, the check definition

define service{
use                             generic-service
host_name                       myimapserver
service_description             IMAP Connections
is_volatile                     0
check_period                    24×7
max_check_attempts              3
normal_check_interval           5
retry_check_interval            1
contact_groups                  admins
notification_interval           240
notification_period             24×7
notification_options            c,r
check_command                   check_imapd_conn!public
process_perf_data               1
}

The script is this:

#!/bin/bash

HOSTNAME=$1
COMMUNITY=$2

RET_OK=”0″
RET_WARN=”1″
RET_CRIT=”2″
RET_UNKN=”3″

checkdata () {
VAL=`echo $2 | wc | awk ‘{print $2}’`
if [ $VAL -eq 0 ]; then
echo $1 is not set
exit $RET_UNKN
fi
}

# MAIN
checkdata “HOSTNAME” $HOSTNAME
checkdata “COMMUNITY” $COMMUNITY

STR=`/usr/bin/snmpget -v 2c -c $COMMUNITY $HOSTNAME .1.3.6.1.4.1.2021.8.1.101.5 | sed -e “s/.*STRING: //” | awk ‘{print $1}’`
NCONN=`echo $STR|sed -e “s/of.*//”`

# The Maximum number taken from imap configuration file after the “of” in output string
CRITVAL=`echo $STR|sed -e “s/.*of//”`

# warning at the 85%
WARNVAL=`expr $CRITVAL \* 85 / 100`

PERFSTR=”‘IMAP Connections’=$NCONN;$WARNVAL;$CRITVAL”
if [ “$NCONN” -gt “$CRITVAL” ]; then
echo “ERROR: Too much IMAPD connections ($NCONN) max is $CRITVAL.|”$PERFSTR
exit $RET_CRIT
fi

if [ “$NCONN” -gt “$WARNVAL” ]; then
echo “WARNING: $NCONN IMAP connections (max is $CRITVAL).|”$PERFSTR
exit $RET_WARN
else
echo “$NCONN concurrent IMAP connections (max is $CRITVAL).|”$PERFSTR
exit $RET_OK
fi

on my IMAP server I wrote this simple script:

#!/bin/sh
IMAPSRVIP=10.11.12.13
CONNATT=`sudo netstat -natp|grep $IMAPSRVIP:143|wc -l`
CONNMAX=`grep imap /etc/cyrus.conf|grep -v \#|sed -e “s/.*maxchild=//”|awk ‘{print $1}’`

RETVAL=”$CONNATT”of”$CONNMAX”
echo $RETVAL

the script full path is in the server snmpd.conf

# Arbitrary extension commands
exec IMAPConn /bin/sh /usr/local/snmpd-scripts/cnt_imap.sh

The sudo for netstat command in the script is needed to avoid an output line this

(No info could be read for “-p”: geteuid()=2002 but you should be root.)

Off corse, to make the sudo works as expected it’s needed to add a line like

snmp ALL=NOPASSWD: /bin/netstat

in sudo configuration.

Tags: imap, nagios, SNMP
Posted in Notes | No Comments »

The best website in the world…

May 20th, 2011

…is commandlinefu.com. Just to remind me that all can be done with a command line 🙂

Posted in fun | No Comments »

Command Line Interface to enable SNMP on a VMWare ESXI server

May 19th, 2011

Maybe You like to enable SNMP on Your VMware ESXI server.
Recently I used some suggestions from this page.
Install the VMware vSphere CLI interface andi issue commands like

vicfg-snmp –server <ESXi_ip> -c <communityname> -p 161 -t <destination_host>@161/<community name>

vicfg-snmp –server <ESXi_ip> -E

or (a bad but working way) just edit the file /etc/vmware/snmp.xml

Tags: SNMP, WMware
Posted in Drafts | No Comments »

a nagios plugin to monitor clamav status

April 12th, 2011

To monitor if a clam-av program on my mailserver is up to date, I set up the following trick.

first: I redirected on a file the freshclam output:

# 6 hours period virus definition update
7 1,7,13,19 * * * /usr/local/bin/freshclam > /var/log/clamav/freshcron.latest 2>&1

In case of out of date version, my file should looks like

# cat /var/log/clamav/freshcron.latest
ClamAV update process started at Wed Feb 9 07:07:01 2011
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.96.5 Recommended version: 0.97
DON’T PANIC! Read http://www.clamav.net/support/faq
Connecting via …… etc.

otherwise no line starting with the word worning in uppercase or the string recommended is present.
Second step: a script called by SNMP has set on my mailserver by adding the following line to /etc/snmp/snmpd.conf:

exec ClamVrfy /bin/sh /usr/lib/nagios/plugins/clamd_check.sh

the script source is

#!/bin/sh
PROCRUNNING=`ps -C clamd | wc -l`
VERSIONUPD=`grep Recommended /var/log/clamav/freshcron.latest`
echo $PROCRUNNING \”$VERSIONUPD\”

Third step: congiguration of my nagios setup adding

define command {
command_name check_update_clamd
command_line /usr/lib/nagios/plugins/check_clam_update $HOSTADDRESS$ $ARG1$ $ARG2$ $ARG3$
}

to command definitions, and

define service{
use                             generic-service

host_name                       mymailserver
service_description             CLAM-AV DEFS UPDATE
is_volatile                     0
check_period                    24×7
max_check_attempts              3
normal_check_interval           5
retry_check_interval            1
contact_groups                  admins
notification_interval           240
notification_period             24×7
notification_options            c,r
check_command                   check_update_clamd!public!2!5
process_perf_data               1
}

to services.
My plugin script is:

# cat /usr/lib/nagios/plugins/check_clam_update
#!/bin/bash

# Input parameters
HOSTNAME=$1
COMMUNITY=$2
MYVALWARN=$3
MYVALCRIT=$4

# Return Values
RET_OK=”0″
RET_WARN=”1″
RET_CRIT=”2″
RET_UNKN=”3″

checkdata () {
VAL=`echo $2 | wc | awk ‘{print $2}’`
if [ $VAL -eq 0 ]; then
echo $1 is not set
exit $RET_UNKN
fi
}

# MAIN
checkdata “HOSTNAME” $HOSTNAME
checkdata “COMMUNITY” $COMMUNITY

STR=`/usr/bin/snmpget -v 2c -c $COMMUNITY $HOSTNAME .1.3.6.1.4.1.2021.8.1.101.3 | sed -e “s/.*STRING: //”`

if [ “$STR” -ge “$MYVALCRIT” ]; then
echo “Clamd Antivirus Definition DB is Out of Date”
exit $RET_CRIT
else
if [ “$STR” -ge “$MYVALWARN” ]; then
echo “Clamd Antivirus Definition DB is Quite Old”
exit $RET_WARN
else
echo “Clamd Antivirus Definition DB is Up to Date”
exit $RET_OK
fi
fi

Tags: clamav, nagios
Posted in Notes | No Comments »