Results 1 to 24 of 24
  1. #1
    Join Date
    May 2013
    Posts
    294

    How to receive email alert when firewall stops?

    Any way to receive email alert if iptables , firewall stops?
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  2. #2
    I'd be more worried about why your firewall "stops" in the first place Do you mean all policies are reset to ACCEPT?

  3. #3
    ...I noticed your other thread about iptables/crontab. Find the cronjob:

    crontab -l
    cat /etc/crontab
    ls -laR /etc/cron*
    grep . /var/spool/cron/*

    It should be in there somewhere.

  4. #4
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    152
    It's depend if iptables is running as service named as "iptables", normaly it work on redhat/centos like.

    This is a script you can use to check if iptables it's alive, put it on a cronjob of 1min

    Code:
    if [ `service iptables status` = "Firewall is running." ]
    then
            echo "All is well, so do nothing" >/dev/null 2>&1
    else
            echo "Firewall is down, or status is unknown" | mail -s "Firewall problem" me@mydomain.com
    fi
    on crontab (crontab -e):
    */1 * * * * bash /root/scriptname.sh

  5. #5
    Join Date
    May 2013
    Posts
    294
    Thanks It did not send email any Idea?
    The cron works
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  6. #6
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    152
    install sendmail, witch Linux you have?
    it send mail only if find firewall it's stopped.

  7. #7
    Join Date
    May 2013
    Posts
    294
    CENTOS 5.9
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  8. #8
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    152
    yum install sendmail sendmail-cf

  9. #9
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by raffo View Post
    It's depend if iptables is running as service named as "iptables", normaly it work on redhat/centos like.

    This is a script you can use to check if iptables it's alive, put it on a cronjob of 1min

    Code:
    if [ `service iptables status` = "Firewall is running." ]
    then
            echo "All is well, so do nothing" >/dev/null 2>&1
    else
            echo "Firewall is down, or status is unknown" | mail -s "Firewall problem" me@mydomain.com
    fi
    I think youre script is wrong, not the sendmail.
    Use this script:
    Code:
    #!/bin/bash
    DROP=$(service iptables status | grep "DROP" | wc -l)
    if [ ${DROP} -gt  0 ]; then
    echo "All is well, so do nothing"
    else
    echo "Firewall is down, or status is unknown" | mail -s "Firewall problem" root
    fi
    It is so funny, so simple...
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  10. #10
    Join Date
    May 2013
    Posts
    294
    Isn't it a permission issue?
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  11. #11
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by psalm91 View Post
    Isn't it a permission issue?
    1. Create a file "check_csf.sh", insert my script, save the file.

    Code:
    #!/bin/bash
    DROP=$(service iptables status | grep "DROP" | wc -l)
    if [ ${DROP} -gt  0 ]; then
    echo "All is well, so do nothing" > /dev/null 2>&1
    else
    echo "Firewall is down, or status is unknown" | mail -s "Firewall problem" root
    fi
    2. Run: chmod +x check_csf.sh

    3. Create a crontab: crontab -e

    */2 * * * * /location_of_yourfile/check_csf.sh

    save crontab

    That's it !!!


    Regards
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  12. #12
    Join Date
    May 2013
    Posts
    294
    /bin/bash^M: bad interpreter: No such file or directory
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  13. #13
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by psalm91 View Post
    /bin/bash^M: bad interpreter: No such file or directory
    What you have running:

    Code:
    which bash
    Probably you are using ctrl -v and ctrl -c from windows machine.

    Check the script to be correct like I wrote...
    Last edited by rowebca; 10-01-2013 at 10:52 PM.
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  14. #14
    Join Date
    May 2013
    Posts
    294
    syntax error near unexpected token `fi'
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  15. #15
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    152
    Quote Originally Posted by Rowebca View Post
    It is so funny, so simple...
    too much simple maybe

    Code:
    #!/bin/bash
    DROP=$(service iptables status | grep "DROP" | wc -l) ## Well this part grep DROP but if there are tables with not DROP but REJECT or only limit? will fail.
    if [ ${DROP} -gt  0 ]; then
    echo "All is well, so do nothing" ## will print on video, if run on cron will email the output each time will run the script (each minutes got one email say "All is well, so do nothing"
    else
    echo "Firewall is down, or status is unknown" | mail -s "Firewall problem" root  ## will email root but must specify a .forward if want to read the email on a smtp server.
    fi
    My script it work on old version of redhat.

    the best will be if the script check if a "chainname" it's present on iptables..

    Code:
    #!/bin/bash
    #
    #Check if firewall is up
    CHECK=`iptables -L -n | grep -m 1 chainname'
    if [ -z "$CHECK" ]
    then
    echo "Firewall is down on `hostname`" | mail -s "Firewall Status" me@mydomain.com
    fi
    will be more easy to see the iptables code, so we will sure the script will grep correct word on check.

  16. #16
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by raffo View Post
    too much simple maybe

    Code:
    # Well this part grep DROP but if there are tables with not DROP but REJECT or only limit? will fail.
    the best will be if the script check if a "chainname" it's present on iptables..

    [CODE]
    will be more easy to see the iptables code, so we will sure the script will grep correct word on check.
    You are 100% right I was just think about Centos and CSF. But my guess is that he is trying to install a bash script on windows box (maybe I am wrong), that's why is that error "^M".

    regards
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  17. #17
    Join Date
    May 2013
    Posts
    294
    /bin/bash: /root/firewaldown.sh: /bin/bash^M: bad interpreter: No such file or directory
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  18. #18
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    152
    Quote Originally Posted by psalm91 View Post
    /bin/bash: /root/firewaldown.sh: /bin/bash^M: bad interpreter: No such file or directory
    This error is because you run a file (where you write the code of the script) from windows and linux don't read well the code.
    So must convert dos file to unix file!
    Code:
    yum install dos2unix
    dos2unix /root/firewaldown.sh
    You can do also with other method:
    Code:
    tr -d '\15\32' < winfile.txt > unixfile.txt

  19. #19
    Join Date
    May 2013
    Posts
    294
    I thought it was simple!

    I have a linux server I want to simply get email when firewall is not running.

    No problem just give up

    Thanks any way
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

  20. #20
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by raffo View Post
    This error is because you run a file (where you write the code of the script) from windows and linux don't read well the code.
    So must convert dos file to unix file!
    Nice answer, it is still running windows those days???. I was impress those days I was in a store and I saw they are still using FoxPro (if you remember the version for ms-dos 6.2). I was really impress, I loved programming in that).

    Sorry for my off-topic !!!
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  21. #21
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    152
    Quote Originally Posted by psalm91 View Post
    I thought it was simple!

    I have a linux server I want to simply get email when firewall is not running.

    No problem just give up

    Thanks any way
    how can we help you if you only want to go to the solution without try our efforts?

    see you

  22. #22
    Join Date
    Dec 2011
    Location
    Montreal
    Posts
    431
    Quote Originally Posted by psalm91 View Post
    I have a linux server I want to simply get email when firewall is not running.

    No problem just give up
    Don't give up, try harder and you'll see how easy it is.


    Regards
    George B. | ROWEBCA
    Web Hosting Services & Server Management
    Skype : rowebca

  23. #23
    Join Date
    May 2009
    Location
    Italy - Rome
    Posts
    152
    Quote Originally Posted by Rowebca View Post
    Nice answer, it is still running windows those days???. I was impress those days I was in a store and I saw they are still using FoxPro (if you remember the version for ms-dos 6.2). I was really impress, I loved programming in that).

    Sorry for my off-topic !!!
    I remember AS400 i never worked on ms-dos on a production server i'm not so old hahah
    He don't run windows box, he run linux but the the script file he want to execute is write under dos code, just convert to unix mode to run it

  24. #24
    Join Date
    May 2013
    Posts
    294
    Make it easier please
    Treat your password like your toothbrush. Don't let anybody else use it, and get a new one every six months.Sancte Michael Archangele, defende nos in proelio, contra nequitiam et insidias diaboli esto praesidium. Imperet illi Deus, supplices deprecamur: tuque, Princeps militiae coelestis, Satanam aliosque spiritus malignos, qui ad perditionem animarum pervagantur in mundo, divina virtute, in infernum detrude. Amen

Similar Threads

  1. iptables firewall on: can't receive emails
    By amirak172 in forum Hosting Security and Technology
    Replies: 2
    Last Post: 06-10-2009, 02:11 AM
  2. APF firewall. Daily automated email showing firewall status
    By Charles Sweeney in forum Hosting Security and Technology Tutorials
    Replies: 0
    Last Post: 06-24-2004, 04:18 PM
  3. RAQ550 - Add new site then all incoming email stops
    By PCInformation in forum Dedicated Server
    Replies: 0
    Last Post: 07-26-2003, 02:14 PM
  4. RAQ550 - Add new site then all incoming email stops
    By PCInformation in forum Dedicated Server
    Replies: 0
    Last Post: 07-26-2003, 02:12 PM
  5. Firewall stops Win2K email
    By MattMans in forum Hosting Security and Technology
    Replies: 2
    Last Post: 12-06-2002, 04:53 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •