dani
/
pfsense-zabbix
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fixed IPsec con_id

This commit is contained in:
Riccardo Bicelli 2021-07-07 23:04:45 +02:00
parent 5546a6c2b9
commit 8e340822e1
2 changed files with 12 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
README.md
View File

@ -12,8 +12,7 @@ Tested with pfSense 2.4.x, Zabbix 4.0, Zabbix 5.0
**Template pfSense Active**
- Network interface Discovery and Monitoring with User Assigned Names
- Scheduled Speedtest on WAN interfaces (via ookla speedtest)
- Gateway Discovery and Monitoring (Gateway Status/RTT)
- Gateway Discovery and Monitoring (Gateway Status/RTT)
- OpenVPN Server Discovery and Monitoring (Server Status/Tunnel Status)
- OpenVPN Clients Discovery and Monitoring (Client Status/Tunnel Status)
- CARP Monitoring (Global CARP State)
@ -41,17 +40,10 @@ Tested with pfSense 2.4.x, Zabbix 4.0, Zabbix 5.0
First copy the file pfsense_zbx.php to your pfsense box (e.g. to /root/scripts).
For example, from pfSense shell:
From **Diagnostics/Command Prompt** input this one-liner:
```bash
mkdir /root/scripts
curl -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php
```
or, from **Diagnostics/Command Prompt** input this one-liner:
```bash
mkdir /root/scripts && curl -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php
curl --create-dirs -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php
```
Then install package "Zabbix Agent 4" on your pfSense Box
@ -89,7 +81,7 @@ This is useful when monitoring services which could stay stopped on CARP Backup
## Setup Speedtest
For running speedtests on WAN interfaces you have to install the speedtest package
For running speedtests on WAN interfaces you have to install the speedtest package.
From **Diagnostics/Command Prompt** input this commands:
@ -107,14 +99,17 @@ curl -Lo /usr/local/lib/python3.7/site-packages/speedtest.py https://raw.githubu
For testing if speedtest is installed properly you can try it:
```bash
/usr/local/bin/speedtest
/usr/local/bin/speedtest
```
Remember that you will need to install the package on *every* pfSense upgrade.
**For speedtest to work you may need to increase Timeout up to its maximum (30)**
Speedtest template creates a cron job and check for entry everytime Zabbix requests its items. If you want to uninstall the cron jobs simply run, from **Diagnostics/Command Prompt**:
```bash
/url/local/bin/php /root/scripts/pfsense_zbx.php cron_cleanup
```
## Credits
[Keenton Zabbix Template](https://github.com/keentonsas/zabbix-template-pfsense) for Zabbix Agent freeBSD part.
[Keenton Zabbix Template](https://github.com/keentonsas/zabbix-template-pfsense) for Zabbix Agent freeBSD part.

8
pfsense_zbx.php
View File

@ -667,16 +667,12 @@ function pfz_ipsec_status($ikeid,$reqid=-1,$valuekey='state'){
$con_id = filter_var($l_ikeid, FILTER_SANITIZE_NUMBER_INT);
}
if ($ikesa['version'] == 1) {
$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
//pfSense 2.5 with conn enumeration like conn100000
if ( ($ph1idx===false) || ($ph1idx=='')) $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '0000'));
$ph1idx = $con_id/1000;
$ipsecconnected[$ph1idx] = $ph1idx;
} else {
if (!ipsec_ikeid_used($con_id)) {
// probably a v2 with split connection then
$ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00'));
//pfSense 2.5 with conn enumeration like conn100000
if ( ($ph1idx===false) || ($ph1idx=='')) $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '0000'));
$ph1idx = $con_id/1000;
$ipsecconnected[$ph1idx] = $ph1idx;
} else {
$ipsecconnected[$con_id] = $ph1idx = $con_id;