From 8e340822e190d707519ba83389805dc8da3b4635 Mon Sep 17 00:00:00 2001 From: Riccardo Bicelli Date: Wed, 7 Jul 2021 23:04:45 +0200 Subject: [PATCH] Fixed IPsec con_id --- README.md | 25 ++++++++++--------------- pfsense_zbx.php | 8 ++------ 2 files changed, 12 insertions(+), 21 deletions(-) diff --git a/README.md b/README.md index 86fe458..210c699 100644 --- a/README.md +++ b/README.md @@ -12,8 +12,7 @@ Tested with pfSense 2.4.x, Zabbix 4.0, Zabbix 5.0 **Template pfSense Active** - Network interface Discovery and Monitoring with User Assigned Names - - Scheduled Speedtest on WAN interfaces (via ookla speedtest) - - Gateway Discovery and Monitoring (Gateway Status/RTT) + - Gateway Discovery and Monitoring (Gateway Status/RTT) - OpenVPN Server Discovery and Monitoring (Server Status/Tunnel Status) - OpenVPN Clients Discovery and Monitoring (Client Status/Tunnel Status) - CARP Monitoring (Global CARP State) @@ -41,17 +40,10 @@ Tested with pfSense 2.4.x, Zabbix 4.0, Zabbix 5.0 First copy the file pfsense_zbx.php to your pfsense box (e.g. to /root/scripts). -For example, from pfSense shell: +From **Diagnostics/Command Prompt** input this one-liner: ```bash -mkdir /root/scripts -curl -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php -``` - -or, from **Diagnostics/Command Prompt** input this one-liner: - -```bash -mkdir /root/scripts && curl -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php +curl --create-dirs -o /root/scripts/pfsense_zbx.php https://raw.githubusercontent.com/rbicelli/pfsense-zabbix-template/master/pfsense_zbx.php ``` Then install package "Zabbix Agent 4" on your pfSense Box @@ -89,7 +81,7 @@ This is useful when monitoring services which could stay stopped on CARP Backup ## Setup Speedtest -For running speedtests on WAN interfaces you have to install the speedtest package +For running speedtests on WAN interfaces you have to install the speedtest package. From **Diagnostics/Command Prompt** input this commands: @@ -107,14 +99,17 @@ curl -Lo /usr/local/lib/python3.7/site-packages/speedtest.py https://raw.githubu For testing if speedtest is installed properly you can try it: ```bash - /usr/local/bin/speedtest +/usr/local/bin/speedtest ``` Remember that you will need to install the package on *every* pfSense upgrade. -**For speedtest to work you may need to increase Timeout up to its maximum (30)** +Speedtest template creates a cron job and check for entry everytime Zabbix requests its items. If you want to uninstall the cron jobs simply run, from **Diagnostics/Command Prompt**: +```bash +/url/local/bin/php /root/scripts/pfsense_zbx.php cron_cleanup +``` ## Credits -[Keenton Zabbix Template](https://github.com/keentonsas/zabbix-template-pfsense) for Zabbix Agent freeBSD part. +[Keenton Zabbix Template](https://github.com/keentonsas/zabbix-template-pfsense) for Zabbix Agent freeBSD part. \ No newline at end of file diff --git a/pfsense_zbx.php b/pfsense_zbx.php index af23d78..561bfac 100644 --- a/pfsense_zbx.php +++ b/pfsense_zbx.php @@ -667,16 +667,12 @@ function pfz_ipsec_status($ikeid,$reqid=-1,$valuekey='state'){ $con_id = filter_var($l_ikeid, FILTER_SANITIZE_NUMBER_INT); } if ($ikesa['version'] == 1) { - $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00')); - //pfSense 2.5 with conn enumeration like conn100000 - if ( ($ph1idx===false) || ($ph1idx=='')) $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '0000')); + $ph1idx = $con_id/1000; $ipsecconnected[$ph1idx] = $ph1idx; } else { if (!ipsec_ikeid_used($con_id)) { // probably a v2 with split connection then - $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '00')); - //pfSense 2.5 with conn enumeration like conn100000 - if ( ($ph1idx===false) || ($ph1idx=='')) $ph1idx = substr($con_id, 0, strrpos(substr($con_id, 0, -1), '0000')); + $ph1idx = $con_id/1000; $ipsecconnected[$ph1idx] = $ph1idx; } else { $ipsecconnected[$con_id] = $ph1idx = $con_id;