Compare commits
31 Commits
Author | SHA1 | Date | |
---|---|---|---|
|
b81a6d1237 | ||
|
85fb39af13 | ||
|
905bfdce90 | ||
|
972ef40482 | ||
|
437332781d | ||
|
fbc8f88ae0 | ||
|
8206e8796e | ||
|
3e23c01d30 | ||
|
ca89c3027d | ||
|
e9f44d8d03 | ||
|
4cd1050cfc | ||
|
1dedbd22bf | ||
|
7bdf91d788 | ||
|
b684b4db0a | ||
|
a4d7a2a48a | ||
|
22d6a1eaaa | ||
|
2d482d9675 | ||
|
3bd3ee67e0 | ||
|
2a62a32732 | ||
|
c481de7f61 | ||
|
3514ca3349 | ||
|
a6074b8ca2 | ||
|
ddbf6d7b48 | ||
|
29b2f00111 | ||
|
093a870376 | ||
|
5388e00b05 | ||
|
738268d20e | ||
|
b2b43bb1d2 | ||
|
0949c28232 | ||
|
4e06cf8c6b | ||
|
7be7fa71f3 |
3
.tito/packages/.readme
Normal file
3
.tito/packages/.readme
Normal file
|
@ -0,0 +1,3 @@
|
|||
the .tito/packages directory contains metadata files
|
||||
named after their packages. Each file has the latest tagged
|
||||
version and the project's relative directory.
|
1
.tito/packages/smeserver-zabbix-agent
Normal file
1
.tito/packages/smeserver-zabbix-agent
Normal file
|
@ -0,0 +1 @@
|
|||
0.4.8-1 ./
|
1
.tito/releasers.conf
Symbolic link
1
.tito/releasers.conf
Symbolic link
|
@ -0,0 +1 @@
|
|||
../../tito_libs/releasers.conf
|
6
.tito/tito.props
Normal file
6
.tito/tito.props
Normal file
|
@ -0,0 +1,6 @@
|
|||
[buildconfig]
|
||||
builder = tito.builder.Builder
|
||||
tagger = tito.tagger.VersionTagger
|
||||
changelog_do_not_remove_cherrypick = 0
|
||||
changelog_format = %s (%ae)
|
||||
lib_dir = ../tito_libs
|
|
@ -3,11 +3,11 @@
|
|||
use esmith::Build::CreateLinks qw(:all);
|
||||
|
||||
# Templates to expand
|
||||
foreach my $conf (qw!zabbix_agent.conf zabbix_agentd.conf zabbix_agentd.conf.d/asterisk.conf
|
||||
foreach my $conf (qw!zabbix_agentd.conf zabbix_agentd.conf.d/asterisk.conf
|
||||
zabbix_agentd.conf.d/deprecated_cpunum.conf zabbix_agentd.conf.d/deprecated_memory.conf
|
||||
zabbix_agentd.conf.d/deprecated_netstat.conf zabbix_agentd.conf.d/deprecated_swap.conf
|
||||
zabbix_agentd.conf.d/extip.conf zabbix_agentd.conf.d/mail.conf zabbix_agentd.conf.d/mysql.conf
|
||||
zabbix_agentd.conf.d/phpki_certs.conf zabbix_agentd.conf.d/samba.conf!){
|
||||
zabbix_agentd.conf.d/phpki_certs.conf zabbix_agentd.conf.d/samba.conf zabbix_agentd.conf.d/block_devices.conf!){
|
||||
templates2events("/etc/zabbix/$conf", qw(zabbix-agent-update bootstrap-console-save));
|
||||
}
|
||||
templates2events("/etc/sudoers", "zabbix-agent-update");
|
||||
|
|
|
@ -9,10 +9,10 @@ if ((${'zabbix-agent'}{'status'} || 'disabled') eq 'enabled'){
|
|||
HERE
|
||||
|
||||
if ((${'zabbix-agent'}{'StatusMail'} || 'disabled' ) eq 'enabled'){
|
||||
$OUT .=<<"HERE";
|
||||
$OUT .=<<'HERE';
|
||||
|
||||
# Send a status mail
|
||||
*/15 * * * * root /var/lib/zabbix/bin/util_send_status_mail
|
||||
*/15 * * * * root sleep $[ $RANDOM \% 120 ]; /var/lib/zabbix/bin/util_send_status_mail
|
||||
|
||||
HERE
|
||||
}
|
||||
|
|
|
@ -1,5 +0,0 @@
|
|||
# This is config file for zabbix_agent
|
||||
# To get more information about ZABBIX,
|
||||
# go http://www.zabbix.com
|
||||
|
||||
|
|
@ -1,6 +0,0 @@
|
|||
# IP address of ZABBIX server
|
||||
# Connections from other hosts will be denied
|
||||
|
||||
Server={ (${'zabbix-agent'}{'Servers'} || '127.0.0.1'); }
|
||||
|
||||
|
|
@ -1,5 +0,0 @@
|
|||
# Spend no more than Timeout seconds on processing
|
||||
# Must be between 1 and 30
|
||||
|
||||
Timeout=3
|
||||
|
|
@ -0,0 +1,13 @@
|
|||
{
|
||||
$OUT = '';
|
||||
qx(zabbix_agentd -t vfs.dev.discovery -c /dev/null | grep -q ZBX_NOTSUPPORTED);
|
||||
if ($? != 0){
|
||||
$OUT .= '# vfs.dev.discovery is natively supported, not UserParameter needed';
|
||||
} else{
|
||||
$OUT .=<<'_EOF';
|
||||
# Discover block devices
|
||||
UserParameter=vfs.dev.discovery,/var/lib/zabbix/bin/disco_block_devices
|
||||
_EOF
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,33 @@
|
|||
{
|
||||
my @encryptions = ();
|
||||
my $psk_file = ${'zabbix-agent'}{'TLSPSKFile'} || '/etc/zabbix/zabbix_agentd.psk';
|
||||
my $psk_id = ${'zabbix-agent'}{'TLSPSKIdentity'} || $SystemName . '.' . $DomainName . '-agent';
|
||||
if (-s $psk_file){
|
||||
push @encryptions, 'psk';
|
||||
$OUT .=<<_EOF;
|
||||
TLSPSKFile=$psk_file
|
||||
TLSPSKIdentity=$psk_id
|
||||
_EOF
|
||||
}
|
||||
|
||||
my $cert = ${'zabbix-agent'}{'TLSCertFile'} || '/etc/zabbix/zabbix_agentd.crt';
|
||||
my $key = ${'zabbix-agent'}{'TLSKeyFile'} || '/etc/zabbix/zabbix_agentd.key';
|
||||
my $ca = ${'zabbix-agent'}{'TLSCAFile'} || '/etc/zabbix/zabbix_agentd.ca';
|
||||
if (-s $cert && -s $key && -s $ca){
|
||||
push @encryptions, 'cert';
|
||||
$OUT .=<<_EOF;
|
||||
TLSCertFile=$cert
|
||||
TLSKeyFile=$key
|
||||
TLSCAFile=$ca
|
||||
_EOF
|
||||
my $issuer = ${'zabbix-agent'}{'TLSServerCertIssuer'} || '';
|
||||
my $subject = ${'zabbix-agent'}{'TLSServerCertSubject'} || '';
|
||||
$OUT .= "TLSServerCertIssuer=$issuer\n" if ($issuer ne '');
|
||||
$OUT .= "TLSServerCertSubject=$subject\n" if ($subject ne '');
|
||||
}
|
||||
my $encryptions = (scalar @encryptions > 0) ? join(',', @encryptions) : '';
|
||||
$OUT .=<<_EOF if ($encryptions ne '');
|
||||
TLSConnect=$encryptions
|
||||
TLSAccept=$encryptions
|
||||
_EOF
|
||||
}
|
|
@ -6,9 +6,7 @@ LOGFILE='/var/log/qpsmtpd/current'
|
|||
TMPDIR='/var/lib/zabbix/tmp/'
|
||||
|
||||
|
||||
for WHAT in dnsbl rhsbl clamav check_earlytalker check_basicheaders \
|
||||
check_goodrcptto check_spamhelo total_denied spam_denied \
|
||||
other_denied spam_queued queued total; do
|
||||
for WHAT in $($BINDIR/util_parse_mail_in keys); do
|
||||
$LOGTAIL $LOGFILE $TMPDIR/mail.in.$WHAT.offset | $PARSER $WHAT > $TMPDIR/mail.in.$WHAT
|
||||
done
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
# Copyright (C) 2009 Daniel Berteaud <daniel@firewall-services.com>
|
||||
# Copyright (C) 2009-2016 Daniel Berteaud <daniel@firewall-services.com>
|
||||
|
||||
# This file is part of smeserver-zabbix-agent package.
|
||||
|
||||
|
@ -18,57 +18,86 @@
|
|||
# along with Foobar; if not, write to the Free Software
|
||||
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
||||
|
||||
# This script parse qpsmtpd logs (which must be sent to STDIN), and count the number
|
||||
# of emails rejected by each plugins, and those accepted. You need to logterse plugin enabled
|
||||
|
||||
my $what = $ARGV[0] || '';
|
||||
|
||||
# On initialise nos compteurs a 0
|
||||
my @denied = qw(dnsbl rhsbl clamav check_earlytalker check_basicheaders check_goodrcptto check_spamhelo);
|
||||
# This is the list of plugins we can get stats for
|
||||
# you can set the regex used to identify a line in the logs
|
||||
my %denied = (
|
||||
dnsbl => qr{(dnsbl\s+90|naughty\s+90\d\s+\(dnsbl\))},
|
||||
rhsbl => qr{rhsbl\s+90},
|
||||
uribl => qr{uribl\s+90},
|
||||
clamav => qr{virus::clam(av|dscan)\s+90},
|
||||
check_earlytalker => qr{(check_)?earlytalker\s+90},
|
||||
check_basicheaders => qr{(check_basic)?headers\s+90},
|
||||
check_goodrcptto => qr{(check_)?goodrcptto\s+90},
|
||||
check_spamhelo => qr{((check_spam)?helo\s+90|naughty\s+90\d\s+\(helo\))},
|
||||
fcrdns => qr{fcrdns\s+90},
|
||||
karma => qr{(karma\s+90|naughty\s+90\d\s+\(karma\))},
|
||||
spf => qr{(sender_permitted_from|spf_deny)\s+90},
|
||||
dmarc => qr{dmarc\s+90},
|
||||
tls_failed => qr{tls\s+90},
|
||||
resolvable_fromhost => qr{(require_)?resolvable_fromhost}
|
||||
);
|
||||
|
||||
my @others = qw(total_denied spam_denied other_denied spam_queued queued total);
|
||||
|
||||
# If arg is keys, just print the supported keys and exit
|
||||
if ($what eq "keys"){
|
||||
print join "\n", (keys %denied, @others);
|
||||
exit (0)
|
||||
}
|
||||
|
||||
my %cnt;
|
||||
foreach (@denied,@others){
|
||||
foreach (keys %denied, @others){
|
||||
$cnt{$_} = 0;
|
||||
}
|
||||
|
||||
while (<STDIN>) {
|
||||
my $line = $_;
|
||||
|
||||
# on limites aux lignes concernant logterse
|
||||
# @400000004994ad092afa867c 18386 logging::logterse plugin: etc...
|
||||
next unless $line =~ m/^\@[0-9a-f]{24} \d+ logging::logterse plugin/;
|
||||
# We only want logterse lines like
|
||||
# @400000004994ad092afa867c 18386 logging::logterse plugin:
|
||||
# The format can slightly change depending on qpsmtpd version
|
||||
next unless $line =~ m/^\@[0-9a-f]{24} \d+( \((queue|deny)\))? logging::logterse/;
|
||||
|
||||
# D'abord on traite tout ceux qui contiennent 'msg denied before queued'
|
||||
# Lets count all the message which have been denied 'msg denied before queued'
|
||||
if ($line =~ m/msg denied before queued/){
|
||||
$cnt{total_denied}++;
|
||||
foreach (@denied){
|
||||
if ($line =~ m/$_/){
|
||||
$cnt{$_}++;
|
||||
}
|
||||
}
|
||||
next;
|
||||
$cnt{total_denied}++;
|
||||
# Now try to find the plugin responsible for the deny
|
||||
foreach (keys %denied){
|
||||
if ($line =~ m/$denied{$_}/){
|
||||
$cnt{$_}++;
|
||||
}
|
||||
}
|
||||
next;
|
||||
}
|
||||
|
||||
# Les messages refuses par spamassassin
|
||||
# Rejected by spamassassin because spam score is too high
|
||||
elsif ($line =~ m/spam score exceeded threshold/){
|
||||
$cnt{spam_denied}++;
|
||||
next;
|
||||
$cnt{spam_denied}++;
|
||||
next;
|
||||
}
|
||||
|
||||
# Spam mis en queue
|
||||
elsif ($line =~ m/queued.*Yes/){
|
||||
# Tagged as spam, but kept accepted
|
||||
elsif ($line =~ m/queued\s+<.*>\s+Yes,\s+(score|hits)=/){
|
||||
$cnt{spam_queued}++;
|
||||
next;
|
||||
}
|
||||
|
||||
# Enfin, les bon mails
|
||||
elsif ($line =~ m/queued.*No/){
|
||||
# Queued, not tagged as spam (or spam filtering disabled), those are the clean emails
|
||||
elsif ($line =~ m/queued\s+<.*>(\s+No,\s+(score|hits)=.+)?/){
|
||||
$cnt{queued}++;
|
||||
next;
|
||||
}
|
||||
}
|
||||
|
||||
# Caclul des totaux:
|
||||
# Now lets count other_denied, which is total_denied minus
|
||||
# all the known plugins denied
|
||||
$cnt{other_denied} = $cnt{total_denied};
|
||||
foreach (@denied){
|
||||
foreach (keys %denied){
|
||||
$cnt{total} = $cnt{total} + $cnt{$_};
|
||||
$cnt{other_denied} = $cnt{other_denied} - $cnt{$_};
|
||||
}
|
||||
|
@ -76,28 +105,25 @@ foreach (@others){
|
|||
$cnt{total} = $cnt{total} + $cnt{$_} if ($_ !~ /total/);
|
||||
}
|
||||
|
||||
# Si l'argument est "print" on affiche toutes les stats
|
||||
# The print argument prints all on stdout
|
||||
if ($what eq "print"){
|
||||
|
||||
foreach (@denied,@others){
|
||||
foreach (keys %denied,@others){
|
||||
print "$_: $cnt{$_}\n";
|
||||
}
|
||||
}
|
||||
|
||||
# Si l'argument correspond a un compteur definit
|
||||
# On affiche uniquemment cette valeur
|
||||
# If the arg is a known plugin, prints only its value
|
||||
elsif (defined $cnt{$what}){
|
||||
print "$cnt{$what}\n";
|
||||
}
|
||||
|
||||
# Sinon, on quitte avec une erreur
|
||||
# Else, print an error
|
||||
else{
|
||||
print "supported items are: ";
|
||||
foreach (@denied, @others){
|
||||
print "$_ ";
|
||||
foreach (keys %denied, @others){
|
||||
print "$_ ";
|
||||
}
|
||||
print "\n";
|
||||
exit 1;
|
||||
}
|
||||
exit 0;
|
||||
|
||||
|
|
|
@ -1,23 +1,31 @@
|
|||
#!/usr/bin/perl -w
|
||||
|
||||
use Mail::Send;
|
||||
use esmith::ConfigDB;
|
||||
use MIME::Lite;
|
||||
use Net::SMTP;
|
||||
|
||||
my $c = esmith::ConfigDB->open_ro();
|
||||
my $c = esmith::ConfigDB->open_ro();
|
||||
my $domain = $c->get('DomainName')->value();
|
||||
my $host = $c->get('SystemName')->value();
|
||||
my $z = $c->get('zabbix-agent');
|
||||
my $dest = $z->prop('StatusRecipient') || 'admin@' . $domain;
|
||||
my $host = $c->get('SystemName')->value();
|
||||
my $z = $c->get('zabbix-agent');
|
||||
my $dest = $z->prop('StatusRecipient') || 'admin@' . $domain;
|
||||
|
||||
my $mail = new Mail::Send;
|
||||
$mail->to("$dest");
|
||||
$mail->set("From","zabbix-agent");
|
||||
$mail->subject("[STATUS] $host.$domain");
|
||||
my $body = $mail->open;
|
||||
print $body localtime(time)."\n",
|
||||
"\n#>tail /var/log/messages :\n",
|
||||
`/usr/bin/tail /var/log/messages`,
|
||||
"\n#>netstat --numeric-hosts -tpu :\n",
|
||||
`/bin/netstat --numeric-hosts -tpu`;
|
||||
$body->close;
|
||||
my $smtp = Net::SMTP->new('localhost');
|
||||
my $mail = MIME::Lite->new(
|
||||
From => 'smeserver-status@' . $domain,
|
||||
To => $dest,
|
||||
Subject => "[STATUS] $host.$domain",
|
||||
Data => localtime(time)."\n" .
|
||||
"\n#>tail /var/log/messages :\n" .
|
||||
`/usr/bin/tail \$(readlink /var/log/messages)` .
|
||||
"\n#>netstat --numeric-hosts -tpu :\n" .
|
||||
`/bin/netstat --numeric-hosts -tpu`
|
||||
);
|
||||
|
||||
$smtp->mail('smeserver-status@' . $domain);
|
||||
$smtp->recipient($dest);
|
||||
$smtp->data();
|
||||
$smtp->datasend($mail->as_string);
|
||||
$smtp->dataend();
|
||||
$smtp->quit;
|
||||
|
||||
|
|
|
@ -1,14 +1,7 @@
|
|||
# $Id: smeserver-zabbix-agent.spec,v 1.34 2012/06/07 16:26:43 vip-ire Exp $
|
||||
# Authority: vip-ire
|
||||
# Name: Daniel Berteaud
|
||||
|
||||
%define name smeserver-zabbix-agent
|
||||
%define version 0.3.5
|
||||
%define release 1
|
||||
Summary: sme server integration of zabbix agent
|
||||
Name: %{name}
|
||||
Version: %{version}
|
||||
Release: %{release}%{?dist}
|
||||
Name: smeserver-zabbix-agent
|
||||
Version: 0.4.8
|
||||
Release: 1%{?dist}
|
||||
License: GNU GPL version 2
|
||||
URL: http://www.zabbix.com/
|
||||
Group: SMEserver/addon
|
||||
|
@ -21,6 +14,7 @@ Requires: e-smith-release >= 7.0
|
|||
Requires: zabbix-agent => 2.0.0
|
||||
Requires: zabbix-agent-addons => 0.1.15
|
||||
Requires: smeserver-remoteuseraccess
|
||||
Requires: qmqtool
|
||||
Requires: perl(IO::Socket)
|
||||
Requires: perl(Net::SSLeay)
|
||||
Requires: perl(Date::Parse)
|
||||
|
@ -33,6 +27,55 @@ Zabbix is an entreprise-class open source distributed monitoring
|
|||
solution
|
||||
|
||||
%changelog
|
||||
* Fri May 29 2020 Daniel Berteaud <daniel@firewall-services.com> 0.4.8-1
|
||||
- Adapt regex to match queued emails when spam filtering is disabled
|
||||
(daniel@firewall-services.com)
|
||||
|
||||
* Thu Feb 27 2020 Daniel Berteaud <daniel@firewall-services.com> 0.4.7-1
|
||||
- Rewrite util_send_status_mail to go through the SMTP server (daniel@firewall-
|
||||
services.com)
|
||||
- Remove useless var in spec file (daniel@firewall-services.com)
|
||||
|
||||
* Wed Nov 27 2019 Daniel Berteaud <daniel@firewall-services.com> 0.4.6-1
|
||||
- Remove the git CHANGELOG as it's not generated anymore (daniel@firewall-
|
||||
services.com)
|
||||
|
||||
* Wed Nov 27 2019 Daniel Berteaud <daniel@firewall-services.com> 0.4.5-1
|
||||
- Adapt spec file for tito (daniel@firewall-services.com)
|
||||
- Detect if running >= 4.4, and remove vfs.dev.discovery UserParameter in this
|
||||
case (daniel@firewall-services.com)
|
||||
|
||||
* Wed Nov 27 2019 Daniel Berteaud <daniel@firewall-services.com>
|
||||
- Detect if running >= 4.4, and remove vfs.dev.discovery UserParameter in this
|
||||
case (daniel@firewall-services.com)
|
||||
|
||||
* Tue Nov 26 2019 Daniel Berteaud <daniel@firewall-services.com> 0.4.3-1
|
||||
- new package built with tito
|
||||
|
||||
* Tue May 3 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.4.3-1.sme
|
||||
- Add dmarc regex in util_parse_mail_in and add support for spf_deny plugin
|
||||
|
||||
* Wed Apr 27 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.4.2-1.sme
|
||||
- Adapt qpsmtpd parser regex to match naughty rejects against the original
|
||||
plugin
|
||||
|
||||
* Tue Apr 19 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.4.1-1.sme
|
||||
- Adapt util_parse_mail_in and util_count_mail_in to work with qpsmtpd 0.96
|
||||
- Define %clean before %files so epel-macros don't try to add a default
|
||||
buggy %clean on el5
|
||||
|
||||
* Mon Mar 21 2016 Daniel Berteaud <daniel@firewall-services.com> - 0.4.0-1.sme
|
||||
- Add support for new encryption features of zabbix 3.0
|
||||
|
||||
* Wed Jun 10 2015 Daniel B. <daniel@firewall-services.com> - 0.3.8-1.sme
|
||||
- Add a random delay before sending the status email
|
||||
|
||||
* Mon Jan 5 2015 Daniel B. <daniel@firewall-services.com> - 0.3.7-1.sme
|
||||
- Requires qmqtool to monitor qmail queue
|
||||
|
||||
* Wed Jun 25 2014 Daniel B. <daniel@firewall-services.com> - 0.3.6-1.sme
|
||||
- Fix a warning in util_send_mail.pl script on EL6
|
||||
|
||||
* Wed Jun 11 2014 Daniel B. <daniel@firewall-services.com> - 0.3.5-1.sme
|
||||
- Fix exec perm on certs check scripts
|
||||
|
||||
|
@ -279,14 +322,12 @@ rm -f %{name}-%{version}-filelist
|
|||
--file /var/lib/zabbix/bin/check_certs_sudo 'attr(0750,root,zabbix)' \
|
||||
--dir /var/lib/zabbix/tmp 'attr(0750,zabbix,zabbix)' \
|
||||
> %{name}-%{version}-filelist
|
||||
echo "%doc CHANGELOG.git" >> %{name}-%{version}-filelist
|
||||
|
||||
%files -f %{name}-%{version}-filelist
|
||||
%defattr(-,root,root)
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files -f %{name}-%{version}-filelist
|
||||
%defattr(-,root,root)
|
||||
|
||||
%postun
|
||||
#uninstall
|
||||
|
|
Loading…
Reference in New Issue
Block a user