RBL check con Nagios: Difference between revisions

From RVM Wiki
Jump to navigation Jump to search
← Older edit
VisualWikitext
mNo edit summary
 
(6 intermediate revisions by the same user not shown)
Line 1: Line 1:
==Creazione pacchetto==
=Installazione pacchetto=
==Debian >= Jessie==
sudo apt-get install nagios-plugins-contrib
 
==Debian < Jessie==
* Scaricare il tar:
* Scaricare il tar:
  wget https://trac.id.ethz.ch/projects/nagios_plugins/down
  wget https://trac.id.ethz.ch/projects/nagios_plugins/downnloads/check_rbl-1.3.0.tar.gz --no-check-certificates
nloads/check_rbl-1.3.0.tar.gz --no-check-certificates
  tar xvzf check_rbl-1.3.0.tar.gz
  tar xvzf check_rbl-1.3.0.tar.gz


Line 9: Line 12:
     -D --install=no \
     -D --install=no \
     -A all \
     -A all \
     --maintainer gabriele.mailing@rvmgroup.it \
     --maintainer email@example.com \
     --requires libnagios-plugin-perl,libreadonly-perl \
     --requires libnagios-plugin-perl,libreadonly-perl \
     --pkgname nagios-plugins-rbl
     --pkgname nagios-plugins-rbl \
    --review-control


'''Quando si edita il file control alla fine, eliminare le ricghe vuote con Conflicts: e xxxx:'''
'''Quando si edita il file control alla fine, eliminare le ricghe vuote con Conflicts: e xxxx:'''


* Eventualmente uploadarlo per signarlo
* Eventualmente uploadarlo per signarlo
==Installazione==
* Per installarlo da repository:
sudo apt-get install nagios-plugins-rbl


* Se si installa a mano:
* Se si installa a mano:
  sudo dpkg -i nagios-plugins-rbl libnagios-plugin-perl libreadonly-perl
  sudo dpkg -i nagios-plugins-rbl libnagios-plugin-perl libreadonly-perl


==Configurazione==
* Dal  repository su cui lo si è caricato:
sudo apt-get install nagios-plugins-rbl
 
=Configurazione=


* Disablitare l'interprete embedded di Nagios
* Disablitare l'interprete embedded di Nagios
Line 36: Line 39:
* Creare i comandi:
* Creare i comandi:
<pre>
<pre>
cat | sudo tee /etc/nagios-plugins/config/check_rbl.cfg > /dev/null <<EOFile
cat | sudo tee /etc/nagios3/conf.d/check_commands/check-rbl.cfg > /dev/null <<'EOFile'
define command{
define command{
                 command_name    check-rbl
                 command_name    check-rbl
                 command_line    $USER1$/contrib/check_rbl -H '$HOSTADDRESS$' -t 60 --extra-opts=check_rbl
                 command_line    $USER1$/contrib/check_rbl -H '$HOSTADDRESS$' -t 60 --extra-opts=rbl@etc/nagios-plugins/check_rbl.ini
                         #--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
                         #--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
         }
         }
EOFile
</pre>


<pre>
cat | sudo tee /etc/nagios3/conf.d/check_commands/check-rbl-address.cfg > /dev/null <<'EOFile'
define command{
define command{
                 command_name    check-rbl-address
                 command_name    check-rbl-address
                 command_line    $USER1$/contrib/check_rbl -H '$ARG1$' -t 60 --extra-opts=check_rbl
                 command_line    $USER1$/contrib/check_rbl -H '$ARG1$' -t 60 --extra-opts=rbl@etc/nagios-plugins/check_rbl.ini
                         #--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
                         #--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
         }
         }
Line 52: Line 59:




* Creare il file di configurazione contenente i server da testare:
* Creare il file di configurazione contenente i server da testare, OPPURE EDITARE QUELLO ESISTENTE:
<pre>
<pre>
cat | sudo tee -a /etc/nagios-plugins.ini > /dev/null <<EOFile
cat | sudo tee -a /etc/nagios-plugins/check_rbl.ini > /dev/null <<EOFile
[check_rbl]
[rbl]
server=dnsbl.ahbl.org
server=0spam.fusionzero.com
server=cbl.abuseat.org
server=access.redhawk.org
server=dnsbl.cyberlogic.net
server=b.barracudacentral.org
#server=blackholes.mail-abuse.org
server=blacklist.sci.kun.nl
server=bl.deadbeef.com
server=bl.deadbeef.com
server=spamtrap.drbl.drand.net
server=spamsources.fabel.dk
server=0spam.fusionzero.com
server=mail-abuse.blacklist.jippg.org
server=korea.services.net
server=spamguard.leadmon.net
server=ix.dnsbl.manitu.net
server=relays.nether.net
server=dnsbl.njabl.org
server=bhnc.njabl.org
server=no-more-funn.moensted.dk
server=rbl.orbitrbl.com
server=psbl.surriel.com
server=dyna.spamrats.com
server=noptr.spamrats.com
server=spam.spamrats.com
; this keeps all zones of sorbs excl. spam
server=dnsbl.sorbs.net
server=spam.dnsbl.sorbs.net
server=bl.spamcannibal.org
server=bl.spamcannibal.org
server=bl.spamcop.net
server=bl.spamcop.net
server=pbl.spamhaus.org
server=bogons.cymru.com
server=sbl.spamhaus.org
server=cbl.abuseat.org
server=xbl.spamhaus.org
server=cdl.anti-spam.org.cn
server=ubl.unsubscore.com
#server=combined.njabl.org
server=csi.cloudmark.com
server=db.wpbl.info
server=dnsbl-1.uceprotect.net
server=dnsbl-1.uceprotect.net
server=dnsbl-2.uceprotect.net
server=dnsbl-2.uceprotect.net
server=dnsbl-3.uceprotect.net
server=dnsbl-3.uceprotect.net
server=db.wpbl.info
server=dnsbl.cyberlogic.net
server=access.redhawk.org
server=dnsbl.dronebl.org
server=blacklist.sci.kun.nl
server=dnsbl.inps.de
server=bl.technovision.dk
server=dnsbl.kempt.net
server=dnsbl.kempt.net
server=dnsbl.solid.net
#server=dnsbl.njabl.org
server=dul.ru
#server=dnsbl.solid.net
server=dnsbl.sorbs.net
server=drone.abuse.ch
server=dsn.rfc-ignorant.org
server=dul.dnsbl.sorbs.net
server=dyna.spamrats.com
server=forbidden.icm.edu.pl
server=forbidden.icm.edu.pl
server=hil.habeas.com
server=hil.habeas.com
server=httpbl.abuse.ch
server=http.dnsbl.sorbs.net
server=ips.backscatterer.org
server=ix.dnsbl.manitu.net
server=korea.services.net
server=mail-abuse.blacklist.jippg.org
server=misc.dnsbl.sorbs.net
server=multi.surbl.org
server=netblock.pedantic.org
server=no-more-funn.moensted.dk
server=noptr.spamrats.com
server=opm.tornevall.org
server=pbl.spamhaus.org
server=psbl.surriel.com
server=query.senderbase.org
server=rbl.efnetrbl.org
server=rbl.interserver.net
#server=rbl-plus.mail-abuse.org
server=rbl.schulte.org
server=rbl.schulte.org
server=rbl.spamlab.com
server=rbl.suresupport.com
#server=relays.mail-abuse.org
server=relays.nether.net
server=sbl.spamhaus.org
server=sbl-xbl.spamhaus.org
server=sbl-xbl.spamhaus.org
; these are rather slow
server=short.rbl.jp
;server=bl.csma.biz
server=smtp.dnsbl.sorbs.net
;server=sbl.csma.biz
server=socks.dnsbl.sorbs.net
server=spam.dnsbl.sorbs.net
server=spamguard.leadmon.net
server=spamrbl.imp.ch
server=spamsources.fabel.dk
server=spam.spamrats.com
server=spamtrap.drbl.drand.net
server=tor.dan.me.uk
server=ubl.unsubscore.com
server=virbl.bit.nl
server=virus.rbl.jp
server=web.dnsbl.sorbs.net
server=wormrbl.imp.ch
server=xbl.spamhaus.org
server=zen.spamhaus.org
server=zombie.dnsbl.sorbs.net
EOFile
EOFile
</pre>
</pre>
Line 110: Line 144:
define service{
define service{
     use                generic-service
     use                generic-service
     host_name          fire.rvmgroup.it
     host_name          server.example.com
     service_description RBL
     service_description RBL
     check_command      check-rbl
     check_command      check-rbl
Line 121: Line 155:
define service{
define service{
     use                generic-service
     use                generic-service
     host_name          support.rvmgroup.it
     host_name          server.example.com
     service_description RBL
     service_description RBL
     check_command      check-rbl-address!89.96.171.169
     check_command      check-rbl-address!1.2.3.4
}
}
</pre>
</pre>


==Riferimenti==
=Riferimenti=
*[http://blog.matteocorti.ch/?tag=nagios Teo's Blog » nagios]
*[http://blog.matteocorti.ch/?tag=nagios Teo's Blog » nagios]
*[https://trac.id.ethz.ch/projects/nagios_plugins/wiki/check_rbl check_rbl – nagios_plugins]
*[https://trac.id.ethz.ch/projects/nagios_plugins/wiki/check_rbl check_rbl – nagios_plugins]
*[http://nagiosplugins.org/extra-opts Extra-Opts | Nagios Plugins]
*[http://www.anti-abuse.org/multi-rbl-check/ Multi-RBL Check | The Anti-Abuse Project]
*[http://www.anti-abuse.org/multi-rbl-check/ Multi-RBL Check | The Anti-Abuse Project]
*[http://www.msfaq.eu/nagios-rbl-check-plugin/ Nagios RBL Check Plugin | FAQ - HowTos - Tipps - Tricks]
*[http://www.msfaq.eu/nagios-rbl-check-plugin/ Nagios RBL Check Plugin | FAQ - HowTos - Tipps - Tricks]
Line 135: Line 170:
*[http://freshmeat.net/projects/nagioscheckbl/ nagios-check_bl is a Nagios plugin that checks whether a server is in any known anti-spam block lists]
*[http://freshmeat.net/projects/nagioscheckbl/ nagios-check_bl is a Nagios plugin that checks whether a server is in any known anti-spam block lists]
*[http://nagioswiki.com/wiki/index.php/Checking_Blacklisted_MTAs_with_CentOS_%2B_check_bl Checking Blacklisted MTAs with CentOS + check bl - Nagios Wiki]
*[http://nagioswiki.com/wiki/index.php/Checking_Blacklisted_MTAs_with_CentOS_%2B_check_bl Checking Blacklisted MTAs with CentOS + check bl - Nagios Wiki]
[[Category: Published]]

Latest revision as of 15:05, 4 May 2017

Installazione pacchetto

Debian >= Jessie

sudo apt-get install nagios-plugins-contrib

Debian < Jessie

  • Scaricare il tar:
wget https://trac.id.ethz.ch/projects/nagios_plugins/downnloads/check_rbl-1.3.0.tar.gz --no-check-certificates
tar xvzf check_rbl-1.3.0.tar.gz
  • Creare il file .deb
sudo checkinstall \
   -D --install=no \
   -A all \
   --maintainer email@example.com \
   --requires libnagios-plugin-perl,libreadonly-perl \
   --pkgname nagios-plugins-rbl \
   --review-control

Quando si edita il file control alla fine, eliminare le ricghe vuote con Conflicts: e xxxx:

  • Eventualmente uploadarlo per signarlo
  • Se si installa a mano:
sudo dpkg -i nagios-plugins-rbl libnagios-plugin-perl libreadonly-perl
  • Dal repository su cui lo si è caricato:
sudo apt-get install nagios-plugins-rbl

Configurazione

  • Disablitare l'interprete embedded di Nagios
sudoedit /etc/nagios3/nagios.cfg
   ...
   enable_embedded_perl=0
   use_embedded_perl_implicitly=0
   ...
  • Creare i comandi:
cat | sudo tee /etc/nagios3/conf.d/check_commands/check-rbl.cfg > /dev/null <<'EOFile'
define command{
                command_name    check-rbl
                command_line    $USER1$/contrib/check_rbl -H '$HOSTADDRESS$' -t 60 --extra-opts=rbl@etc/nagios-plugins/check_rbl.ini
                        #--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
        }
EOFile

cat | sudo tee /etc/nagios3/conf.d/check_commands/check-rbl-address.cfg > /dev/null <<'EOFile'
define command{
                command_name    check-rbl-address
                command_line    $USER1$/contrib/check_rbl -H '$ARG1$' -t 60 --extra-opts=rbl@etc/nagios-plugins/check_rbl.ini
                        #--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
        }
EOFile


  • Creare il file di configurazione contenente i server da testare, OPPURE EDITARE QUELLO ESISTENTE:
cat | sudo tee -a /etc/nagios-plugins/check_rbl.ini > /dev/null <<EOFile
[rbl]
server=0spam.fusionzero.com
server=access.redhawk.org
server=b.barracudacentral.org
#server=blackholes.mail-abuse.org
server=blacklist.sci.kun.nl
server=bl.deadbeef.com
server=bl.spamcannibal.org
server=bl.spamcop.net
server=bogons.cymru.com
server=cbl.abuseat.org
server=cdl.anti-spam.org.cn
#server=combined.njabl.org
server=csi.cloudmark.com
server=db.wpbl.info
server=dnsbl-1.uceprotect.net
server=dnsbl-2.uceprotect.net
server=dnsbl-3.uceprotect.net
server=dnsbl.cyberlogic.net
server=dnsbl.dronebl.org
server=dnsbl.inps.de
server=dnsbl.kempt.net
#server=dnsbl.njabl.org
#server=dnsbl.solid.net
server=dnsbl.sorbs.net
server=drone.abuse.ch
server=dsn.rfc-ignorant.org
server=dul.dnsbl.sorbs.net
server=dyna.spamrats.com
server=forbidden.icm.edu.pl
server=hil.habeas.com
server=httpbl.abuse.ch
server=http.dnsbl.sorbs.net
server=ips.backscatterer.org
server=ix.dnsbl.manitu.net
server=korea.services.net
server=mail-abuse.blacklist.jippg.org
server=misc.dnsbl.sorbs.net
server=multi.surbl.org
server=netblock.pedantic.org
server=no-more-funn.moensted.dk
server=noptr.spamrats.com
server=opm.tornevall.org
server=pbl.spamhaus.org
server=psbl.surriel.com
server=query.senderbase.org
server=rbl.efnetrbl.org
server=rbl.interserver.net
#server=rbl-plus.mail-abuse.org
server=rbl.schulte.org
server=rbl.spamlab.com
server=rbl.suresupport.com
#server=relays.mail-abuse.org
server=relays.nether.net
server=sbl.spamhaus.org
server=sbl-xbl.spamhaus.org
server=short.rbl.jp
server=smtp.dnsbl.sorbs.net
server=socks.dnsbl.sorbs.net
server=spam.dnsbl.sorbs.net
server=spamguard.leadmon.net
server=spamrbl.imp.ch
server=spamsources.fabel.dk
server=spam.spamrats.com
server=spamtrap.drbl.drand.net
server=tor.dan.me.uk
server=ubl.unsubscore.com
server=virbl.bit.nl
server=virus.rbl.jp
server=web.dnsbl.sorbs.net
server=wormrbl.imp.ch
server=xbl.spamhaus.org
server=zen.spamhaus.org
server=zombie.dnsbl.sorbs.net
EOFile
  • Utilizzarlo come ad esempio in:
define service{
    use                 generic-service
    host_name           server.example.com
    service_description RBL
    check_command       check-rbl
}

oppure 

define service{
    use                 generic-service
    host_name           server.example.com
    service_description RBL
    check_command       check-rbl-address!1.2.3.4
}

Riferimenti

Retrieved from "https://kb.rvmgroup.it/index.php?title=RBL_check_con_Nagios&oldid=9985"