RBL check con Nagios
Creazione pacchetto
- Scaricare il tar:
wget https://trac.id.ethz.ch/projects/nagios_plugins/down
nloads/check_rbl-1.3.0.tar.gz --no-check-certificates
tar xvzf check_rbl-1.3.0.tar.gz
- Creare il file .deb
sudo checkinstall \ -D --install=no \ -A all \ --maintainer gabriele.mailing@rvmgroup.it \ --requires libnagios-plugin-perl,libreadonly-perl \ --pkgname nagios-plugins-rbl \ --review-control
Quando si edita il file control alla fine, eliminare le ricghe vuote con Conflicts: e xxxx:
- Eventualmente uploadarlo per signarlo
Installazione
- Per installarlo da repository:
sudo apt-get install nagios-plugins-rbl
- Se si installa a mano:
sudo dpkg -i nagios-plugins-rbl libnagios-plugin-perl libreadonly-perl
Configurazione
- Disablitare l'interprete embedded di Nagios
sudoedit /etc/nagios3/nagios.cfg ... enable_embedded_perl=0 use_embedded_perl_implicitly=0 ...
- Creare i comandi:
cat | sudo tee /etc/nagios-plugins/config/check_rbl.cfg > /dev/null <<EOFile
define command{
command_name check-rbl
command_line $USER1$/contrib/check_rbl -H '$HOSTADDRESS$' -t 60 --extra-opts=check_rbl
#--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
}
define command{
command_name check-rbl-address
command_line $USER1$/contrib/check_rbl -H '$ARG1$' -t 60 --extra-opts=check_rbl
#--extra-opts=check_rbl@/etc/nagios-plugins.ini -v -d
}
EOFile
- Creare il file di configurazione contenente i server da testare:
cat | sudo tee -a /etc/nagios-plugins.ini > /dev/null <<EOFile [check_rbl] server=dnsbl.ahbl.org server=cbl.abuseat.org server=dnsbl.cyberlogic.net server=bl.deadbeef.com server=spamtrap.drbl.drand.net server=spamsources.fabel.dk server=0spam.fusionzero.com server=mail-abuse.blacklist.jippg.org server=korea.services.net server=spamguard.leadmon.net server=ix.dnsbl.manitu.net server=relays.nether.net server=dnsbl.njabl.org server=bhnc.njabl.org server=no-more-funn.moensted.dk server=rbl.orbitrbl.com server=psbl.surriel.com server=dyna.spamrats.com server=noptr.spamrats.com server=spam.spamrats.com ; this keeps all zones of sorbs excl. spam server=dnsbl.sorbs.net server=spam.dnsbl.sorbs.net server=bl.spamcannibal.org server=bl.spamcop.net server=pbl.spamhaus.org server=sbl.spamhaus.org server=xbl.spamhaus.org server=ubl.unsubscore.com server=dnsbl-1.uceprotect.net server=dnsbl-2.uceprotect.net server=dnsbl-3.uceprotect.net server=db.wpbl.info server=access.redhawk.org server=blacklist.sci.kun.nl server=bl.technovision.dk server=dnsbl.kempt.net server=dnsbl.solid.net server=dul.ru server=forbidden.icm.edu.pl server=hil.habeas.com server=rbl.schulte.org server=sbl-xbl.spamhaus.org ; these are rather slow ;server=bl.csma.biz ;server=sbl.csma.biz EOFile
- Utilizzarlo come ad esempio in:
define service{
use generic-service
host_name fire.rvmgroup.it
service_description RBL
check_command check-rbl
}
oppure
define service{
use generic-service
host_name support.rvmgroup.it
service_description RBL
check_command check-rbl-address!89.96.171.169
}
Riferimenti
- Teo's Blog » nagios
- check_rbl – nagios_plugins
- Extra-Opts | Nagios Plugins
- Multi-RBL Check | The Anti-Abuse Project
- Nagios RBL Check Plugin | FAQ - HowTos - Tipps - Tricks
- BLACKLISTALERT.ORG - Test if your IP or DOMAIN is listed in a spamdatabase
- nagios-check_bl is a Nagios plugin that checks whether a server is in any known anti-spam block lists
- Checking Blacklisted MTAs with CentOS + check bl - Nagios Wiki