From 28548bf4b4d13c2729722900a81d3a9cfe59d435 Mon Sep 17 00:00:00 2001
From: latham <latham@ispconfig3>
Date: Fri, 01 Jul 2011 12:13:16 -0400
Subject: [PATCH] Add IPTables to monitoring data and monitoring interface
---
interface/web/monitor/tools.inc.php | 22 +++++++++++
server/lib/classes/monitor_tools.inc.php | 34 +++++++++++++++++
interface/web/monitor/lib/lang/en.lng | 1
server/mods-available/monitor_core_module.inc.php | 29 ++++++++++++++
interface/web/monitor/lib/module.conf.php | 5 ++
interface/web/monitor/show_data.php | 7 +++
6 files changed, 97 insertions(+), 1 deletions(-)
diff --git a/interface/web/monitor/lib/lang/en.lng b/interface/web/monitor/lib/lang/en.lng
index bf93a95..8f2cf46 100644
--- a/interface/web/monitor/lib/lang/en.lng
+++ b/interface/web/monitor/lib/lang/en.lng
@@ -139,6 +139,7 @@
$wb['monitor_title_raidstate_txt'] = 'RAID Status';
$wb['monitor_title_rkhunterlog_txt'] = 'RKHunter Log';
$wb['monitor_title_fail2ban_txt'] = 'Fail2Ban Log';
+$wb['monitor_title_iptables_txt'] = 'IPTables Rules';
$wb['monitor_title_beancounter_txt'] = 'OpenVz VE BeanCounter';
$wb['monitor_updates_nosupport_txt'] = 'Your distribution is not supported for this monitoring';
$wb['monitor_beancounter_nosupport_txt'] = 'This server is not a OpenVz VE and has no beancounter information';
diff --git a/interface/web/monitor/lib/module.conf.php b/interface/web/monitor/lib/module.conf.php
index 08b9bc9..5983687 100644
--- a/interface/web/monitor/lib/module.conf.php
+++ b/interface/web/monitor/lib/module.conf.php
@@ -180,6 +180,11 @@
'link' => 'monitor/show_data.php?type=fail2ban',
'html_id' => 'fai2ban');
+$items[] = array( 'title' => "Show IPTables",
+ 'target' => 'content',
+ 'link' => 'monitor/show_data.php?type=iptables',
+ 'html_id' => 'iptables');
+
$module["nav"][] = array( 'title' => 'Logfiles',
'open' => 1,
'items' => $items);
diff --git a/interface/web/monitor/show_data.php b/interface/web/monitor/show_data.php
index b43d9c8..daf18ca 100644
--- a/interface/web/monitor/show_data.php
+++ b/interface/web/monitor/show_data.php
@@ -124,6 +124,13 @@
$title = $app->lng("monitor_title_fail2ban_txt") . ' (' . $monTransSrv . ' : ' . $_SESSION['monitor']['server_name'] . ')';
$description = '';
break;
+ case 'iptables':
+ $template = 'templates/show_data.htm';
+ $output .= showIPTables();
+ $time = getDataTime('iptables_rules');
+ $title = $app->lng("monitor_title_iptables_txt") . ' (' . $monTransSrv . ' : ' . $_SESSION['monitor']['server_name'] . ')';
+ $description = '';
+ break;
default:
$template = '';
break;
diff --git a/interface/web/monitor/tools.inc.php b/interface/web/monitor/tools.inc.php
index 4d0e812..46ccaad 100644
--- a/interface/web/monitor/tools.inc.php
+++ b/interface/web/monitor/tools.inc.php
@@ -450,6 +450,28 @@
return $html;
}
+function showIPTables() {
+ global $app;
+ $record = $app->db->queryOneRecord("SELECT data, state FROM monitor_data WHERE type = 'iptables_rules' and server_id = " . $_SESSION['monitor']['server_id'] . " order by created desc");
+ if(isset($record['data'])) {
+ $html =
+ '<div class="systemmonitor-state state-'.$record['state'].'">
+ <div class="systemmonitor-content icons32 ico-'.$record['state'].'">';
+ $data = unserialize($record['data']);
+ if ($data == '') {
+ $html .= '<p>Problem, there are no rules listed for the server</p>';
+ }
+ else {
+ $html = nl2br($data['output']);
+ }
+ $html .= '</div></div>';
+ } else {
+ $html = '<p>There is no data available at the moment.</p>';
+ }
+ return $html;
+}
+
+
function showMailq() {
global $app;
diff --git a/server/lib/classes/monitor_tools.inc.php b/server/lib/classes/monitor_tools.inc.php
index 3d17880..02ffadd 100644
--- a/server/lib/classes/monitor_tools.inc.php
+++ b/server/lib/classes/monitor_tools.inc.php
@@ -1127,6 +1127,40 @@
return $res;
}
+ public function monitorIPTables() {
+ global $conf;
+
+ /* the id of the server as int */
+ $server_id = intval($conf['server_id']);
+
+ /** The type of the data */
+ $type = 'iptables_rules';
+
+ /* This monitoring is only available if fail2ban is installed */
+ system('which iptables', $retval); // Debian, Ubuntu, Fedora
+ if ($retval === 0) {
+ /* Get the data of the log */
+ $data['output'] = shell_exec('iptables -S');
+
+ /*
+ * At this moment, there is no state (maybe later)
+ */
+ $state = 'no_state';
+ } else {
+ $state = 'no_state';
+ $data = '';
+ }
+
+ /*
+ * Return the Result
+ */
+ $res['server_id'] = $server_id;
+ $res['type'] = $type;
+ $res['data'] = $data;
+ $res['state'] = $state;
+ return $res;
+ }
+
public function monitorSysLog() {
global $app;
global $conf;
diff --git a/server/mods-available/monitor_core_module.inc.php b/server/mods-available/monitor_core_module.inc.php
index 4294e54..ec85bed 100644
--- a/server/mods-available/monitor_core_module.inc.php
+++ b/server/mods-available/monitor_core_module.inc.php
@@ -112,6 +112,7 @@
$this->_monitorRaid();
$this->_monitorRkHunter();
$this->_monitorFail2ban();
+ $this->_monitorIPTables();
$this->_monitorSysLog();
}
@@ -509,12 +510,38 @@
}
private function _monitorFail2ban() {
+ global $app;
+
+ /*
+ * First we get the Monitoring-data from the tools
+ */
+ $res = $this->_tools->monitorFail2ban();
+
+ /*
+ * Insert the data into the database
+ */
+ $sql = 'INSERT INTO monitor_data (server_id, type, created, data, state) ' .
+ 'VALUES (' .
+ $res['server_id'] . ', ' .
+ "'" . $app->dbmaster->quote($res['type']) . "', " .
+ 'UNIX_TIMESTAMP(), ' .
+ "'" . $app->dbmaster->quote(serialize($res['data'])) . "', " .
+ "'" . $res['state'] . "'" .
+ ')';
+ $app->dbmaster->query($sql);
+
+ /* The new data is written, now we can delete the old one */
+ $this->_delOldRecords($res['type'], $res['server_id']);
+ }
+
+
+ private function _monitorIPTables() {
global $app;
/*
* First we get the Monitoring-data from the tools
*/
- $res = $this->_tools->monitorFail2ban();
+ $res = $this->_tools->monitorIPTables();
/*
* Insert the data into the database
--
Gitblit v1.9.1