Zabbix 2 SNMPv3 device template

Zabbix comes with predefined SNMP Device Template, that is configured to access devices with SNMP version 2.
Here is modified version of 3 Zabbix’s templates for use with SNMPv3.

Zabbix SNMP v3 Template

It will add 7 new templates:

Template SNMPv3 Device
Template SNMPv3 Generic
Template SNMPv3 Interfaces
Template SNMPv3 Disks
Template SNMPv3 Processors
Template SNMPv3 OS Linux
Template SNMPv3 OS Windows

Download: zbx_SNMPv3_template.xml

To add this new template to your Zabbix, press “Import” button on templates page and select the xml file.

Template uses following macroses:

{$SNMP_SECNAME} – SNMPv3 username
{$SNMP_AUTH} – authentication password
{$SNMP_PRIV} – encryption passphrase

These macros have to be defined on hosts page:

Configuration – Hosts – <host using SNMP v3> – Macros – Add

Iptables configuration examples

As Linux systems become popular, it may be used as gateway in small networks.
This is the case when iptables – standard Linux firewall will come in handy.

You can easily set up simple NAT-ed network with few simple command lines.

Basic syntax: iptables -t *table* *command*

Parameters:
-L – list rules
-F – flush all rules
-A – add rule
ex: iptables -t *table* -A *chain* *rule*
-D – delete rule

For example: iptables -t *table* -D *chain* *rule number*

To make current ruleset persistent, run:

 /etc/init.d/iptables save

So let’s imagine we have a simple netork (at home), with a Linux host, Internet gateway (cable modem or similar) and a PC host (running Windows for example).


Continue reading

Nginx + SSL + PHP-FPM sample config

server {
    listen       443;
    server_name  server.name.com;
    root   /d1/html/phpbb;

    ssl                  on;
    ssl_certificate /etc/ssl/certificate.crt;
    ssl_certificate_key /etc/ssl/private.key;

    ssl_session_timeout  5m;

    ssl_protocols  SSLv2 SSLv3 TLSv1;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    location / {
        index index.php index.html index.htm;
    }

    location ~ \.php$ {
        include         /etc/nginx/fastcgi_params;
        if (-f $request_filename) {
        fastcgi_pass   127.0.0.1:9000;
        }
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    }
}

wget not working in cron

Please make sure that:

1. Cron is running (/etc/init.d/crond restart) – a bit obvious but worth a check

2. You specify full path to wget (like /usr/bin/wget)

For testing purposes you may paste this line to your crontab to make sure it’s working:

* * * * * /usr/bin/wget -O /tmp/index.php pingtool.org

This will save a copy of index page from pingtool.org to /tmp/index.php

Using flock to ensure only one instance of script is running

When you have a cron job that takes a while to finish, you need to be sure the next scheduled execution won’t come before completion of previous one. (For example you want file backup to finish before starting a new one).
Linux has one useful utility, that addresses this specific issue – flock.

/usr/bin/flock -w 600 /var/tmp/myscript.lock /root/myscript.sh

This will execute /root/myscript.sh only if previous instance of this script has finished.
Key -w 600 means that flock will wait for 10 minutes for previous instance of the script to finish, before aborting the execution.
You may want to put 0 here or omit the -w key entirely, so the script wait for indefinitely long time for previous instance to finish.

A bit better place for lock files is /var/run folder, however you may have to create a lockfile and give user write permissions for it before.