Zabbix 2 SNMPv3 device template

Zabbix comes with predefined SNMP Device Template, that is configured to access devices with SNMP version 2.
Here is modified version of 3 Zabbix’s templates for use with SNMPv3.

Zabbix SNMP v3 Template

It will add 7 new templates:

Template SNMPv3 Device
Template SNMPv3 Generic
Template SNMPv3 Interfaces
Template SNMPv3 Disks
Template SNMPv3 Processors
Template SNMPv3 OS Linux
Template SNMPv3 OS Windows

Download: zbx_SNMPv3_template.xml

To add this new template to your Zabbix, press “Import” button on templates page and select the xml file.

Template uses following macroses:

{$SNMP_SECNAME} – SNMPv3 username
{$SNMP_AUTH} – authentication password
{$SNMP_PRIV} – encryption passphrase

These macros have to be defined on hosts page:

Configuration – Hosts – <host using SNMP v3> – Macros – Add

Iptables configuration examples

As Linux systems become popular, it may be used as gateway in small networks.
This is the case when iptables – standard Linux firewall will come in handy.

You can easily set up simple NAT-ed network with few simple command lines.

Basic syntax: iptables -t *table* *command*

Parameters:
-L – list rules
-F – flush all rules
-A – add rule
ex: iptables -t *table* -A *chain* *rule*
-D – delete rule

For example: iptables -t *table* -D *chain* *rule number*

To make current ruleset persistent, run:

[code]
/etc/init.d/iptables save
[/code]

So let’s imagine we have a simple netork (at home), with a Linux host, Internet gateway (cable modem or similar) and a PC host (running Windows for example).


Continue reading

Nginx + SSL + PHP-FPM sample config

[code]
server {
listen 443;
server_name server.name.com;
root /d1/html/phpbb;

ssl on;
ssl_certificate /etc/ssl/certificate.crt;
ssl_certificate_key /etc/ssl/private.key;

ssl_session_timeout 5m;

ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location / {
index index.php index.html index.htm;
}

location ~ \.php$ {
include /etc/nginx/fastcgi_params;
if (-f $request_filename) {
fastcgi_pass 127.0.0.1:9000;
}
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}

[/code]

wget not working in cron

Please make sure that:

1. Cron is running (/etc/init.d/crond restart) – a bit obvious but worth a check

2. You specify full path to wget (like /usr/bin/wget)

For testing purposes you may paste this line to your crontab to make sure it’s working:

[code]
* * * * * /usr/bin/wget -O /tmp/index.php pingtool.org
[/code]
This will save a copy of index page from pingtool.org to /tmp/index.php

Using flock to ensure only one instance of script is running

When you have a cron job that takes a while to finish, you need to be sure the next scheduled execution won’t come before completion of previous one. (For example you want file backup to finish before starting a new one).
Linux has one useful utility, that addresses this specific issue – flock.
[code]
/usr/bin/flock -w 600 /var/tmp/myscript.lock /root/myscript.sh
[/code]
This will execute /root/myscript.sh only if previous instance of this script has finished.
Key -w 600 means that flock will wait for 10 minutes for previous instance of the script to finish, before aborting the execution.
You may want to put 0 here or omit the -w key entirely, so the script wait for indefinitely long time for previous instance to finish.

A bit better place for lock files is /var/run folder, however you may have to create a lockfile and give user write permissions for it before.