If you want to keep an eye on your system always and everywhere, you can accomplish this with a script, send ing status via E-Mail is possible too.
sendEmail provides a quick and simple communication interface.
More about sending mail by the system status script for IPFire here.
Extra addons nmap and mtr are necessary for the system status script.
This script may be used , expanded and supplemented. A thanks again to ummeegge for his preliminary work!
| Manpage | invocation |
|---|---|
| uptime | uptime |
| df | df -h |
| free | free |
| w | w |
| ps | ps auxf | sort -r -k 4 | head -10 |
| ps | ps auxf | sort -r -k 3 | head -10 |
| iostat | iostat |
| netstat | netstat -tulpn |
| nmap | nmap -v -p1-65535 localhost |
| lsof | lsof -i -n | egrep 'COMMAND|LISTEN' |
| ss | ss -u -a |
| netstat | netstat -atun | awk '{print $5}' | cut -d: -f1 | sed -e '/|$/d' |sort | uniq -c | sort -n |
| mtr | mtr -r -w -c 10 www.google.com |
| tail | tail -50 /var/log/messages |
| cat | cat /var/log/messages | grep sshd |
| tail | tail -50 /var/log/guardian/guardian.log |
| smartctl | smartctl -A /dev/sda |
#!/bin/bash -
#
# Script checks netstat of IPFire systems.
#
# $author: ummeegge & 5p9 ; $date: 29.03.13
#############################################
# Modified by ummeegge $date: 09.12.2016
# logs and infos
MESSAGES="/var/log/messages";
GUARDIAN="/var/log/guardian/guardian.log";
OVPN="/var/log/openvpn/ovpnserver.log";
PROFILE="/var/ipfire/fireinfo/profile"
# SSH, Guardian and ovpn variablen
ACCEPT="$(awk '/sshd/ && /Accepted/' ${MESSAGES})";
DENY="$(awk '/sshd/ && /Failed/' ${MESSAGES})";
# Date and host infos
DATE="$(date)";
MACHINE="$(hostname)";
OS="$(awk -F'"' '/"release":/ { print $4 }' "${PROFILE}")";
IP="$(curl -s ipecho.net/plain; echo)";
STATS="State from: ${DATE} - from host with IP:${IP} - named: ${MACHINE} - with OS: ${OS}";
# Text and formatting functions
COLUMNS="$(tput cols)";
# Seperator functions
seperatorA(){ printf -v _hr "%*s" ${COLUMNS} && echo ${_hr// /${1-=}}; }
seperatorB(){ printf -v _hr "%*s" ${COLUMNS} && echo ${_hr// /${1-_}}; }
seperatorC(){ printf '%*s\n' "${COLUMNS:-$(tput cols)}" '' | tr ' ' -; }
TITEL="IPFIRE SYSTEM INFORMATION SKRIPT";
UPTIME="Time, active time, how many users, CPU Load:";
DISK="Whats going on with my HDD:";
SMART="What says SMART ?:";
RAM="The RAM needs actual the following resources:";
LOGON="Who is logged on and what the hell he is doing there:";
TOPTENRAM="Top 10 RAM killer:";
TOPTENCPU="Top 10 CPU killer:";
IOSTAT="I/O CPU statistics for device and partition:";
NSTAT="NETSTAT SECTION";
NSTATCONPORTS="Which ports are open - which connections are up:";
LSOFAGAIN="IPv4 check with lsof:";
SSAGAIN="UDP und TCP check with ss:";
OVPNIFACE="OpenVPN Interfaces check:";
OVPNCLIENT="Actual Roadwarrior connections:";
SSHCHECK="SSH Login check:";
DDOS="DDos or not ?:";
GUARDIANLOG="What says guardian.log ?:"
LOG="What says /var/log/messages ?:";
# Main part
seperatorA;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#TITEL}+COLUMNS)/2)) "${TITEL}";
echo;
printf "%*s\n" $(((${#STATS}+COLUMNS)/2)) "${STATS}";
seperatorC;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#UPTIME}+COLUMNS)/2)) "${UPTIME}";
seperatorC;
echo;
uptime;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#DISK}+COLUMNS)/2)) "${DISK}";
seperatorC;
echo;
df -h;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#SMART}+COLUMNS)/2)) "${SMART}";
seperatorC;
echo;
smartctl -A /dev/sda;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#RAM}+COLUMNS)/2)) "${RAM}";
seperatorC;
echo;
free;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#LOGON}+COLUMNS)/2)) "${LOGON}";
seperatorC;
echo;
w;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#TOPTENRAM}+COLUMNS)/2)) "${TOPTENRAM}";
seperatorC;
echo;
ps auxf | sort -r -k 4 | head -10;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#TOPTENCPU}+COLUMNS)/2)) "${TOPTENCPU}";
seperatorC;
echo;
ps auxf | sort -r -k 4 | head -10;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#IOSTAT}+COLUMNS)/2)) "${IOSTAT}";
seperatorC;
echo;
iostat;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#NSTAT}+COLUMNS)/2)) "${NSTAT}";
seperatorC;
echo;
netstat -tulpn;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#NSTATCONPORTS}+COLUMNS)/2)) "${NSTATCONPORTS}";
seperatorC;
echo;
netstat -antpuew;
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#LSOFAGAIN}+COLUMNS)/2)) "${LSOFAGAIN}";
seperatorC;
echo;
lsof -i -n | grep -E 'COMMAND|LISTEN';
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#SSAGAIN}+COLUMNS)/2)) "${SSAGAIN}";
seperatorC;
echo;
ss -u -a;
echo;
echo;
if [ -n "$(pgrep openvpn)" ]; then
seperatorB;
echo;
printf "%*s\n" $(((${#OVPNIFACE}+COLUMNS)/2)) "${OVPNIFACE}";
seperatorC;
echo;
netstat -r | grep tun;
echo;
echo;
if [ -s "${OVPN}" ]; then
seperatorB;
echo;
printf "%*s\n" $(((${#OVPNCLIENT}+COLUMNS)/2)) "${OVPNCLIENT}";
seperatorC;
echo;
cat ${OVPN};
echo;
echo;
fi
fi
if [ -n "$(pgrep sshd)" ]; then
seperatorB;
echo;
printf "%*s\n" $(((${#SSHCHECK}+COLUMNS)/2)) "${SSHCHECK}";
seperatorC;
echo;
# accepted SSH Logins
if [ -n "${ACCEPT}" ]; then
echo;
echo "SSH got the following logins:"
echo;
awk '/sshd/ && /Accepted/' "${MESSAGES}";
echo;
else
echo "There where no logins:"
fi
# Failed SSH logins
if [ -n "${DENY}" ]; then
echo;
echo "The following SSH logins where incorrect:";
echo;
awk '/sshd/ && /Failed/' "${MESSAGES}";
echo;
else
echo "There where no incorrect logins:";
fi
fi
seperatorB;
echo;
printf "%*s\n" $(((${#DDOS}+COLUMNS)/2)) "${DDOS}";
seperatorC;
echo;
echo "Check ESTABLISHED connections and connections count"
netstat -ntu | grep ESTAB | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -nr;
echo;
echo "Count numbers of connections for each IP";
netstat -ntu | awk '{print $5}' | tail -n +3 | cut -d: -f1 | sort | uniq -c | sort -n
echo;
echo;
if [ -n "$(pgrep guardian)" ]; then
seperatorB;
echo;
printf "%*s\n" $(((${#GUARDIANLOG}+COLUMNS)/2)) "${GUARDIANLOG}";
seperatorC;
echo;
# Guardian logs
if [ -n "${GUARDIAN}" ]; then
echo;
echo "Guardian got the following IP entries."
echo;
tail -50 ${GUARDIAN};
echo;
else
echo "There are no entries in Guardian log."
fi
fi
seperatorB;
echo;
printf "%*s\n" $(((${#LOG}+COLUMNS)/2)) "${LOG}";
seperatorC;
echo;
tail -50 ${MESSAGES};
echo;
echo;
seperatorB;
echo;
printf "%*s\n" $(((${#STATS}+COLUMNS)/2)) "${STATS}";
seperatorB;
echo;
seperatorA;
# End script
After transfering / creating the script, it must be made executable:
chmod +x my-sysstat.sh
For a regular check by the above script can be called by a Cronjob for the my-sendemail.sh Script.
fcrontab -e
Specify the desired frequency, here every 8 hours, for the cronjob.
# sys_info 0 */8 * * * /mnt/harddisk/scripts/my-sendemail.sh
If you want to run this script only once a day and would like to receive the contents of the messages completely from the day before, add the following variable
datlog=`date -d "1 day ago" %b' '%e`
and change the line
tail -50 /var/log/messages
to
cat /var/log/messages | grep "$datlog"
Then adjust the execution time:
fcrontab -e
Now set the execution time to 00:10 AM.
# sys_info 10 00 * * * /mnt/harddisk/scripts/my-sendemail.sh
To test the script just type the following in the shell in the appropriate storage path:
./my-sendemail.sh
If everything is configured correctly, you should now find a status mail in your mailbox.
Older Revisions • March 15 at 5:21 am • Jason R