From b31bb1f27f066a2d49f5ab9ee0ca15e985efc788 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 26 Sep 2011 06:50:23 -0400
Subject: [PATCH] Fixed: FS#1619 - Add apache SNI / SAN support for SSL.
---
server/lib/classes/monitor_tools.inc.php | 373 ++++++++++++++++++++++++++++++++++++++++++++--------
1 files changed, 313 insertions(+), 60 deletions(-)
diff --git a/server/lib/classes/monitor_tools.inc.php b/server/lib/classes/monitor_tools.inc.php
index 1e33ea7..4e82e0a 100644
--- a/server/lib/classes/monitor_tools.inc.php
+++ b/server/lib/classes/monitor_tools.inc.php
@@ -149,35 +149,67 @@
return array('name' => $distname, 'version' => $distver, 'id' => $distid, 'baseid' => $distbaseid);
}
+ //** Email Quota
+ public function monitorEmailQuota() {
+ global $conf;
+
+ //* Initialize data array
+ $data = array();
+
+ //* the id of the server as int
+ $server_id = intval($conf['server_id']);
+
+ //* The type of the data
+ $type = 'email_quota';
+
+ //* The state of the email_quota.
+ $state = 'ok';
+
+ //* Dovecot quota check Courier in progress lathama@gmail.com
+ if($dir = opendir("/var/vmail")){
+ while (($quotafiles = readdir($dir)) !== false){
+ if(preg_match('/.\_quota$/', $quotafiles)){
+ $quotafile = (file("/var/vmail/" . $quotafiles));
+ $emailaddress = preg_replace('/_quota/',"", $quotafiles);
+ $emailaddress = preg_replace('/_/',"@", $emailaddress);
+ $data[$emailaddress]['used'] = trim($quotafile['1']);
+ }
+ }
+ closedir($dir);
+ }
+ $res['server_id'] = $server_id;
+ $res['type'] = $type;
+ $res['data'] = $data;
+ $res['state'] = $state;
+ return $res;
+ }
+
+ //** Filesystem Quota
public function monitorHDQuota() {
global $conf;
- /* Initialize data array */
+ //* Initialize data array
$data = array();
- /* the id of the server as int */
+ //* the id of the server as int
$server_id = intval($conf['server_id']);
- /** The type of the data */
+ //* The type of the data
$type = 'harddisk_quota';
- /** The state of the harddisk_quota. */
+ //* The state of the harddisk_quota.
$state = 'ok';
- /** Fetch the data for all users */
+ //* Fetch the data for all users
$dfData = shell_exec('repquota -au');
- // split into array
+ //* Split into array
$df = explode("\n", $dfData);
- /*
- * ignore the first 5 lines, process the rest
- */
+ //* ignore the first 5 lines, process the rest
for ($i = 5; $i <= sizeof($df); $i++) {
if ($df[$i] != '') {
- /*
- * Make a array of the data
- */
+ //* Make a array of the data
$s = preg_split('/[\s]+/', $df[$i]);
$username = $s[0];
if (substr($username, 0, 3) == 'web') {
@@ -194,20 +226,16 @@
}
}
- /** Fetch the data for all users */
+ //** Fetch the data for all users
$dfData = shell_exec('repquota -ag');
- // split into array
+ //* split into array
$df = explode("\n", $dfData);
- /*
- * ignore the first 5 lines, process the rest
- */
+ //* ignore the first 5 lines, process the rest
for ($i = 5; $i <= sizeof($df); $i++) {
if ($df[$i] != '') {
- /*
- * Make a array of the data
- */
+ //* Make a array of the data
$s = preg_split('/[\s]+/', $df[$i]);
$groupname = $s[0];
if (substr($groupname, 0, 6) == 'client') {
@@ -224,9 +252,7 @@
}
}
- /*
- * Return the Result
- */
+ //* Return the Result
$res['server_id'] = $server_id;
$res['type'] = $type;
$res['data'] = $data;
@@ -332,7 +358,7 @@
/* the ISPC-Version has no state. It is, what it is */
$state = 'no_state';
-
+
/*
* Return the Result
*/
@@ -381,6 +407,15 @@
* calculate the state
*/
$usePercent = floatval($data[$i]['percent']);
+
+ //* get the free memsize
+ if(substr($data[$i]['available'],-1) == 'G') {
+ $freesize = floatval($data[$i]['available'])*1024;
+ } elseif(substr($data[$i]['available'],-1) == 'T') {
+ $freesize = floatval($data[$i]['available'])*1024*1024;
+ } else {
+ $freesize = floatval($data[$i]['available']);
+ }
//* We don't want to check some filesystem which have no sensible filling levels
switch ($data[$i]['type']) {
@@ -392,13 +427,13 @@
case 'udev':
break;
default:
- if ($usePercent > 75)
+ if ($usePercent > 75 && $freesize < 2000)
$state = $this->_setState($state, 'info');
- if ($usePercent > 80)
+ if ($usePercent > 80 && $freesize < 1000)
$state = $this->_setState($state, 'warning');
- if ($usePercent > 90)
+ if ($usePercent > 90 && $freesize < 500)
$state = $this->_setState($state, 'critical');
- if ($usePercent > 95)
+ if ($usePercent > 95 && $freesize < 100)
$state = $this->_setState($state, 'error');
break;
}
@@ -446,7 +481,7 @@
* maybe someone knows better...???...
*/
$state = 'no_state';
-
+
/*
* Return the Result
*/
@@ -518,8 +553,16 @@
/** the id of the server as int */
$server_id = intval($conf['server_id']);
- /** get the "active" Services of the server from the DB */
- $services = $app->dbmaster->queryOneRecord('SELECT * FROM server WHERE server_id = ' . $server_id);
+ /** get the "active" Services of the server from the DB */
+ $services = $app->db->queryOneRecord('SELECT * FROM server WHERE server_id = ' . $server_id);
+ /*
+ * If the DB is down, we have to set the db to "yes".
+ * If we don't do this, then the monitor will NOT monitor, that the db is down and so the
+ * rescue-module can not try to rescue the db
+ */
+ if ($services == null) {
+ $services['db_server'] = 1;
+ }
/* The type of the Monitor-data */
$type = 'services';
@@ -589,7 +632,7 @@
/* Monitor BIND-Server */
$data['bindserver'] = -1; // unknown - not needed
if ($services['dns_server'] == 1) {
- if ($this->_checkTcp('localhost', 53)) {
+ if ($this->_checkUdp('localhost', 53)) {
$data['bindserver'] = 1;
} else {
$data['bindserver'] = 0;
@@ -607,7 +650,7 @@
$state = 'error'; // because service is down
}
}
-
+
/*
* Return the Result
*/
@@ -791,6 +834,28 @@
$state = 'info';
$data['output'] = shell_exec('glsa-check -pv --nocolor affected 2>/dev/null');
}
+ } elseif (file_exists('/etc/SuSE-release')) {
+
+ /*
+ * update and find the upgrade.
+ * if there is any output, then there is a needed update
+ */
+ $aptData = shell_exec('zypper -q lu');
+ if ($aptData == '') {
+ /* There is nothing to update! */
+ $state = 'ok';
+ } else {
+ /*
+ * There is something to update! this is in most cases not critical, so we can
+ * do a system-update once a month or so...
+ */
+ $state = 'info';
+ }
+
+ /*
+ * Fetch the output
+ */
+ $data['output'] = shell_exec('zypper --non-interactive up');
} else {
/*
* It is not Debian/Ubuntu, so there is no data and no state
@@ -937,37 +1002,94 @@
* Then calc the state.
*/
$state = 'ok';
- foreach ($data['output'] as $item) {
- /*
- * The output contains information for every RAID and every HDD.
- * We only need the state of the RAID
- */
- if (strpos($item, 'raidlevel:') !== false) {
+ if(is_array($data['output'])) {
+ foreach ($data['output'] as $item) {
/*
- * We found a raid, process the state of it
- */
- if (strpos($item, ' ONLINE ') !== false) {
- $this->_setState($state, 'ok');
- } elseif (strpos($item, ' OPTIMAL ') !== false) {
- $this->_setState($state, 'ok');
- } elseif (strpos($item, ' INITIAL ') !== false) {
- $this->_setState($state, 'info');
- } elseif (strpos($item, ' INACTIVE ') !== false) {
- $this->_setState($state, 'critical');
- } elseif (strpos($item, ' RESYNC ') !== false) {
- $this->_setState($state, 'info');
- } elseif (strpos($item, ' DEGRADED ') !== false) {
- $this->_setState($state, 'critical');
- } else {
- /* we don't know the state. so we set the state to critical, that the
- * admin is warned, that something is wrong
- */
- $this->_setState($state, 'critical');
+ * The output contains information for every RAID and every HDD.
+ * We only need the state of the RAID
+ */
+ if (strpos($item, 'raidlevel:') !== false) {
+ /*
+ * We found a raid, process the state of it
+ */
+ if (strpos($item, ' ONLINE ') !== false) {
+ $this->_setState($state, 'ok');
+ } elseif (strpos($item, ' OPTIMAL ') !== false) {
+ $this->_setState($state, 'ok');
+ } elseif (strpos($item, ' INITIAL ') !== false) {
+ $this->_setState($state, 'info');
+ } elseif (strpos($item, ' INACTIVE ') !== false) {
+ $this->_setState($state, 'critical');
+ } elseif (strpos($item, ' RESYNC ') !== false) {
+ $this->_setState($state, 'info');
+ } elseif (strpos($item, ' DEGRADED ') !== false) {
+ $this->_setState($state, 'critical');
+ } else {
+ /* we don't know the state. so we set the state to critical, that the
+ * admin is warned, that something is wrong
+ */
+ $this->_setState($state, 'critical');
+ }
}
}
}
}
}
+
+ /*
+ * 3ware Controller
+ */
+ system('which tw_cli', $retval);
+ if($retval === 0) {
+
+ $data['output'] = shell_exec('tw_cli info c0');
+
+ $state = 'ok';
+ foreach ($data['output'] as $item) {
+ if (strpos($item, 'RAID') !== false) {
+ if (strpos($item, ' VERIFYING ') !== false) {
+ $this->_setState($state, 'info');
+ }
+ else if (strpos($item, ' MIGRATE-PAUSED ') !== false) {
+ $this->_setState($state, 'info');
+ }
+ else if (strpos($item, ' MIGRATING ') !== false) {
+ $this->_setState($state, 'ok');
+ }
+ else if (strpos($item, ' INITIALIZING ') !== false) {
+ $this->_setState($state, 'info');
+ }
+ else if (strpos($item, ' INIT-PAUSED ') !== false) {
+ $this->_setState($state, 'info');
+ }
+ else if (strpos($item, ' REBUILDING ') !== false) {
+ $this->_setState($state, 'info');
+ }
+ else if (strpos($item, ' REBUILD-PAUSED ') !== false) {
+ $this->_setState($state, 'warning');
+ }
+ else if (strpos($item, ' RECOVERY ') !== false) {
+ $this->_setState($state, 'warning');
+ }
+ else if (strpos($item, ' DEGRADED ') !== false) {
+ $this->_setState($state, 'critical');
+ }
+ else if (strpos($item, ' UNKNOWN ') !== false) {
+ $this->_setState($state, 'critical');
+ }
+ else if (strpos($item, ' OK ') !== false) {
+ $this->_setState($state, 'ok');
+ }
+ else if (strpos($item, ' OPTIMAL ') !== false) {
+ $this->_setState($state, 'ok');
+ }
+ else {
+ $this->_setState($state, 'critical');
+ }
+ }
+ }
+ }
+
/*
* Return the Result
@@ -1069,7 +1191,58 @@
return $res;
}
+ public function monitorIPTables() {
+ global $conf;
+
+ /* the id of the server as int */
+ $server_id = intval($conf['server_id']);
+
+ /** The type of the data */
+ $type = 'iptables_rules';
+
+ /* This monitoring is only available if fail2ban is installed */
+ system('which iptables', $retval); // Debian, Ubuntu, Fedora
+ if ($retval === 0) {
+ /* Get the data of the log */
+ $data['output'] = '<h2>iptables -S (ipv4)</h2>'.shell_exec('iptables -S');
+
+ /*
+ * At this moment, there is no state (maybe later)
+ */
+ $state = 'no_state';
+ } else {
+ $state = 'no_state';
+ $data = '';
+ }
+
+
+ /* This monitoring is only available if fail2ban is installed */
+ system('which ip6tables', $retval); // Debian, Ubuntu, Fedora
+ if ($retval === 0) {
+ /* Get the data of the log */
+ $data['output'] .= '<br><h2>ip6tables -S (ipv6)</h2>'.shell_exec('ip6tables -S');
+
+ /*
+ * At this moment, there is no state (maybe later)
+ */
+ $state = 'no_state';
+ } else {
+ $state = 'no_state';
+ $data = '';
+ }
+
+ /*
+ * Return the Result
+ */
+ $res['server_id'] = $server_id;
+ $res['type'] = $type;
+ $res['data'] = $data;
+ $res['state'] = $state;
+ return $res;
+ }
+
public function monitorSysLog() {
+ global $app;
global $conf;
/* the id of the server as int */
@@ -1508,13 +1681,35 @@
}
private function _checkTcp($host, $port) {
-
+ /* Try to open a connection */
$fp = @fsockopen($host, $port, $errno, $errstr, 2);
if ($fp) {
+ /*
+ * We got a connection, this means, everything is O.K.
+ * But maybe we are able to do more deep testing?
+ */
+ if ($port == 80) {
+ /*
+ * Port 80 means, testing APACHE
+ * So we can do a deepter test and try to get data over this connection.
+ * (if apache hangs, we get a connection but a timeout by trying to GET the data!)
+ */
+ fwrite($fp, "GET / HTTP/1.0\r\n\r\n");
+ stream_set_timeout($fp, 5); // Timeout after 5 seconds
+ $res = fread($fp, 10); // try to get 10 bytes (enough to test!)
+ $info = stream_get_meta_data($fp);
+ if ($info['timed_out']) {
+ return false; // Apache was not able to send data over this connection
+ }
+ }
+
+ /* The connection is no longer needed */
fclose($fp);
+ /* We are able to establish a connection */
return true;
} else {
+ /* We are NOT able to establish a connection */
return false;
}
}
@@ -1543,6 +1738,64 @@
}
}
+ /**
+ * Set the state to the given level (or higher, but not lesser).
+ * * If the actual state is critical and you call the method with ok,
+ * then the state is critical.
+ *
+ * * If the actual state is critical and you call the method with error,
+ * then the state is error.
+ */
+ private function _setState($oldState, $newState) {
+ /*
+ * Calculate the weight of the old state
+ */
+ switch ($oldState) {
+ case 'no_state': $oldInt = 0;
+ break;
+ case 'ok': $oldInt = 1;
+ break;
+ case 'unknown': $oldInt = 2;
+ break;
+ case 'info': $oldInt = 3;
+ break;
+ case 'warning': $oldInt = 4;
+ break;
+ case 'critical': $oldInt = 5;
+ break;
+ case 'error': $oldInt = 6;
+ break;
+ }
+ /*
+ * Calculate the weight of the new state
+ */
+ switch ($newState) {
+ case 'no_state': $newInt = 0;
+ break;
+ case 'ok': $newInt = 1;
+ break;
+ case 'unknown': $newInt = 2;
+ break;
+ case 'info': $newInt = 3;
+ break;
+ case 'warning': $newInt = 4;
+ break;
+ case 'critical': $newInt = 5;
+ break;
+ case 'error': $newInt = 6;
+ break;
+ }
+
+ /*
+ * Set to the higher level
+ */
+ if ($newInt > $oldInt) {
+ return $newState;
+ } else {
+ return $oldState;
+ }
+ }
+
private function _getIntArray($line) {
/** The array of float found */
$res = array();
@@ -1559,4 +1812,4 @@
}
-?>
+?>
\ No newline at end of file
--
Gitblit v1.9.1