I made a following script that check every 5 minutes to check firewall is up or not, if firewall down that raise an alert only 1 time, but following script generate an alert every 5 minutes according to cronjob:
****************************************************
FILE="/var/log/fwstatus"
CHK="/tmp/fwstatus"
service iptables status | if grep ESTABLISHED 1> /dev/null 2> /dev/null
then
rm -f $CHK
echo "Firewall Running on Server"
if test -f $CHK
then
echo "Not Sending an Email"
exit
fi
else
echo `date` | tee $FILE
echo | tee -a $FILE
echo "Firewall not Running" | tee -a $FILE
echo | tee -a $FILE
echo "Starting a Firewall Service" | tee -a $FILE
echo | tee -a $FILE
/scripts/fw-scripts/fw | tee -a $FILE (This is IPTABLES Script)
if test $? = 0
then
echo "FW Run" | tee -a $FILE
else
echo "FW Stop" | tee -a $FILE
fi
echo "Now sending mail"
$MAILPROG -s "$SUBJECT" "$EMAIL" < $FILE
echo "Creating Tmp File"
touch $CHK
fi
****************************************************
Script help abt firewall alert
-
securitykid
- Naik
- Posts: 70
- Joined: Sat Oct 20, 2007 5:18 am
interesting:
some one else copy your script too
http://www.unix.com/shell-programming-s ... cript.html
some one else copy your script too
http://www.unix.com/shell-programming-s ... cript.html
SecurityKID-ITdotCOM
Security Every Where! BUT where?
Security Every Where! BUT where?