summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSeth Mos <seth.mos@xs4all.nl>2008-06-16 19:58:58 +0000
committerSeth Mos <seth.mos@xs4all.nl>2008-06-16 19:58:58 +0000
commit614d23110c8314f4dab8f96f6f12818c29f96784 (patch)
tree8dfec5ed599f15b5df981c54d0ebaf8edca21150
parent224d8bc3156a0d79c1b3b7f50e687d74c9584d17 (diff)
downloadpfsense-614d23110c8314f4dab8f96f6f12818c29f96784.zip
pfsense-614d23110c8314f4dab8f96f6f12818c29f96784.tar.gz
Add apinger configuration and gateway monitoring.
-rw-r--r--etc/inc/pfsense-utils.inc131
-rw-r--r--etc/inc/system.inc3
2 files changed, 134 insertions, 0 deletions
diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc
index b8812c7..6508aeb 100644
--- a/etc/inc/pfsense-utils.inc
+++ b/etc/inc/pfsense-utils.inc
@@ -4166,4 +4166,135 @@ $span_begin = "";
}
}
+/* add static routes for monitor IP addresse
+ * creates monitoring configuration file
+ */
+function setup_gateways_monitor() {
+ global $config;
+ global $g;
+
+ /* killoff all old apinger processes */
+ mwexec("/sbin/killall apinger");
+
+ $fd = fopen("{$g['varetc_path']}/apinger.conf", "w");
+ $apingerconfig = <<<EOD
+
+# pfSense apinger configuration file. Automatically Generated!
+
+## User and group the pinger should run as
+user "nobody"
+group "nobody"
+
+## Mailer to use (default: "/usr/lib/sendmail -t")
+#mailer "/var/qmail/bin/qmail-inject"
+
+## Location of the pid-file (default: "/var/run/apinger.pid")
+pid_file "{$g['varrun_path']}/apinger.pid"
+
+## Format of timestamp (%s macro) (default: "%b %d %H:%M:%S")
+#timestamp_format "%Y%m%d%H%M%S"
+
+status {
+ ## File where the status information whould be written to
+ file "/tmp/apinger.status"
+ ## Interval between file updates
+ ## when 0 or not set, file is written only when SIGUSR1 is received
+ interval 10s
+}
+
+########################################
+# RRDTool status gathering configuration
+# Interval between RRD updates
+rrd interval 60s;
+
+## These parameters can be overriden in a specific alarm configuration
+alarm default {
+ command on "touch /tmp/filter_dirty"
+ command off "touch /tmp/filter_dirty"
+ combine 10s
+}
+
+## "Down" alarm definition.
+## This alarm will be fired when target doesn't respond for 30 seconds.
+alarm down "down" {
+ time 10s
+}
+
+## "Delay" alarm definition.
+## This alarm will be fired when responses are delayed more than 200ms
+## it will be canceled, when the delay drops below 100ms
+alarm delay "delay" {
+ delay_low 200ms
+ delay_high 500ms
+}
+
+## "Loss" alarm definition.
+## This alarm will be fired when packet loss goes over 20%
+## it will be canceled, when the loss drops below 10%
+alarm loss "loss" {
+ percent_low 10
+ percent_high 20
+}
+
+target default {
+ ## How often the probe should be sent
+ interval 1s
+
+ ## How many replies should be used to compute average delay
+ ## for controlling "delay" alarms
+ avg_delay_samples 10
+
+ ## How many probes should be used to compute average loss
+ avg_loss_samples 50
+
+ ## The delay (in samples) after which loss is computed
+ ## without this delays larger than interval would be treated as loss
+ avg_loss_delay_samples 20
+
+ ## Names of the alarms that may be generated for the target
+ alarms "down","delay","loss"
+
+ ## Location of the RRD
+ rrd file "{$g['vardb_path']}/rrd/apinger-%t.rrd"
+}
+
+## Targets to probe
+## Each one defined with:
+## target <address> { <parameter>... }
+## The parameters are those described above in the "target default" section
+## plus the "description" parameter.
+## the <address> should be IPv4 or IPv6 address (not hostname!)
+
+EOD;
+
+ /* add static routes for each gateway with their monitor IP */
+ if(is_array($config['gateways']['gateway_item'])) {
+ foreach($config['gateways']['gateway_item'] as $gateway) {
+ if($gateway['monitor'] == "") {
+ $gateway['monitor'] = $gateway['gateway'];
+ }
+ $apingerconfig .= "target \"{$gateway['monitor']}\" {\n";
+ $apingerconfig .= " description \"{$gateway['name']}\"\n";
+ $apingerconfig .= "}\n";
+ $apingerconfig .= "\n";
+ if($gateway['monitor'] == $gateway['gateway']) {
+ /* if the gateway is the same as the monitor we do not add a
+ * route as this will break the routing table */
+ continue;
+ } else {
+ mwexec("/sbin/route add -host " . escapeshellarg($gateway['monitor']) .
+ " " . escapeshellarg($gateway['gateway']));
+ }
+ }
+ }
+ fwrite($fd, $apingerconfig);
+ fclose($fd);
+
+ /* start a new apinger process */
+ mwexec("/usr/local/bin/apinger -c {$g['varetc_path']}/apinger.conf");
+
+ return 0;
+}
+
+
?>
diff --git a/etc/inc/system.inc b/etc/inc/system.inc
index a4746d7..baf8c88 100644
--- a/etc/inc/system.inc
+++ b/etc/inc/system.inc
@@ -305,6 +305,9 @@ function system_routing_configure() {
fclose($fd);
}
+ /* create routes for gateways and setup monitoring */
+ setup_gateways_monitor();
+
return 0;
}
OpenPOWER on IntegriCloud