PfSense 2.3 Check_mk working with xinetd
-
Like previous post, it works so good
Thx -
Tested on 2.3.1
works !! :)Thanks
-
All worked then I came back to work the next week and found the agent is unreachable. I went through the steps againt and found that the filter file changed back to default settings and is missing the line:
fwrite($xinetd_fd, "includedir /opt/etc/xinetd.d");If I re-add the line again, the agent works again. How do I make that filter file save the changes persistently through a reboot?
-
Thank you, worked like a charm.
-
After a update to 2.3.1_1 the filter.inc have to edit again.
and a filter reload. -
Make it update-persistent
Problem: After an update the filter.inc has to be modified again.
Solution: Modify the /etc/inc/filter.inc-file automatically via cron-Script.A) Create the cron-script
vi /opt/filter_check_mk_cron
#!/bin/sh
grep includedir /etc/inc/filter.inc
if [ $? -eq 0 ]
then
exit 0
else
awk '/Close file handle/{print "fwrite($xinetd_fd, "includedir /opt/etc/xinetd.d");"}1' /etc/inc/filter.inc > /etc/inc/filter.inc.temp
mv /etc/inc/filter.inc.temp /etc/inc/filter.inc
fi
exit 0B) Make it executable
chmod +x /opt/filter_check_mk_cron
C) Create the cron-job
In the web-ui go to
System -> Package Manager
If cron is not installed -> installThen open Services -> Cron and click on Add
*/15 * * * * root /opt/filter_check_mk_cron
This will check the config-file every 15 Minutes
Somebody might want to create an official package by now? :)
-
FJerusalem,
Good idea to cron job a script to add in the needed line to the filter.inc. It might be worth modifying your script so it finds the line based on the fclose statement, rather than the comment. It's unlikely, but if and update adds an identical comment to the filter.inc file it could mess it up. I've used the below script.
#!/bin/sh grep includedir /etc/inc/filter.inc if [ $? -eq 0 ] then exit 0 else awk '/fclose\(\$xinetd_fd\)\;/{print "fwrite($xinetd_fd, \"includedir /opt/etc/xinetd.d\");"}1' /etc/inc/filter.inc > /etc/inc/filter.inc.temp mv /etc/inc/filter.inc.temp /etc/inc/filter.inc fi exit 0 -
All worked then I came back to work the next week and found the agent is unreachable. I went through the steps againt and found that the filter file changed back to default settings and is missing the line:
fwrite($xinetd_fd, "includedir /opt/etc/xinetd.d");If I re-add the line again, the agent works again. How do I make that filter file save the changes persistently through a reboot?
Hmm, I haven't yet had the filter.inc file revert on just a reboot, it normally only happens when there is an update that overrides the filter.inc file. Like this bug fix introduced in 2.3.1 . https://redmine.pfsense.org/issues/6307
Are you running the nano version of pfsense? Pre 2.3.1 the filesystem is set to read only by default.
Thankfully, FJerusalem's script will make the changes for you.
-
Thank you very much for the manual solution. Any intentions to continue to develop the package?
-
Trying to get this running on pfSense 2.3.3 for external monitoring and I am running into a problem.
When I modify filter.inc and then reload filter I get this message in the System Log
"Unable to read included directory: /opt/etc/xinetd.d [file=/var/etc/xinetd.conf] [line=1]"The /var/etc/xinetd.conf files contains
includedir /opt/etc/xinetd.dI am not sure if I have made an error, or something otherwise is happening.
-
Thanks for a working Check_MK Agent on pfSense!
I've written a simple local check for Check_MK to check whether a new version of pfSense is available. Maybe someone is interested in it.
Create a new file (I've named it "check_version.php") in your $LOCALDIR of Check_MK (which is "$MK_LIBDIR/local") containing the following content:
#! /usr/bin/env php include "pkg-utils.inc"; $info = get_system_pkg_version(); if ($info["installed_version"] == $info["version"]) { echo "0 pfSense_Version - No new update available\n"; } else { echo "1 pfSense_Version - Version " . $info["version"] . " available\n"; }Make it executable: chmod +x check_version.php
You probably don't want to check for a new version on every run of check_mk_agent, so move the script into a subfolder containing the run interval as the name. I've saved the script to $LOCALDIR/3600/check_update.php so it will be executed every hour.
-
Thank you for the guide!
Everything it still works for me under 2.4rc - just remember to grab a new libstatgrab-0.91.txz for Freebsd11.
Best, Bernd
-
I've also updated pfSense (in my case the final release of version 2.4) and can confirm it still works. I didn't had to grab a new libstatgrab, it just works for me out of the box (I only had to add the additional include in /etc/inc/filter.inc just like on every update).
-
Hey guys
I just updated to 2.4 and started getting these errors:
**EDIT / SOLVED
Needed to update libstatgrab
fetch http://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/libstatgrab-0.91.txz && pkg install libstatgrab-0.91.txz -
After an upgrade to 2.4(.1) I seem to be getting errors now with the Memory Used plugin: UNKNOWN - check failed - please submit a crash report!
(The crash report says: KeyError: 'MemTotal')Agent output:
Relevant Check_MK output:<<<mem>>> SwapTotal: 782336 kB SwapFree: 782336 kB</mem> ```(No MemTotal line) My copy of the agent includes a <<<mem>>> section:Memory Usage
currently we'll need sysutils/muse for this.
if [ -x /usr/local/bin/muse ]
then
echo '<<<mem>>>'yes, i don't know sed well.
muse -k 2>/dev/null | sed 's/Total/MemTotal/' | sed 's/Free/MemFree/'
swapinfo -k 1K | tail -n 1 | awk '{ print "SwapTotal: "$2" kB\nSwapFree: "$4" kB" }'
fi</mem>I've installed muse with 'fetch http://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/muse-0.2.txz && pkg install muse-0.2.txz' But 'muse -k' outputs:kvm_open: kvm_nlist: No such file or directory
kvm_open: kvm_nlist: No such file or directory
kvm_open: kvm_nlist: No such file or directory
kvm_open: kvm_nlist: No such file or directory
kvm_nlist failedPossibly the <<<mem>>> code no longer works? It looks like it used to be in check_mk_agent.freebsd but is not there now. EDIT: I realised we are using an old, customised version of the agent. I'm not willing to update wholesale at this point, but this seems to work now, from a less old version of the agent. It also means we don't have to install muse now.Memory Usage. First we try statgrab, since
muse does not seem to support >4GB
if [ -x /usr/local/bin/statgrab ] ; then
echo '<<<mem>>>'
statgrab -K mem.total mem.free swap.total swap.free |
awk '{gsub(/swap./,"Swap");}{gsub(/mem./,"Mem");}{gsub(/tot/,"Tot");}{gsub(/free/,"Free");} { print $1": "$3" kB"}'
elif [ -x /usr/local/bin/muse ] ; then
echo '<<<mem>>>'
muse -k 2>/dev/null | sed 's/Total/MemTotal/' | sed 's/Free/MemFree/'
swapinfo -k 1K | tail -n 1 | awk '{ print "SwapTotal: "$2" kB\nSwapFree: "$4" kB" }'
fi</mem></mem> -
Just update /opt/bin/check_mk_agent with the newest version available from http://git.mathias-kettner.de/git/?p=check_mk.git;a=blob_plain;f=agents/check_mk_agent.freebsd;hb=HEAD and install libstatgrab for the memory display to work (fetch http://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/libstatgrab-0.91.txz && pkg install libstatgrab-0.91.txz)
-
Didn't work for me (pfSense 2.4.2-RELEASE-p1 (amd64)). I did all steps without any problems, but after reloading the filters, nothing happens. Nothing with xinetd or check_mk in the system logs and I can't to "nc localhost 6556" or "telnet localhost 6556".
-
Didn't work for me (pfSense 2.4.2-RELEASE-p1 (amd64)). I did all steps without any problems, but after reloading the filters, nothing happens. Nothing with xinetd or check_mk in the system logs and I can't to "nc localhost 6556" or "telnet localhost 6556".
Does the Check_MK Agent work if called from the terminal?
Try to execute "/opt/bin/check_mk_agent" on your pfSense host.
And what exact error are you getting if you try to reach port 6556? Connection refused? Connection timed out?
A filter reload should show nothing special (i.e. does not contain anything with check_mk). But you should see something like "readjusting service check_mk" in "Status -> System Logs -> System -> General" after reloading the filters.
After a filter reload, the file "/var/etc/xinetd.conf" should contain a line "includedir /opt/etc/xinetd.d". /opt/etc/xinetd.d should be a directory containing your xinetd config file for Check_MK.
Also make sure, xinetd is running: "ps ax | grep xinetd" should return something like "/usr/local/sbin/xinetd -syslog daemon -f /var/etc/xinetd.conf -pidfile /var/run/xinetd.pid"
-
Worked perfectly for me on 2.4.2!
Really appreciate the instructions!
Thank you!!!!!!!
-
Didn't work for me (pfSense 2.4.2-RELEASE-p1 (amd64)). I did all steps without any problems, but after reloading the filters, nothing happens. Nothing with xinetd or check_mk in the system logs and I can't to "nc localhost 6556" or "telnet localhost 6556".
Does the Check_MK Agent work if called from the terminal?
Try to execute "/opt/bin/check_mk_agent" on your pfSense host.
And what exact error are you getting if you try to reach port 6556? Connection refused? Connection timed out?
A filter reload should show nothing special (i.e. does not contain anything with check_mk). But you should see something like "readjusting service check_mk" in "Status -> System Logs -> System -> General" after reloading the filters.
After a filter reload, the file "/var/etc/xinetd.conf" should contain a line "includedir /opt/etc/xinetd.d". /opt/etc/xinetd.d should be a directory containing your xinetd config file for Check_MK.
Also make sure, xinetd is running: "ps ax | grep xinetd" should return something like "/usr/local/sbin/xinetd -syslog daemon -f /var/etc/xinetd.conf -pidfile /var/run/xinetd.pid"
HI,
I have also a problem with check_mk and xinetd.check_mk works from the terminal. I cannot find a xinetd-process on my box. Also, after reloading the filters (with the manually added line to include /opt/etc/xinetd.d) I only find
Feb 24 16:58:45 check_reload_status Reloading filter
in the logs. /var/etc/xinetd.conf is emptyps doesn't show a xinetd.
How do I start xinetd on pfsense? Shouldn*t it be running by default?
Any help appreciated,
Karl
