All posts by Don Matteo

How to Disable IPv6 on CentOS

IPv6 may be undesirable in certain situations, for systems that can run without IPv6, and only running on IPv4, the IPv6 protocol can be disabled.

On Red Hat and CentOS 7 the IPv6 stack can be disabled as follows

If one interface should run without IPv6, e.g. ens160.

Save the sysctl.conf file and enable the setting.

If you want to deactivate IPv6 during operation, the following command applies.

IPv6 is now disabled, a reboot is not necessary.

If the removal of IPv6 for running daemons is a disaster, e.g. SSH Server, the configuration can be changed.

Then restart the SSH daemon.

Postfix may also require to customize the ipv4 loopback interface.

With CentOS 6, the kernel module can be customized.

Disable the IPv6 stack.

Server reboots.

Checking for IPv6 addresses.

Nagios Monitoring on Raspberry Pi

How to Install Nagios on Raspberry Pi

Nagios OpenSource IT infrastructure Monitoring

Nagios consists of a collection of modules for monitoring networks, hosts and their specific services, as well as a web interface to display queries of the collected data. Nagios is under the GNU GPL, so it is free software and runs on numerous Unixoid operating systems. Because of its widespread use, Nagios has become a quasi-standard in professional use.

Nagios Monitoring with Raspberry Pi

Raspberry Pi with its fanless design, minimal dimensions and low power consumption, well suited as a single-board computer for a Nagios monitoring server that can even monitor itself.

INSTALLATION

The installation of Nagios Core 4 on the Raspberry’s own OS Raspbian, which is based on Debian, is unspectacular. Here in these instructions the procedure for a Raspberry Pi 3 Model B is shown, on a 32 GB microSD card type Class 10, a 16 GB microSD card would also suffice.

SanDisk Ultra SDHC I 16 GB – 80 /Sek, Class 10 microSD Card.

The provision of Raspbian on a microSD card is not discussed here in more detail. After booting a Raspbian desktop image, the LXTerminal is opened on the Raspbian X desktop and the root shell is started, in headless operation a VNC session can be started with VNCViewer, with the login as user pi and the default password raspberry. If you want to use the Raspbian Minimal Image, authentication via SSH to the Raspberry Pi is recommended.

After logging in as user pi, we want to become root.

First, all required packages are installed from the repository as a prerequisite.

Download and unzip the Nagios Core 4 source packages. The last release can be found here The core release as well as the agents and plugins are available on Github,

Compilie

Create the user nagios and the group. The Apache user www-data is also added to the nagios group.

Install the binaries.

Installing the service daemon files and configuring them for the boot process.

Installs and configures the external command file.

Just now * SAMPLE * configuration files will be installed. These are necessary because Nagios needs some configuration files to start.

Apache web server configuration files are installed and the Apache settings for Nagios are configured.

Port 80 must be permitted for incoming data traffic on the local firewall so that the Nagios Core web interface can be reached.

Answer yes to save the existing rules.

An Apache user account is created so that it can log into Nagios.

The following command creates a user account called nagiosadmin and a password is created for the account, now remember this password.

The Apache web server must be restarted.

Nagios Core will now start.

Nagios is now ready to be tested.

You will be asked to log in with your user name and password. The username is nagiosadmin (you created it in a previous step) and the password is what you provided earlier.

After successfully logging in, the Nagios Core web interface appears. Congratulations, you did it.

Nagios Core is now installed, the Nagios plugins are still required for operation. The error message appears: (No output on stdout) stderr: execvp(/usr/local/nagios/libexec/check_load .. this is normal, the standard plugins are installed in the following steps.

Plugin Installation

The following packages are installed from the repository as a prerequisite for installing the plugins.

Download and extract the source packages. The last plugin releases can get from nagios-plugins.org.

Compile and install packages.

Go to a host or service object and “Re-schedule the next check” in the Commands menu. The error that appeared before should now disappear and the correct output is displayed on the screen.

The daemon commands for start / stop / restart / status.

Nagios configuration

Now that the Nagios Core Server is ready for operation, it is time to create the configuration of the host and services that are to be monitored. Under /usr/local/nagios/etc the main configuration is nagios.cfg, here the paths to the configuration files are defined with cfg_file, the hosts to be monitored can be entered in a file hosts.cfg.

If it is to be more structured, there is the possibility to save the host and service configuration in the directories printers, routers, servers, switches, for this the file nagios.cfg is edited and the comment characters # (hash) are removed accordingly in cfg_dir =.

The .cfg files created in the directories are read out.

Example for a mail and web server with this IMAP and HTTPS is checked.

The Nagios server is restarted after each change.

A look at the Nagios log file can be worthwhile.

Additional configuration examples for Linux, Windows, printer routers and switches can be found under the objects directory.

Beispiel: Nagios Service Configuration

With remote agents such as NCPA, active checks can be carried out on Windows and Linux hosts; passive checks can be carried out using NRDP and NRPE, which provide values ​​on CPU load, memory usage, processes, user and disk usage.

Nagios Notification

In the file nagios.cfg and objects/contacts.cfg the recipient email  root@localhost can be left.

In the file nagios.cfg at admin_email.

Postfix is ​​used here as the mail transport agent for the Nagios email notification. This is installed and configured as follows.

During the installation you will be asked to select a mail server configuration, here we select Internet Site.

In order to be able to test the sending of emails later, the package mailutils is installed.

The Postfix main configuration main.cf is adapted.

At relayhost, the mail server is entered that allows Raspberry Pi to receive emails, if the Raspberry is behind a firewall with NAT, the public IP address of the mail server must be authorized for reception.

Set up an email address for root by editing the aliases file.

At the end a valid email address is entered so that mails from this host are delivered, here as an example it is helpdesk@banana.org, the colon for root: is mandatory.

The changes in the aliases file must still generate the aliases.db file.

The Postfix configuration also has to be read in and activated.

Now sending emails from Raspberry Pi, this can be done as follows.

An email should now be in the inbox of helpdesk@banana.org.

Read the email log can also provide further information here.

If the attempt to send returns the status=bounced, receipt on the mailer is not yet authorized. With Exchange, the IP address of the Raspberry Pi must be entered in the receive connector in the frontend transport under area definition for email received from servers with these remote IP addresses. For Postfix a smtpd_client_restrictions directive must exist in main.cf.

client_access file contains the IP address of the Raspberry Pi.

Postfix database still needs to be generated.

If the SMTP requests are accepted by the mailer, the queue process and delivery can take place.

How to disable automatic configuration IPv4 Link-Local APIPA

ZEROCONF commonly known as IPv4 Link-Local (IPv4LL) and Automatic Private IP Addressing (APIPA) uses the range 169.254.0.0/16 for network addresses. This APIPA addressing is activated by default, this are often not desired by system administrators.

Most Windows versions and Linux distributions use zero network configuration (ZEROCONF) to automatically configure the network without a central instance, i.e. without the need for a DHCP or DNS server to be present in a network. ZEROCONF published at IETF that plans and coordinates a number of dynamic protocols; it is intended to enable an operating system to automatically configure networks.

Under Windows APIPA ZEROCONF can be disale with the following registration, open the command prompt as administrator and run the REG command with copy & paste.

In Linux edit the network file will insert ZEROCONF = YES or NO.

On RedHat / Fedora / CentOS the configuration can do as follows.

For Debian and Ubuntu the avahi-daemon configuration has to be changed.

Now restart Debian / Ubuntu avahi-daemon.

The avahi-daemon should do not start automatically on system boot.

On Red Hat or CentOS.