All posts by wouter

Sophos UTM Firewall Zabbix monitoring template

I recently build my own Sophos UTM firewall based on the home license and wanted to get it under Zabbix monitoring. I’ve been using Zabbix for at least 8 years now and i recommend  it as a (enterprise grade) monitoring system.

I’ve build an Template for public use, see: http://wouter.borremans.nl/computer-related-howto/programming/zabbix-monitoring-template-sophos-utm-firewall/

Using a shell script to enable Proxy servers under MacOS X

I often use a proxy server over a SSH tunnel when i’m in public places.   I found it sometimes annoying to click through the dialogs Controlpanel -> Network -> Advanced -> Proxies. I thought i would create a script which enables or disables the proxy settings for me for either the Ethernet or Wireless adapter on my macbook.

The shell scripts uses the commandline tool “networksetup”  to alter the settings.

The “enable proxy” script: (this script also builds the tunnel to a proxy server over port 443)

#!/bin/sh
echo "Connecting to , provide password for username@server.com if prompted"
echo "Enabling proxy for HTTP (please provide admin password if prompted)"
sudo networksetup -setwebproxystate Ethernet on
sudo networksetup -setwebproxystate wi-fi on
echo "Enabling proxy for HTTPS (please provide admin password if prompted)"
sudo networksetup -setsecurewebproxystate Ethernet on
sudo networksetup -setsecurewebproxystate wi-fi on
ssh user@server.com -p443 -L3128:localhost:3128 -o TCPKeepAlive=yes -g
exit

 

The “disable proxy” script:

#!/bin/sh
echo "Disabling proxy for HTTP and HTTPS"
sudo networksetup -setwebproxystate Ethernet off
sudo networksetup -setsecurewebproxystate Ethernet off
sudo networksetup -setwebproxystate wi-fi off
sudo networksetup -setsecurewebproxystate wi-fi off
echo "Done."
exit

Howto: Two-Factor authentication on Ubuntu 12.04 LTS

For a more secure terminal (SSH) environment, you can add a second factor to authenticate a user. I personally run Ubuntu and i implemented the Google Authenticator on my Ubuntu system using the Google Authenticator Library of Google in combination with my iPhone with the Google Authenticator App.

See the following howto:

http://wouter.borremans.nl/computer-related-howto/how-to/howto-two-factor-authentication-ubuntu-12-04-lts-using-google-authenticator/

Synology DHCP Server and Firewall

I own a Synology DS211j. As i wanted to use an alternative DHCP mechanism to support custom nameservers i ran into the Synology DHCP Server package, straight-forward and easy to use. Additionally i’ve the Synology  firewall configured to deal with a few ports that are opened to the Internet.

This quick howto gives you tips on how to configure your Synology firewall to work together with the DHCP server package:

Synology DHCP Server and Firewall

Zabbix 1.8.6 released

Zabbix 1.8.6 has been released on August 4th. Within this relase several new features have been added and even more improvements are implemented:

On-demand reload of configuration cache

Added ability to force configuration cache reload of a running server and proxy, which, in the case of active proxy, will also force config re-read from the server.

Strict parsing of configuration files

Zabbix will complain if there are unsupported attributes in server, proxy or agent configuration files.

Compatibility with PostgreSQL 9.x

It is safe to use Zabbix with the latest releases of PostgreSQL.

Monitoring of LVM devices

Added performance monitoring of LVM devices.

Download the new release here: http://www.zabbix.com/download.php