Posts

Showing posts from 2019

Using zabbit agent, not able to retrieve value from nmap command.

Recently I've playing with zabbix installation and I faced this issue.

From the Zabbix agent issue command

zabbix_agentd -s zabbix-agent -k "openvpn[x.x.x.x]"

manage to retrieve text value.

But from the zabbix server issue command

zabbix_get -s zabbix-agent -k "openvpn[x.x.x.x]"

empty value return from the zabbix agent.

The zabbix script look like this.

Timeout=30
UserParameter=openvpn[*],nmap -sT $1 -p 443 |grep 443 | awk -F " " '{print $$2}'

After searching the around, i found the solution.
First add the capabilities to Nmap.
sudo setcap cap_net_raw,cap_net_admin,cap_net_bind_service+eip /usr/bin/nmap
Then add additional parameter into the script.
Timeout=30 UserParameter=openvpn[*],nmap --privileged -sT $1 -p 10443 |grep 10443 | awk -F " " '{print $$2}'
Once the agent restarted, the script will be working again.


---

How to allow non root user to execute hping command ?

If you run hpingcommand without root permission or without sudo and you receive this error :

[open_sockraw] socket(): Operation not permitted
[main] can't open raw socket

This command might be able to help you.

sudo setcap cap_net_raw+ep /usr/bin/hping3

(or any location of the hping command)

setcap command is to set file capabilities.

What are filesystem capabilities? For the purpose of performing permission checks, traditional Unix implementations distinguish two categories of processes: privileged processes (whose effective user ID is 0, referred to as superuser or root), and unprivileged processes (whose effective UID is non-zero). Privileged processes bypass all kernel permission checks, while unprivileged processes are subject to full permission checking based on the process's credentials (usually: effective UID, effective GID, and supplementary group list).  Starting with kernel 2.2, Linux divides the privileges traditionally associated with superuser into distinct units, k…

Magic Quadrant for WAN Edge Infrastructure

Image
Magic Quadrant for WAN Edge Infrastructure - Gartner Published 18 October 2018 - ID G00351467 - 61 min read
WAN edge infrastructure is changing rapidly as I&O leaders responsible for networking face dynamic business requirements, including new application architectures and on-premises and cloud-based deployment models. I&O leaders can use this research to identify vendors that best fit their requirements.
Strategic Planning Assumption
By year-end 2023, more than 90% of WAN edge infrastructure refresh initiatives will be based on virtualized customer premises equipment (vCPE) platforms or software-defined WAN (SD-WAN) software/appliances versus traditional routers (up from less than 40% today).

Market Definition/Description

WAN edge infrastructure enables network connectivity from distributed enterprise locations to access resources in both private and public data centers as well as cloud (as a service). It is typically procured by senior networking leaders within an infrastructur…