Recently read an article through Nagios to realize MD5 real-time monitoring iptables status, I would like to see if the shell can also do monitoring iptables rule changes, after the experiment, there is the following script.
System: CentOS 5.x
Script content:
Cat check_iptables.sh
Copy Code code as follows:
#!/bin/bash
if [!-F. Count];then
Iptables-l-n|md5sum|awk ' {print $} ' > ~/.count
Exit 1
Else
Iptables-l-n|md5sum|awk ' {print $} ' >~/1.txt
Difffile= ' diff ~/.count ~/1.txt|wc-l '
if [[$difffile = 0]];then
echo "File is ok!"
Sleep 1
Rm-f ~/1.txt
Else
echo "File is no ok!"
Cat ~/1.txt >~/.count
Sleep 1
Rm-f ~/1.txt
Fi
Fi
and throw it in the crontab. Check every 3 minutes.
Copy Code code as follows:
chmod +x/root/check_iptables.sh
*/3 * * * */bin/sh/root/check_iptables.sh
Of course you can also add an email alert to inform iptables that the rules have changed.