Friday, May 17, 2013

Configuring Gmail as a Sendmail email relay


 In this configuration tutorial I will guide you through the process of configuring sendmail to be an email relay for your gmail or google apps account. This allows you to send email from your bash scripts, hosted website or from command line using mail command. Other examples where you can utilize this setting is for a notification purposes such or failed backups etc. Sendmail is just one of many utilities which can be configured to rely on gmail account where the others include postfix, exim , ssmpt etc. In this tutorial I will use Debian and sendmail for this task.

Install prerequisites

# apt-get install sendmail mailutils sendmail-bin 

Create Gmail Authentication file

# mkdir -m 700 /etc/mail/authinfo/
# cd /etc/mail/
next we need to create a auth file with a following content. File can have any name, in this example the name is gmail-auth:
AuthInfo: "U:root" "" "P:xxxxxxxxx"
Replace the above email with your gmail or google apps email.
Please note that in the above password example you need to keep 'P:' as it is not a part of the actual password.
In the next step we will need to create a hash map for the above authentication file:
# makemap hash gmail-auth < gmail-auth

Configure your sendmail 

Put bellow lines into your configuration file right above first "MAILER" definition line:
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
define(`confAUTH_OPTIONS', `A p')dnl
FEATURE(`authinfo',`hash -o /etc/mail/gmail-auth.db')dnl
Do not put the above lines on the top of your configuration file !
In the next step we will need to re-build sendmail's configuration. To do that execute:
# make -C /etc/mail
Reload sendmail service:
/etc/init.d/sendmail reload
and you are done.

Configuration test

Now you can send an email from your command line using mail command:
echo "Just testing my sendmail gmail relay" | mail -s "Sendmail gmail Relay"

To monitor SNMP supported devices like switches, router, firewall, UPS, Thermometer we need not to check actively the status of device. SNMP supported device provides trap incase of status change as described in MIB file of that device.
 SNMP Trap monitoring
The scenario is about nagios acting as a "manager" or (part of) a Network Management System (NMS), receiving messages from "Trap Agents" - conceptually similar to NSCA agents sending msgs to the NSCA Daemon with interacts with a Nagios passive service (add links), except that the values to be checked and the thresholds that trigger a message are handled with snmp tools.


To accept and process all traps from snmp supported devices we need to install few packages.
Following is the list of packages:
  • snmpd
  • snmp
  • snmptt
  • libnet-snmp-perl
  • libsnmp-perl
  • libsnmp-python
  • libconfig-inifiles-perl
Installation methods:
All above mentioned packages are available in our repositories we can install it as follows
apt-get install snmpd snmp libnet-snmp-perl libsnmp-perl libsnmp-python libconfig-inifiles-perl libconfig-inifiles-perl snmptt                                                                           
Now it is required to start snmpd service at boot time so we need to add it startup 
insserv snmpd


[ Note :  * In configuration part you need to remove those parameters which written with RED color and add  those parameters which written with GREEN colour. ]

vim /etc/snmp/snmpd.conf
  • agentAddress udp:                     ###     (remove this line )
  •  agentAddress  udp:              ###    (add this line)

In  /etc/defaults/snmp update following parameters. 
==>Default TRAPD is disabled
  • TRAPDRUN=no  
 Which is required to enable So enable it by changing "no" to "yes"
  • TRAPDRUN=yes  
  • TRAPDOPTS='-n -Lf /var/log/snmptrapd.log -p /var/run/'
==>Default SNMPD is enabled
  • SNMPDRUN=yes
Which is not required to enable So disable it by changing "yes" to "no" 

In  /etc/snmp/snmptrapd.conf  update following parameters. Add following lines.
  • disableAuthorization yes
  •  traphandle default /usr/sbin/snmptthandler

In  /etc/snmp/snmptt.ini  update following parameters.
  •  mode = daemon
  •  net_snmp_perl_enable = 1
  •  net_snmp_perl_best_guess = 2
  •  translate_log_trap_oid = 2
  •  remove_backslash_from_quotes = 1
  •  description_mode = 2
  •  date_time_format = %Y-%m-%d %H:%M:%S
  •  unknown_trap_log_enable = 1
  •  DEBUGGING_FILE = /var/log/snmptt.debug
  •  DEBUGGING = 0 
 Update follwoing perameteres if you want to configure smtp with eventdb
  •  db_translate_enterprise = 1
  •  db_unknown_trap_format = 'Unknown Trap: $-*'
  •  mysql_dbi_enable = 1
  •  mysql_dbi_host = <eventdb database host)
  •  mysql_dbi_database = <eventdb database name>
  •  mysql_dbi_table = <eventdb table name for known traps>
  •  mysql_dbi_table_unknown = <eventdb table name for known traps>
  •  mysql_dbi_username = <Username for eventdb database access>
  •  mysql_dbi_password = < Password for eventdb database access>
  •  date_time_format_sql = %Y-%m-%d %H:%M:%S
  •  stat_time_format_sql = %Y-%m-%d %H:%M:%S

Upload Trap definition for devices

Generate trap definition from mibs for all devices by following command and add those file names in /etc/snmp/snmptt.ini

snmpttconvertmib --in=MIBFILE --out=/etc/snmp/snmptt.conf --exec='/usr/local/nagios/libexec/eventhandlers/submit_check_result $A TRAP <STATUS_NO_NAGIOS>' 

For Example:
snmpttconvertmib --in=MIBFILE --out=/etc/snmp/snmptt.conf --exec='/usr/local/nagios/libexec/eventhandlers/submit_check_result $A TRAP 2' 

$A is the hostipaddress can be found in received traps
TRAP is the service defined on host 
2 is the status of service which you can have in nagios

Create Service in NAGIOS

Now create service (like. TRAP) in NAGIOS with following parameters.
EXAMPLE : Service name TRAP 
define service{ 
name trap-service 
register 0 
service_description TRAP 
is_volatile 1 
check_command check-host-alive 
max_check_attempts 1 
normal_check_interval 1 
retry_check_interval 1 
passive_checks_enabled 1 
check_period never
notification_interval 0 
contact_groups admins
check_period 24x7 
max_check_attempts 3 
normal_check_interval 15 
retry_check_interval 5 
active_checks_enabled 1 
passive_checks_enabled 0 
parallelize_check 1 
obsess_over_service 0 
check_freshness 0 
event_handler_enabled 0 
flap_detection_enabled 0 
process_perf_data 1 
retain_status_information 1 
retain_nonstatus_information 1 
notification_interval 60 
notification_period 24x7 
notification_options w,u,c,r 
notifications_enabled 1 



#Description  : This script will write a command to the Nagios command file to cause Nagios to process a passive service check result. Note: This script is intended to be run on the same host that is running Nagios  Main host and it will send those traps on that host to nagios instances if the trap found for the device configured on any of the nagios instance.
##Change Log  :
# Arguments:
#  $1 = ipaddress of host that the service is associated with
#  $2 = svc_description (Description of the service)
#  $3 = return_code (An integer that determines the state of the service check, 0=OK, 1=WARNING, 2=CRITICAL, 3=UNKNOWN).
#  $4 = plugin_output (A text string that should be used as the plugin output for the service check)
#binary paths

#Nagios CommandFile in which command will be passed to nagios 


#gets nagios instance and host_name of the source of trap from the ipaddress

host_name=`/usr/bin/mysql --skip-column-names -u $db_user -p$db_passwd $db_name -e"select instance_id,display_name from nagios_hosts where address=\"$1\"" | /usr/bin/expand -t 1`
instance=`echo $host_name|cut -d' ' -f1`
host_name=`echo $host_name|cut -d' ' -f2`

# get the current date/time in seconds since UNIX epoch

datetime=`date +%s`

# check thwe instance and forward nagios command to respected nagios instance

if [ $instance -eq 1 ]
#       append the command to the end of the command file
        echo "[$datetime] PROCESS_SERVICE_CHECK_RESULT;$cmdline" >> $CommandFile
        print "Unknown. Host not found."

Wednesday, May 1, 2013

Recieving and Sending SNMP TRAP Configuration

SNMP Traps

Sending SNMP traps on a Remote Linux/Windows System 

Download SNMP Trap sender from following link.
Now Edit input file and change ip address of remote host where you want to send snmp traps.
Change "-d" to your destination host.
execute like as under
root@localhost:~#./trapgen -f input
 AND same time check the syslog file of remote SNMPTRAP manager syst
root@localhost:~# tail -f /var/log/syslog

Receive and handle SNMP traps on a Linux system


This is a quickstart guide on howto get an Ubuntu or Debian Linux system to listen for SNMP traps, and log them. In SNMP parlance, where' talking about configuring a linux system to be a "manager". We're not talking about how to monitor a linux host by means of SNMP.
We'll cover the basics of how to get it up and running, and provide some pointers to where to go next.


It is assumed you have a basic understanding of what SNMP is, and are looking for a generic way to collect SNMP-generated messages (a.k.a. "trap's") from 1 or more devices onto a "manager" system, for centralized monitoring.
You might be interested in a generic, linux-based solution because this allows you to connect SNMP-based monitoring to other central monitoring solutions such as a central syslog server and/or a Nagios monitoring system.
It is assumed that you have a working linux system where you want to implement this. The following guide is based on Debian Squeeze and will most likele work as-is on other Debian bases server systems such as Ubuntu. It should also work on other linux sysems, though some details such as names of packages, commands and config files may be different.

Basic Setup

                                       apt-get install snmpd
this installs a number of snmp-related tools, including snmptrapd, which is the one we need to be able to listen for "traps"
snmpbulkget    snmpdf         snmpnetstat    snmptranslate  snmpwalk
snmpbulkwalk   snmpget        snmpset        snmptrap       
snmpconf       snmpgetnext    snmpstatus     snmptrapd      
snmpd          snmpinform     snmptable      snmpusm        
snmpdelta      snmpkey        snmptest       snmpvacm   
snmptrapd does not start up by default, you need to enable it in /etc/defaults/snmp ; it will then be started by /etc/init.d/snmpd (if /etc/snmp/snmptrapd.conf exists

we don't need to run snmpd if we only want to recive traps, rather than monitor this system by snmp, so we can disable it:
Also have a look at the other default options : Debian sets them to "log to syslog" by default, so that traps will be reported in /var/log/syslog. This is OK for us (for now)
snmptrapd will not accept any traps unless they're "authorized" in /etc/snmp/snmptrapd.conf :

# simple test catch-all for any trap that has community=public
authCommunity log,execute,net public
Restart snmpd to get all the changes applied, then check if it works by sending a test trap (from the local host, and from a remote system) :
  • local :
                                                                  snmptrap -v1 -c public localhost . 0 0 "" "" . s "hello"
  • remote:
                                                                        snmptrap -v1 -c public myserver . 0 0 "" "" . s "hello" 
result : /var/log/syslog should now show te submitted trap msg :

May 1 12:35:00 localhost snmptrapd[1594]: 2013-05-01 12:35:00 UDP: []:51633->[]) TRAP, SNMP v1, community public#012# Cold Start Trap (0) Uptime: 0:26:53.33#012# = STRING: "hello"
this shows snmptrapd is working: it is capable of receiving snmp traps and handling them (in this case: logging them to syslog)

Further configuration

further config will involve :
  1. define traps on the monitored hosts
  2. add appropriate authorization config for those hosts in /etc/snmp/snmptrapd.conf  see

More on Trap Handling


Now you have snmptrapd logs in local syslog file. By configuring SYSLOG server you can integrate your snmp traps in a centralised syslog configuration.


