nbuchwitz / check_opnsense Goto Github PK
View Code? Open in Web Editor NEWCheck script for opnsense firewall
License: GNU General Public License v2.0
Check script for opnsense firewall
License: GNU General Public License v2.0
hi,
is there a list what I can check which modules are available ? For example how can I check the interfaces, traffic, local health ... etc. maybe it is possible to extend the plugin and replace SNMP.
hello
each time i enter the whole code i got a error and the line brake with error
./check_opnsense.py -H 10.147.42.7 --api-key gZY632BtFxwZrkQ9w
maybe because the code is soooo long to use
and to help my self i wrote down what to do...
http://wombat3.kozo.ch/j/icinga-list/9780-icinga2-add-opnsense
please have a look and tell me if i am wrong or how to make it better
around 22.7.x (couldn't find anything in the update history) the api seems to have partially changed and the check now doesn't get to know about new updates.
content of 'status' is now 'update' instead of 'ok', 'status_upgrade_action' has disappeared.
good news is, that the number of updates has not to be counted any more but is reported as 'status_msg'.
here is a recent result of a current api request (22.7.8):
{"api_version":"2","connection":"ok","downgrade_packages":[],"download_size":"25MiB","last_check":"Tue Dec 20 12:54:59 CET 2022","needs_reboot":"1","new_packages":[],"os_version":"FreeBSD 13.1-RELEASE-p3","product_id":"opnsense","product_target":"opnsense","product_version":"22.7.8","reinstall_packages":[],"remove_packages":[],"repository":"ok","upgrade_major_message":"","upgrade_major_version":"","upgrade_needs_reboot":"0","upgrade_packages":[{"name":"ca_root_nss","repository":"OPNsense","current_version":"3.83","new_version":"3.85"},{"name":"git","repository":"OPNsense","current_version":"2.38.1_3","new_version":"2.38.1_4"},{"name":"glib","repository":"OPNsense","current_version":"2.74.1,2","new_version":"2.74.2_1,2"},{"name":"opnsense","repository":"OPNsense","current_version":"22.7.8","new_version":"22.7.9_3"},{"name":"opnsense-update","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"php80","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ctype","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-curl","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-dom","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-filter","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-gettext","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ldap","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-mbstring","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-pdo","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-session","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-simplexml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sockets","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sqlite3","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-xml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-zlib","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"py39-Babel","repository":"OPNsense","current_version":"2.10.3","new_version":"2.11.0"},{"name":"readline","repository":"OPNsense","current_version":"8.1.2","new_version":"8.2.0"},{"name":"sqlite3","repository":"OPNsense","current_version":"3.39.3_1,1","new_version":"3.40.0,1"},{"name":"suricata","repository":"OPNsense","current_version":"6.0.8_1","new_version":"6.0.9_1"},{"name":"base","size":"114228228","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"kernel","size":"32275752","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"}],"upgrade_sets":[],"product":{"product_abi":"22.7","product_arch":"amd64","product_check":{"api_version":"2","connection":"ok","downgrade_packages":[],"download_size":"25MiB","last_check":"Tue Dec 20 12:54:59 CET 2022","needs_reboot":"1","new_packages":[],"os_version":"FreeBSD 13.1-RELEASE-p3","product_id":"opnsense","product_target":"opnsense","product_version":"22.7.8","reinstall_packages":[],"remove_packages":[],"repository":"ok","upgrade_major_message":"","upgrade_major_version":"","upgrade_needs_reboot":"0","upgrade_packages":[{"name":"ca_root_nss","repository":"OPNsense","current_version":"3.83","new_version":"3.85"},{"name":"git","repository":"OPNsense","current_version":"2.38.1_3","new_version":"2.38.1_4"},{"name":"glib","repository":"OPNsense","current_version":"2.74.1,2","new_version":"2.74.2_1,2"},{"name":"opnsense","repository":"OPNsense","current_version":"22.7.8","new_version":"22.7.9_3"},{"name":"opnsense-update","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"php80","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ctype","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-curl","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-dom","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-filter","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-gettext","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ldap","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-mbstring","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-pdo","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-session","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-simplexml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sockets","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sqlite3","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-xml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-zlib","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"py39-Babel","repository":"OPNsense","current_version":"2.10.3","new_version":"2.11.0"},{"name":"readline","repository":"OPNsense","current_version":"8.1.2","new_version":"8.2.0"},{"name":"sqlite3","repository":"OPNsense","current_version":"3.39.3_1,1","new_version":"3.40.0,1"},{"name":"suricata","repository":"OPNsense","current_version":"6.0.8_1","new_version":"6.0.9_1"},{"name":"base","size":"114228228","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"kernel","size":"32275752","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"}],"upgrade_sets":[]},"product_copyright_owner":"Deciso B.V.","product_copyright_url":"https://www.deciso.com/","product_copyright_years":"2014-2022","product_crypto":"OpenSSL","product_email":"[email protected]","product_flavour":"OpenSSL","product_hash":"107b07d90","product_id":"opnsense","product_latest":"22.7.9","product_license":[],"product_log":1,"product_mirror":"https://pkg.opnsense.org/FreeBSD:13:amd64/22.7","product_name":"OPNsense","product_nickname":"Powerful Panther","product_repos":"OPNsense","product_series":"22.7","product_time":"Fri Nov 25 07:17:19 CET 2022","product_version":"22.7.8","product_website":"https://opnsense.org/"},"all_packages":{"base":{"reason":"upgrade","old":"22.7.7","new":"22.7.9","repository":"OPNsense","name":"base"},"ca_root_nss":{"reason":"upgrade","old":"3.83","new":"3.85","repository":"OPNsense","name":"ca_root_nss"},"git":{"reason":"upgrade","old":"2.38.1_3","new":"2.38.1_4","repository":"OPNsense","name":"git"},"glib":{"reason":"upgrade","old":"2.74.1,2","new":"2.74.2_1,2","repository":"OPNsense","name":"glib"},"kernel":{"reason":"upgrade","old":"22.7.7","new":"22.7.9","repository":"OPNsense","name":"kernel"},"opnsense":{"reason":"upgrade","old":"22.7.8","new":"22.7.9_3","repository":"OPNsense","name":"opnsense"},"opnsense-update":{"reason":"upgrade","old":"22.7.7","new":"22.7.9","repository":"OPNsense","name":"opnsense-update"},"php80":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80"},"php80-ctype":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-ctype"},"php80-curl":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-curl"},"php80-dom":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-dom"},"php80-filter":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-filter"},"php80-gettext":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-gettext"},"php80-ldap":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-ldap"},"php80-mbstring":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-mbstring"},"php80-pdo":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-pdo"},"php80-session":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-session"},"php80-simplexml":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-simplexml"},"php80-sockets":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-sockets"},"php80-sqlite3":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-sqlite3"},"php80-xml":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-xml"},"php80-zlib":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-zlib"},"py39-Babel":{"reason":"upgrade","old":"2.10.3","new":"2.11.0","repository":"OPNsense","name":"py39-Babel"},"readline":{"reason":"upgrade","old":"8.1.2","new":"8.2.0","repository":"OPNsense","name":"readline"},"sqlite3":{"reason":"upgrade","old":"3.39.3_1,1","new":"3.40.0,1","repository":"OPNsense","name":"sqlite3"},"suricata":{"reason":"upgrade","old":"6.0.8_1","new":"6.0.9_1","repository":"OPNsense","name":"suricata"}},"all_sets":[],"status_msg":"There are 26 updates available, total download size is 164.7MiB. This update requires a reboot.","status_reboot":"1","status":"update"}
Hi there - using debian 10 and 11:
Even though I'm using the -k -switch to turn off certificate-validation I'm getting the following error:
./check_opnsense.py -k -H myopnsensebox.local --api-key "" --api-secret "" -m updates
UNKNOWN - Could not connect to OPNsense: Certificate validation failed
Any ideas on that?
Already tried setting verify=False in the script with the same result...
Best regards and thanks in advance.
Florian
hello
your example
./check_pve.py -H <OP
is wrong!
should be something like
./check_opnsense.py -H
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.