From 959ae6956de4df8dd909f211535c2ccec6e302d8 Mon Sep 17 00:00:00 2001
From: Thl CMK <thl-cmk@outlook.com>
Date: Sun, 7 Jun 2020 21:47:24 +0200
Subject: [PATCH] update project
---
checkpoint_connections.mkp | Bin 2902 -> 3013 bytes
checks/checkpoint_fw_connections | 111 ++++++++++++++
packages/checkpoint_connections | 11 +-
.../metrics/checkpoint_fw_connections.py | 138 ++++++++++++++++++
web/plugins/wato/checkpoint_fw_connections.py | 34 +++++
5 files changed, 289 insertions(+), 5 deletions(-)
create mode 100644 checks/checkpoint_fw_connections
create mode 100644 web/plugins/metrics/checkpoint_fw_connections.py
create mode 100644 web/plugins/wato/checkpoint_fw_connections.py
diff --git a/checkpoint_connections.mkp b/checkpoint_connections.mkp
index 19ee413223db4e2051f4df719123bf4e86040774..67cf02bf942a1dfaa6c5ecbda0a5feeee9942142 100644
GIT binary patch
literal 3013
zcmV;$3p(^4iwFozMBQEj|6^!nV{344X>N31V{dM5Wn*+{Z*FrfGB7eQFg7qZE_N<3
zE-)@KE^TXY0PP%WZ`(%FpAGmwY!w6)uM$O4vYgXF1zP9YGn%AE;@o|31c4@37Hhta
zTv{~(|M#2OB_)y~Ey=Ro=CG4Ql$JBIv%B-y$86kS79Kn^=m5jPfIk7MPs8jF4vhYA
zcw!Dr!vH)(*H82Vq942fqzSWPLY}0N#m0Rj@Kv!=HV<QEL{jBquD#Ppo6Wth?cZEl
zY!ar-3&WdBCu9>l^i`#ENEC-AcI-yX4FgX0J`7wI#^iKP?Hh6)x&b3UyD?o@o=5C3
z2&j#?1bUje33Kg4`x1N!KGH?(GD^Z3VRLxI?zJ0OK!I!k<44D#4vA<yb1Y_&8PpI_
z>!!dlAy(j!i_`NC`TQ0>&Q9OMX9(P4{)UCjDoGGqjD873Bf>@Cg_bi-V-H%P%o&T4
zQLmRZUYmyz3$-x5=GZgWqY0pWRk(Ec^-_F|u({LOVp<SOnE=fSlm)%w1d*3Q6O*1#
zSq#0<Yh<8BcS?!Hl2y)PVX^RG`pG>C9#}rb<`qzjf^wA9pXTlBV*zuSNBPJWNA$Ep
zc1z<#Xn<nsCRn(BqTOmb{4tB~HQx=UG5v1}3gIBKp_$s7t2ZT_$g*#&>-_yd)1&?y
z<^Djzvx5u%U;8}?gFn$+|={|$X0{r}7O{}wm>7Pz(+xG8vEwsvt-tqy5z?UPy)
zz!naaSJa5x0_R0qbshxhTA2sIs?oh+QN4RZ3=!TCXLEEzeD3@Zy}|b(PBC^MYGdr+
zBIfS3h3<9Ls@&&^773r%TD`~Os$b=GuYxb4d~30{CB6Dz3WPOk-~<0G|8EZPd&U17
z$3yA=Uu^vAT=4UZzi~1+5zk}eAP@ijet$LodLPFBczFEM@!!8oz#%r{ZF>KW!mICk
zX%hFY+@KfTL8J^0Uy<(Lx`YOH=(xc(tOD4q`{o}cy6d`uLj%?gXS0N|5g8!j;VU3`
z=h`$#=!pFC;WPP#1~dlOf1X}>uARRlw<bsZk%!|EX^z5x^!ejESnG^PV_XHCw-8Pc
z$JC8CUA^BmPM{ELh#v}VYf}VKOlEQDi?37vh6`%(2v`?Ei9?y?dI^t;%#M1g6ZKr%
zk9s2dX$YK$`FBk})=)wabd90s`Yt2w*#c)57uJ<W-(iUggndI0nmQ2Lb1Q&(0#@fY
zwStAD(UO5*337f9(M%mWvr>;uJ$g$$<X`17vuv1m+)Y6h80bmzz;ZZe2J2$r0@E3N
zxNKYKP-1)33eu=rgXl1vR94?C@>g-tgUJx%BT<=ZzyKURPDU~&U-{bm6|CH$3akMz
z?KF--{b7mPHo$FlK=X86?Nl)Xy2wyChI)8^cz6iRi5uJkIf~OLL>pIQ>WH(9DNEyk
zT(&=i0qu~l_v$2LB-Hc)CXD(W5?Qh3Cmm8?DKsrZ`vmITfubk`E4@SIhIS+J;X3Yx
z9d*hjpPg#S85lsN=r=TnO4+B>FPD5oJ07pgcBxNtL7?LU%08q%q9FA-OhpSn%l5;W
zty+bAIHMq3OquIrW%$tWqpjAr7I3a9o1z}In{`HejeiyLnzWTF2L*Z_#zE~Y>&2m9
z?J6E1gux=VqVcC+&(76#X`rX~lm<9#B@N(hlm<t6PjQgNR`MX?MuE7F?I{uGv6V<1
zbE8b4<9kX39JZ1N@HR=4*;kbmi&x5Dval6)sW@j{Fuo;bp{yuD$tZDUS`+Lzx;v|(
z7!!T8+ykv)h&$Jz4?)?6weB5+i{D``M;%45T&`Wm;6tHz3*FARd9GXH+J<X|E_K%E
zxXo;$bA`s&DEB7HFw@LBCEP@ta2;A#ms&bp+y|+T<VwZEs%r$9L&czr0i#3Gz=c?1
zhiSmj;on+b3fh`SL_i{!hpXDMKsq8&lY;+1Y@umI394SdE)*9U(^k;d1kYZQab30?
z-zn>Hr@)nCh^9_fS_gV5;;07J+|F^;(P4Qu5`%oarQ;0!GDn>(F<}-(*Xe))<9n$*
z<5ViowOO;Ghz3r(UDw${2vseL&zXHExbb}%j!%9V^EYLI?p*3Q#1wM|@;y;rJLsDP
z#rJ%av6Qrb7{7K@e1$v;Erj}bqw@O772>P93XL5qL>>=xsbHvQ3^PtbTbHjC)b$Y&
zRh2Zog2&L=h*>(ICj!0fg{rJU$MTVa$(op`p(qcY6)oqR0%<x+13Nog+c4D=>aVP3
zmIcx+rkfdgLgQOlq)p4mdP>bMVv-$7DRV2C<_!hhix^Z;yt$6UG^!jpRT`XOmRA_l
zTPt?4Umv7h&C+w(13#K3wiOhc?pgkoW0BBxU?RTq5b(RLXol9;h8k`m8~jsOR1LQP
zSh8^0ynryk*F#f>2mCbqnxUw$n#9RI-)t3ot)F0$N&S@)HdeyDV43?H{ltWyfTV-s
zOjK?z!2aKE%u-mf3f`ps&JEH()TTNLa^e@wz$a7)69W|WU;jM)_58Q94;S6{XFrWb
zYxC@K5Y+TSzoO>ix#feEf#jE4RaASNiR3`ML8@9(b2BMK=UUSKW>SpLwX}oHv^+r9
z5+83SuB97pq{DDlM><jK&XF5O^tgFA&-s$7aU_?0T6Ct3omcg`YkHv<TU>CswN0!k
zogB)81_=@*NRS{wf&>W?BuJ1TL4pJc5*GC8d6Pd69+Us64^H|r|MMkamt6lR82`Hb
zPkpE_^FQG?;F-q2?92Smmw>hW&!Zg^Kmq?~>lDxod2<rz(KcD2N4067SsfcLL?k5B
zc#>HF(ljbR=LsKA3Ynk|ow)(!huukb(Lx-oiuX@k<?}Wo@6#7(hNx=O>H2gn@rNI`
zABj`W{G#Kutz4X*mkzqsPKJZy!mlM_R!LT7haSH%s~ASl!qWT4$%6?+4f1?``xtr5
z{p8_^N(}<x{hmii)Zb4ckpR^olF0qrU8cc)GGSs>lNMDjJ#9U1!+j*;xl0Wa6%LGv
z$Z^`Pi_E1!yND$6vhp;pCXocz!`;O5o1Uhlin(nKBH?j#>4Njt^7IS+^i00hx1v=x
zBMUPp`%G^2D9c*PJbBi$Q~##BA%iLFnKgflcjjv@p>J~29dh5PV~H;F5iCXOW<5*p
z^&Y`9OY5v>Dje4%xaKLJ^=#4iJc6mn1+8Vtox<)cvy93j%d+ur&9Y2ZVp+7@ZTXcm
zS?_b(d=|@`hYK{w>)49sXrj+J-Qjg`XP2jd)_K;tId3rnfQ%%e&^OM?!)2C^iC#y=
zEZtpfRe?p6eY51b69-|M`*6q%aUT}B)$PMW7@6Y1MEFq*GLtGZn4kiyPp1JQj_ot}
zWdqx}xm9ylte9G*=86PF+w!b<H?1tO9${`W@P|&}-_*y-IKrG`!H9oT*N5hL7gZSh
zyI~iGipI|t^|6wWS5Z>2wlE0lU|yhT_SaQ6D(o)e4%rK@E$HOA@7hYCn=|#=H3SqG
z%q?#=<yqXo#NhiynqEYpe?(y*uH~6oc^*KXLC}h^KP2c@Vop@hpTETZ-^TyD<7xJP
zYxe(iv%mWPzx07|e4v~9N&iId|H=KoUH1P>y{iwqy4e4V>9w1nGZV`fek%u^ThbQB
zm!wzxrot5b9EfO%`w&NkYZ&!c7X-!@fp!_u-nzWNitpM-g_|qXhn`Hvh2SRQQq3)=
zP8o+>q>)G4N9#$?d>$|c;ogZ$+qeq{PW1{Vec_C(I1&p)x}~)X@DenMxrDQT(Q6vF
zmo@(f#0RAz7S1t9e#L|P#j&_GjSK2A-<S{+5ds|-E~eCv*xmSN%S&jjD7CenLPz24
zzuM}|eX5(N)#7&fs@M|^N<bIIVd%ZoK)mcYJkc=Zlf%4>-;5VueT&)iDMtCR;(*2B
z_^9%9SAqly5+q2FAVGoz2@)hokRU;V1PKx(NRS{wf&>W?BuJ1TL4pJc|IhG0>+^ZU
H0C)fZrb5=O
literal 2902
zcma*o_ahXH<G^uyWUsS|>~#)h=FIG~ch*@)J!W<}j&M3FBD%y0QN|&A?;|tL%pUQO
zl<m;n=lS*f+xPYUBi@3kbaW%~Gp-aQug5Sizu=%JfniXupuj+wSJ;!Fz);zH@(QZ*
zD)$vY5g_^hQUC?`1(W@9Aq9OOW}loi`YU*DrH{PmS%A~4nQNfR%u+#6OWjr1H>sHk
zdF$MW=<^4hc7(OHF)TSH&BJN&`SQOFeYJ(?g8!hC!hw<h{`%|wI4<FN0hD~y!L>%<
zV6PFU^RV)XQfFKFo_5VIwt(N%tVv^ZbOca>Df6L3ugc)dg<*yq04itINW;oFKK<ah
zr?p#oA)Q-c>Ey7+?9~b*xcpO2h@Qd|RXQN%QQ_#KxyHPwn|6jlSg=J~;g5SE{?uXq
z3(CAvSO~2Vq-T2U7FvmJwtKmInc)F5&;X?(>Q9x|(^l_7scOk+*<hCaZlJvPo8ns?
z<hKNi^y|cdOdhQ9bHf$()+;i(f)bmkGi|4y-}0|`8ThDZN)WA{tg8!+8vO@`@k}L_
z25AJ3N^2BtO$HeAtb%*_>HY^8o^`lO%0(R>ExUT9x*V%3@q>nE#}ap%YjYhzwZ$OA
z3?qMA^m?NDisQ!)TYDH&a<Ql1^9|7~Jmw$!K^h;0{9`raiNPuMB}yh;g-8=SJWHdG
znS-D$6LIhBb%j^!-#DVmi_eN#jt-Uk8^1Ov(t{We)7$s{wp9=sk;g3(N7+3uE^CMq
zr^^m$B&YgTPEvUFT;>r;e-lwin+Z;A0_#b)xa~G)*b?&Dzoy0w^Wy1GSSO7%Wj~SG
zXfjJbyW9IR+01W%ENR%zD7&B{vvBC4D3pUaOB_v?85SVCE^RInC?IkOx5dj#8i@9}
z$Hofg=RK7D9bIUgwe1Tjea8DQBI4z2r7k19`Vv~bb^Y<OW}e0S22n?Vq8hdQiDy2Y
zQdlMpWv&Ba1)Rv=n9ydQkd7%+ImJPC5x(rYjII`W;UtN{C4_CU{HJB7z(I_5NO)+F
zF#!Y9U5WQ~I=pirwonVdlsS@sjVgT}9a#<Lv7QqS7ai-QMy?LuqQ4QO$$9;a|4SX)
zHz++iij9{iQ}z@6o^)-X$gnk_KgT*=bX%LHpI$NUC7m}dIEKxDQsTY%{o}oZ6nHU+
z=`MMAiSrU)CWoK)3hN=S&{3V#ZJpTmf;b*;H3M0Ym+WvIZ81|}12AuZ@YdE&c-m{N
z)o}c)iw?&CnV89o8H<hdUdz2YYU9h?*OI0E!yvXIF+|vN%w)~;(wOt4o2jmr$C$IO
zo|Yj1e>{vXM>J8>QfMp$zC@v+Q`r-|NM&ebuH|++h6a0nJz-pak)(YrzTJXXzm9rl
zoG~e9#6J+W#N9bDHEVqRBCH0~wwott7h?RREC#uZbEnKMRvxQ8uoQ#3TlZygFN*W>
zvfLFaqWniA&SxNw^S1@Sv|E&a!1N=3)9&ighmby-ErBv{+H4;mDzoI|FmGZ}qBfis
zxBt9~s;SqSy75Ta958eDP+K+&$t;SD4(iWw5hm3sB?`RyFvDPScc+v4Ua4jPNA<01
z<QF%5SV;JyeXB1`zDdcOT8VeP=^DN}cU(;K=L=-}D$Or%$VUWqi>MOcVXJ0Go@ZzC
zc6>9DnQ_0>LLj`ajfbL4yFHn1cMGQgxq4x?2&+b<(=4;jO$vA^q=$o{Utz9RV{5KV
zV!@hf!sROSO8gFA*7%jOs_-c(gHwL(ANNNcoT06^E#vwV@^$yr_R3SG)-~%EHlhAh
zIr{MsEQ4<$1oE@1$Z_9MYIVSsz90J&X;rQV7m<HotH)lDA~fWk=RU`-NDye*rb=hr
z(%oE^4hUM$12|*He&jNn4p`&W%tx)4HisBa<0C6mT>Vt)0KQoX7n#)zXAzrQo2O5u
zPU?!tK)q+U7$3C-1~*%{6eoU&PBAj)tPUhsg=PyEB*}PVICEeT)M-p*a=AVQ#b=K^
z(9Cq;$lE-`_R%%<mCXui_vPJB6bH_qDZ<bd>s6YD+}mp=yrN?>NcEY}nGK4j>0}!p
z>C@Y;P1YiigeY>^6OWUzuUks@MN+jalEiXn(?q9o4?;a!H*gQcQbIzE^lA+}oHG)I
z*-`xUOsDEEW87aQe&B)XRHlj%^yP=xq2Aa(PbVif>l6LTqC5cQ+|gF=`n``p^&dlk
z_{rkcWvp0nHBGP5$`&_Q;C7KMOez!Lz_Zzc(&5yAY+>Z(<gd7VZL9#!L~66^O!tzz
zaR<q<n)t{!wR-1f#7<NZMDhzVcVj_s1OQB>bn8$0`P5t!%I^7iF8B!>={zI9L8*Q)
z?2p~5?k`2=_bGPFF>^_e3F(hRi>dXE$;E6h`Qn$`gY3`8g;_XGj58c;T!6u-kLa9f
ze}x~LeIH*n&yh+g_G7k=sq_&%tv9)SZ~Ov)(urPDC+xlx%OgOz=T0UKi{-^RH{!}V
zH};XvNEX|9d4i4Smd*x`o}zdQL&vZK;7;V$Bsi|w<lhIeT8ZN`F4urMrrkNkm%eCO
zxRhiCc5a4}tJ`LlP+7+L^nR#Dx6M$*!qa|gO?$tnfEPcrnzx6M<MK>Iun@+*35U}=
zH7i7o$EfJ71qenMBGrrJrhHvb3BO0RpdqDpQ$I(~97+18QB(dEO25R^H97BKR@Dv+
z!y-Q^RsLan?~?G1m2wAv%aJO-9U@us`Qa^zT>cnYbBEwL3h63W9qCy80o~<&fO0zj
z+&k{=rrT4XpGs=0(`E{O14|WgYX@=_Sv(wFR^c5l%!R>lV$^B$MMvnI3?^c=*-1tn
zGq`U!%Z?oS7c088a)xv3jlrtC(w$05g-K=!mA;du+OK02YV;R!%!e6$_JwS~oRDt~
zn%*+f)1uj<)V^2^o0%vzJ1$nE;kKj)D~oOLgtT}5_XXipU$21u$M0iX%a+z-oTg16
z`YSZ`{vC+y=&`TRQqljbO9gj&J|sX~jvgUcRL5Fo?`lCQoH1u4%@a%n(Z+8sZvtW8
z=u-`vM08QvPawJ$kH{pyi9m273__?oX#>p3;JvPMaqd(X)vyckvza^PiFxzdRUeI$
zb0NmtPQWz5YE~^`%5_c2;#!|5o|kmZqyM<!=#viOhYO2V^dEzpT&0+<FHp<>c3+B+
z8MHP{DD1%?s}e^V0@fFA*qrs}WoVi-HFbEwzy<?!C5wes*%c$~lD<^w`#S!ig=P6U
zWB5Q_nbOtElE`)$TLe<qZ^dWNxS~4UCguz1MsJEQ{55TY>Pl`d+ONJq)7f#y=zZUJ
z|NMCFRv_%rY(#_kvEw3N%%7p2B*XG%yD}#T&+ePz6-7>Uq?T6maEGdRw;N}yj6b^|
zmYZI<u&gT-x*B#PqkLil$0Z-DXvwTus8tdiO|p}PA{?G=GWxcG1;iq`cmxkk^CT%&
zu)^i#nt0eDFt9*WKqrC|_l*5GV#cr9{wr748<SKCGr@9(OS`<^!~9znoeYeK#GjYp
z5Xr8nRuH(O0{Po!9#}ef+_0j3Z@$OT$f$R22V8~QAR{^A@?AEykC=(oJwAcKS{$vN
zaZ%$MXed>@M1AVpQ}2lF#t++tb*n`efbO+0l<CDb+R4Q!wIa}aoUcUHU0L2=WWhdv
z;2Kb9L(}R`PQ<oUn#+O@fmDAY2koxAL	go{khbo%hE0ncOr8CHDjzV7+n-eSbfr
z40{rJyT{8PdT?Ndf|lCvyMHmrP_kslb6syYp@n-@?;UuMdTT{EYffrPZDozMyRQmU
vCu!F)aMoXV@QEvzi_>(z?XpR4zHn604boZn|7(*(OQOV=O@1efA|v}BT2hWc
diff --git a/checks/checkpoint_fw_connections b/checks/checkpoint_fw_connections
new file mode 100644
index 0000000..0acd07b
--- /dev/null
+++ b/checks/checkpoint_fw_connections
@@ -0,0 +1,111 @@
+#!/usr/bin/python
+# -*- encoding: utf-8; py-indent-offset: 4 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL : https://thl-cmk.hopto.org
+# Date : 2018-03-17
+# #
+# rewrite of the original checkpoint_connections check from check_mk
+#
+# added connection statistic details for tcp/udp/icmp/other .....
+#
+# 29.05.2018 : added connection limit (fwConnTableLimit)
+# 31.05.2020 : changed form checkpoint_connections to checkpoint_fw_connections
+# changed to checkpoint_fw_connections_default_levels to
+# factory_settings['checkpoint_fw_connections_defaults']
+# 07.06.2020 : code cleanup
+# added wato
+# wadded warn/crit for connection rate
+#
+
+factory_settings['checkpoint_fw_connections_defaults'] = {
+ # 'warncritconcurrent': (1000, 2000),
+ # 'warncritnew': (100, 200)
+}
+
+
+def inventory_checkpoint_fw_connections(info):
+ return [(None, {})]
+
+
+def check_checkpoint_fw_connections(item, params, info):
+ fwConnectionsStat, fwpolicystat = info
+
+ fwConnectionsTcp, fwConnectionsUdp, fwConnectionsIcmp, fwConnectionsOther, fwConnectionsSum, fwConnectionRate = fwConnectionsStat[0]
+ fwCurrnetNumConn, fwPeakNumConn, fwConnTableLimit = fwpolicystat[0]
+
+ now_time = time.time()
+
+ fwConnectionsTcp = get_rate('checkpoint_fw_connections.%s.%s' % ('fwConnectionsTcp', item), now_time, int(fwConnectionsTcp), onwrap=SKIP)
+ fwConnectionsUdp = get_rate('checkpoint_fw_connections.%s.%s' % ('fwConnectionsUdp', item), now_time, int(fwConnectionsUdp), onwrap=SKIP)
+ fwConnectionsIcmp = get_rate('checkpoint_fw_connections.%s.%s' % ('fwConnectionsIcmp', item), now_time, int(fwConnectionsIcmp), onwrap=SKIP)
+ fwConnectionsOther = get_rate('checkpoint_fw_connections.%s.%s' % ('fwConnectionsOther', item), now_time, int(fwConnectionsOther), onwrap=SKIP)
+ fwConnectionsSum = get_rate('checkpoint_fw_connections.%s.%s' % ('fwConnectionsSum', item), now_time, int(fwConnectionsSum), onwrap=SKIP)
+ fwConnectionRate = int(fwConnectionRate)
+
+ fwCurrnetNumConn = int(fwCurrnetNumConn)
+ fwPeakNumConn = int(fwPeakNumConn)
+ fwConnTableLimit = int (fwConnTableLimit)
+
+ if fwConnTableLimit == 0:
+ fwConnTableLimit = 'automatically adjusted'
+
+ perfdata = [('fwconnectionstcp', fwConnectionsTcp),
+ ('fwconnectionsudp', fwConnectionsUdp),
+ ('fwconnectionsicmp', fwConnectionsIcmp),
+ ('fwconnectionsother', fwConnectionsOther),
+ ('fwconnectionssum', fwConnectionsSum),
+ ('fwpeaknumconn', fwPeakNumConn)
+ ]
+
+ for info, unit, counter, value, warncrit in [
+ ('current: ', '', 'fwcurrnetnumconn', fwCurrnetNumConn, 'warncritconcurrent'),
+ ('rate: ', '/s', 'fwconnectionrate', fwConnectionRate, 'warncritrate')
+ ]:
+ if params.get(warncrit):
+ warn, crit = params[warncrit]
+ else:
+ warn = None
+ crit = None
+ perfdata.append((counter, value, warn, crit))
+ if crit != None and value >= crit:
+ yield 2, info + '%d' % value + unit + ' (>=%d)' % crit
+ elif warn != None and value >= warn:
+ yield 1, info + '%d' % value + unit + ' (>=%d)' % warn
+ else:
+ yield 0, info % value
+
+ yield 0, 'peak: %d' % fwPeakNumConn
+ yield 0, 'table limit: %s' % fwConnTableLimit
+
+ yield 0, '', perfdata
+
+
+check_info['checkpoint_fw_connections'] = {
+ 'check_function': check_checkpoint_fw_connections,
+ 'inventory_function': inventory_checkpoint_fw_connections,
+ 'service_description': 'Firewall connections',
+ 'has_perfdata': True,
+ 'group': 'checkpoint_fw_connections',
+ 'default_levels_variable': 'checkpoint_fw_connections_defaults',
+ 'snmp_scan_function': lambda oid: (
+ (oid('.1.3.6.1.2.1.1.2.0').startswith('.1.3.6.1.4.1.2620.1.6.123.1') or # CheckPoint System
+ oid('.1.3.6.1.2.1.1.2.0') in ['.1.3.6.1.4.1.8072.3.2.10', ]) and # Virtual System (Linux)
+ oid('.1.3.6.1.4.1.2620.1.1.26.11.1.0')), # CHECKPOINT-MIB::fwConnectionsStatConnectionsTcp.0
+ 'snmp_info': [('.1.3.6.1.4.1.2620.1.1.26.11', [ # CHECKPOINT-MIB::fwConnectionsStat
+ '1', # fwConnectionsStatConnectionsTcp
+ '2', # fwConnectionsStatConnectionsUdp
+ '3', # fwConnectionsStatConnectionsIcmp
+ '4', # fwConnectionsStatConnectionsOther
+ '5', # fwConnectionsStatConnections
+ '6', # fwConnectionsStatConnectionRate
+ ]),
+ ('.1.3.6.1.4.1.2620.1.1.25', [ # CHECKPOINT-MIB::fwPolicyStat
+ '3', # fwNumConn
+ '4', # fwPeakNumConn
+ '10', # fwConnTableLimit
+ ])
+ ]
+}
\ No newline at end of file
diff --git a/packages/checkpoint_connections b/packages/checkpoint_connections
index d0bf7a0..4862016 100644
--- a/packages/checkpoint_connections
+++ b/packages/checkpoint_connections
@@ -1,11 +1,12 @@
{'author': u'Th.L. (thl-cmk[at]outlook[dot]com)',
'description': u'Monitor Check Point Firewall connection statistics.\n\nRewrite of the original check.\nAdded perfdata for peak connections and TCP, UDP, ICMP, other and total connection rate\n',
'download_url': 'https://thl-cmk.hopto.org',
- 'files': {'checks': ['checkpoint_connections'],
- 'web': ['plugins/metrics/checkpoint_connections.py']},
+ 'files': {'checks': ['checkpoint_fw_connections'],
+ 'web': ['plugins/metrics/checkpoint_fw_connections.py',
+ 'plugins/wato/checkpoint_fw_connections.py']},
'name': 'checkpoint_connections',
- 'num_files': 2,
+ 'num_files': 3,
'title': u'Check Point Connections',
- 'version': '20180731.v.0.0.1',
+ 'version': '20200607.v.0.0.2',
'version.min_required': '1.2.8b8',
- 'version.packaged': '1.4.0p35'}
\ No newline at end of file
+ 'version.packaged': '1.4.0p38'}
\ No newline at end of file
diff --git a/web/plugins/metrics/checkpoint_fw_connections.py b/web/plugins/metrics/checkpoint_fw_connections.py
new file mode 100644
index 0000000..9df7757
--- /dev/null
+++ b/web/plugins/metrics/checkpoint_fw_connections.py
@@ -0,0 +1,138 @@
+#!/usr/bin/python
+# -*- encoding: utf-8; py-indent-offset: 4 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL : https://thl-cmk.hopto.org
+# Date : 2018-03-17
+#
+# Check Point Firewall connections metrics plugins
+# checkpoint_fw_connections
+#
+
+##############################################################################
+#
+# define units for perfdata
+#
+##############################################################################
+
+##############################################################################
+#
+# define metrics for perfdata
+#
+##############################################################################
+
+metric_info['checkpoint_fw_connections_fwconnectionstcp'] = {
+ 'title': _('TCP connections'),
+ 'unit': '1/s',
+ 'color': '11/a',
+}
+metric_info['checkpoint_fw_connections_fwconnectionsudp'] = {
+ 'title': _('UDP connections'),
+ 'unit': '1/s',
+ 'color': '21/a',
+}
+metric_info['checkpoint_fw_connections_fwconnectionsicmp'] = {
+ 'title': _('ICMP connections'),
+ 'unit': '1/s',
+ 'color': '31/a',
+}
+metric_info['checkpoint_fw_connections_fwconnectionsother'] = {
+ 'title': _('Other connections'),
+ 'unit': '1/s',
+ 'color': '41/a',
+}
+metric_info['checkpoint_fw_connections_fwconnectionssum'] = {
+ 'title': _('Total connections'),
+ 'unit': '1/s',
+ 'color': '26/a',
+}
+metric_info['checkpoint_fw_connections_fwconnectionrate'] = {
+ 'title': _('Connections rate'),
+ 'unit': '1/s',
+ 'color': '42/a',
+}
+
+metric_info['checkpoint_fw_connections_fwcurrentnumconn'] = {
+ 'title': _('Current connections'),
+ 'unit': 'count',
+ 'color': '26/a',
+}
+metric_info['checkpoint_fw_connections_fwpeaknumconn'] = {
+ 'title': _('Peak Connections'),
+ 'unit': 'count',
+ 'color': '23/a',
+}
+
+
+##############################################################################
+#
+# map perfdata to metric
+#
+##############################################################################
+
+
+check_metrics['check_mk-checkpoint_fw_connections'] = {
+ 'fwconnectionstcp': {'name': 'checkpoint_fw_connections_fwconnectionstcp', },
+ 'fwconnectionsudp': {'name': 'checkpoint_fw_connections_fwconnectionsudp', },
+ 'fwconnectionsicmp': {'name': 'checkpoint_fw_connections_fwconnectionsicmp', },
+ 'fwconnectionsother': {'name': 'checkpoint_fw_connections_fwconnectionsother', },
+ 'fwconnectionssum': {'name': 'checkpoint_fw_connections_fwconnectionssum', },
+ 'fwconnectionrate': {'name': 'checkpoint_fw_connections_fwconnectionrate', },
+ 'fwcurrentnumconn': {'name': 'checkpoint_fw_connections_fwcurrentnumconn', },
+ 'fwpeaknumconn': {'name': 'checkpoint_fw_connections_fwpeaknumconn', },
+}
+
+##############################################################################
+#
+# how to graph perdata
+#
+##############################################################################
+
+graph_info.append({
+ 'title': _('Check Point Firewall Connections per second'),
+ 'metrics': [
+ ('checkpoint_fw_connections_fwconnectionstcp', 'stack'),
+ ('checkpoint_fw_connections_fwconnectionsudp', 'stack'),
+ ('checkpoint_fw_connections_fwconnectionsicmp', 'stack'),
+ ('checkpoint_fw_connections_fwconnectionsother', 'stack'),
+ ('checkpoint_fw_connections_fwconnectionssum', 'line'),
+ ('checkpoint_fw_connections_fwconnectionrate', 'line'),
+ ],
+})
+
+graph_info.append({
+ 'title': _('Check Point Firewall Connections count'),
+ 'metrics': [
+ ('checkpoint_fw_connections_fwpeaknumconn', 'line'),
+ ('checkpoint_fw_connections_fwcurrentnumconn', 'area'),
+ ],
+ 'scalars': [
+ ('checkpoint_fw_connections_fwcurrentnumconn:crit', _('crit')),
+ ('checkpoint_fw_connections_fwcurrentnumconn:warn', _('warn')),
+ ],
+})
+
+
+##############################################################################
+#
+# define perf-o-meter
+#
+##############################################################################
+
+
+perfometer_info.append(('stacked', [
+ {
+ 'type': 'logarithmic',
+ 'metric': 'checkpoint_fw_connections_fwcurrentnumconn',
+ 'half_value': 100000.0,
+ 'exponent': 2,
+ },
+ {
+ 'type': 'logarithmic',
+ 'metric': 'checkpoint_fw_connections_fwconnectionssum',
+ 'half_value': 1000.0,
+ 'exponent': 2,
+ },
+]))
diff --git a/web/plugins/wato/checkpoint_fw_connections.py b/web/plugins/wato/checkpoint_fw_connections.py
new file mode 100644
index 0000000..bc646da
--- /dev/null
+++ b/web/plugins/wato/checkpoint_fw_connections.py
@@ -0,0 +1,34 @@
+#!/usr/bin/python
+# -*- encoding: utf-8; py-indent-offset: 4 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL : https://thl-cmk.hopto.org
+# Date : 2020-06-07
+#
+register_check_parameters(
+ subgroup_applications,
+ 'checkpoint_fw_connections',
+ _('Check Point Firewall Connections'),
+ Dictionary(
+ elements=[
+ ('warncritconcurrent',
+ Tuple(
+ title=_('Levels for number of concurrent active connections'),
+ elements=[
+ Integer(title=_('Warning at'), default_value=1000, unit=_('Count'), allow_empty=False),
+ Integer(title=_('Critical at'), default_value=2000, unit=_('Count'), allow_empty=False),
+ ])),
+ ('warncritrate',
+ Tuple(
+ title=_('Levels for number of new connections/s'),
+ elements=[
+ Integer(title=_('Warning at'), default_value=100, unit=_('Count'), allow_empty=False),
+ Integer(title=_('Critical at'), default_value=200, unit=_('Count'), allow_empty=False),
+ ])),
+ ],
+ ),
+ None,
+ match_type='dict',
+)
\ No newline at end of file
--
GitLab