diff --git a/cisco_vpn_tunnel-0.4.0-20230607.mkp b/cisco_vpn_tunnel-0.4.0-20230607.mkp
new file mode 100644
index 0000000000000000000000000000000000000000..caf319ae4986237fae6e42e4770e93d1e0b94ad5
Binary files /dev/null and b/cisco_vpn_tunnel-0.4.0-20230607.mkp differ
diff --git a/cisco_vpn_tunnel.mkp b/cisco_vpn_tunnel.mkp
index 29d37d1b291d301ee969286efbc7c50d0d5c90d0..caf319ae4986237fae6e42e4770e93d1e0b94ad5 100644
Binary files a/cisco_vpn_tunnel.mkp and b/cisco_vpn_tunnel.mkp differ
diff --git a/gui/metrics/cisco_vpn_tunnel.py b/gui/metrics/cisco_vpn_tunnel.py
new file mode 100644
index 0000000000000000000000000000000000000000..45025ae1cb167b2066149b07633e508baf1420b9
--- /dev/null
+++ b/gui/metrics/cisco_vpn_tunnel.py
@@ -0,0 +1,329 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL : https://thl-cmk.hopto.org
+# Date : 2017-12-29
+#
+# Cisco VPN Tunnel metrics plugin
+#
+
+from cmk.gui.i18n import _
+
+from cmk.gui.plugins.metrics.utils import (
+ metric_info,
+ graph_info,
+ perfometer_info,
+)
+
+#####################################################################################################################
+#
+# define metrics for bgp peer perfdata
+#
+#####################################################################################################################
+
+
+metric_info['cisco_vpn_tunnel_cikeTunActiveTime'] = {
+ 'title': _('IKE active time'),
+ 'help': _(''),
+ 'unit': 's',
+ 'color': '26/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunInOctets'] = {
+ 'title': _('IKE Bytes in'),
+ 'unit': 'bytes/s',
+ 'color': '11/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutOctets'] = {
+ 'title': _('IKE Bytes out'),
+ 'help': _(''),
+ 'unit': 'bytes/s',
+ 'color': '21/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunInPkts'] = {
+ 'title': _('IKE packets in'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '31/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutPkts'] = {
+ 'title': _('IKE packets out'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '41/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunInDropPkts'] = {
+ 'title': _('IKE packets dropped in'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '12/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutDropPkts'] = {
+ 'title': _('IKE packets dropped out'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '22/a',
+}
+
+metric_info['cisco_vpn_tunnel_cikeTunInNotifys'] = {
+ 'title': _('IKE in notifies'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '32/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutNotifys'] = {
+ 'title': _('IKE out notifies'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '42/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunInP2Exchgs'] = {
+ 'title': _('IKE in phase 2 exchanges'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '13/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutP2Exchgs'] = {
+ 'title': _('IKE out phase 2 exchanges'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '23/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunInP2ExchgInvalids'] = {
+ 'title': _('IKE in phase 2 exchanges invalid'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '33/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutP2ExchgInvalids'] = {
+ 'title': _('IKE out phase 2 exchanges invalid'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '43/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunInP2ExchgRejects'] = {
+ 'title': _('IKE in phase 2 exchanges rejected'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '14/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutP2ExchgRejects'] = {
+ 'title': _('IKE out phase 2 exchanges rejected'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '24/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunInP2SaDelRequests'] = {
+ 'title': _('IKE in phase 2 SA delete requests'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '34/a',
+}
+metric_info['cisco_vpn_tunnel_cikeTunOutP2SaDelRequests'] = {
+ 'title': _('IKE out phase 2 SA delete requests'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '44/a',
+}
+
+# IPSec counter
+
+metric_info['cisco_vpn_tunnel_cipSecTunActiveTime'] = {
+ 'title': _('IPSec active time'),
+ 'help': _(''),
+ 'unit': 's',
+ 'color': '26/b',
+}
+
+metric_info['cisco_vpn_tunnel_ipsec_sa_count'] = {
+ 'title': _('IPSec SA count'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '12/b',
+}
+
+metric_info['cisco_vpn_tunnel_cipSecTunHcInOctets'] = {
+ 'title': _('IPSec Bytes in'),
+ 'help': _(''),
+ 'unit': 'bytes/s',
+ 'color': '11/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunHcOutOctets'] = {
+ 'title': _('IPSec Bytes out'),
+ 'help': _(''),
+ 'unit': 'bytes/s',
+ 'color': '21/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunInPkts'] = {
+ 'title': _('IPSec packets in'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '31/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunOutPkts'] = {
+ 'title': _('IPSec packets out'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '41/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunInDropPkts'] = {
+ 'title': _('IPSec packets dropped in'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '11/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunOutDropPkts'] = {
+ 'title': _('IPSec packets dropped out'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '21/b',
+}
+
+metric_info['cisco_vpn_tunnel_cipSecTunHcInDecompOctets'] = {
+ 'title': _('IPSec in decompressed octets'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '32/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunHcOutUncompOctets'] = {
+ 'title': _('IPSec out compressed octets'),
+ 'help': _(''),
+ 'unit': '1/s',
+ 'color': '41/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunInAuths'] = {
+ 'title': _('IPSec in authentication\'s'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '13/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunOutAuths'] = {
+ 'title': _('IPSec out authentication\'s'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '23/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunInAuthFails'] = {
+ 'title': _('IPSec in authentication\'s failed'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '33/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunOutAuthFails'] = {
+ 'title': _('IPSec out authentication\'s failed'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '43/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunInDecrypts'] = {
+ 'title': _('IPSec in decryption\'s'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '15/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunOutEncrypts'] = {
+ 'title': _('IPSec out encryption\'s'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '25/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunInDecryptFails'] = {
+ 'title': _('IPSec in decryption\'s failed'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '35/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunOutEncryptFails'] = {
+ 'title': _('IPSec out encryption\'s failed'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '45/b',
+}
+metric_info['cisco_vpn_tunnel_cipSecTunInReplayDropPkts'] = {
+ 'title': _('IPSec in replay packets dropped'),
+ 'help': _(''),
+ 'unit': 'count',
+ 'color': '16/b',
+}
+
+######################################################################################################################
+#
+# how to graph perdata for cisco_vpn_tunnel
+#
+######################################################################################################################
+
+
+graph_info['cisco_vpn_tunnel_ike_uptime'] = {
+ 'title': _('IKE active time'),
+ 'metrics': [
+ ('cisco_vpn_tunnel_cikeTunActiveTime', 'area'),
+ ],
+}
+graph_info['cisco_vpn_tunnel_ike_octets'] = {
+ 'title': _('IKE Bytes/s'),
+ 'metrics': [
+ ('cisco_vpn_tunnel_cikeTunOutOctets', '-area'),
+ ('cisco_vpn_tunnel_cikeTunInOctets', 'area'),
+ ],
+}
+graph_info['cisco_vpn_tunnel_ike_packets'] = {
+ 'title': _('IKE packets/s'),
+ 'metrics': [
+ ('cisco_vpn_tunnel_cikeTunOutDropPkts', '-line'),
+ ('cisco_vpn_tunnel_cikeTunInDropPkts', 'line'),
+ ('cisco_vpn_tunnel_cikeTunOutPkts', '-line'),
+ ('cisco_vpn_tunnel_cikeTunInPkts', 'line'),
+ ],
+}
+
+graph_info['cisco_vpn_tunnel_ipsec_uptime'] = {
+ 'title': _('IPSec active time'),
+ 'metrics': [
+ ('cisco_vpn_tunnel_cipSecTunActiveTime', 'area'),
+ ],
+}
+graph_info['cisco_vpn_tunnel_ipsec_sa_count'] = {
+ 'title': _('IPSec SA count'),
+ 'metrics': [
+ ('cisco_vpn_tunnel_ipsec_sa_count', 'area'),
+ ],
+}
+graph_info['cisco_vpn_tunnel_ipsec_octets'] = {
+ 'title': _('IPSec Bytes/s'),
+ 'metrics': [
+ ('cisco_vpn_tunnel_cipSecTunHcOutOctets', '-area'),
+ ('cisco_vpn_tunnel_cipSecTunHcInOctets', 'area'),
+ ],
+}
+graph_info['cisco_vpn_tunnel_pckets'] = {
+ 'title': _('IPSec packets/s'),
+ 'metrics': [
+ ('cisco_vpn_tunnel_cipSecTunOutDropPkts', '-stack'),
+ ('cisco_vpn_tunnel_cipSecTunInDropPkts', 'stack'),
+ ('cisco_vpn_tunnel_cipSecTunOutPkts', '-stack'),
+ ('cisco_vpn_tunnel_cipSecTunInPkts', 'stack'),
+ ],
+}
+
+######################################################################################################################
+#
+# define perf-o-meter for cisco_vpn_tunnel uptime active time
+#
+######################################################################################################################
+
+perfometer_info.append(('stacked', [
+ {
+ 'type': 'logarithmic',
+ 'metric': 'cisco_vpn_tunnel_cikeTunActiveTime',
+ 'half_value': 2592000.0,
+ 'exponent': 2,
+ },
+ {
+ 'type': 'logarithmic',
+ 'metric': 'cisco_vpn_tunnel_cipSecTunActiveTime',
+ 'half_value': 2592000.0,
+ 'exponent': 2,
+ },
+]))
diff --git a/gui/wato/cisco_vpn_tunnel.py b/gui/wato/cisco_vpn_tunnel.py
new file mode 100644
index 0000000000000000000000000000000000000000..3addeb9891142b2db34146d8ee6d300ba1d97ac7
--- /dev/null
+++ b/gui/wato/cisco_vpn_tunnel.py
@@ -0,0 +1,112 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+#
+# License: GNU General Public License v2
+
+# Author: thl-cmk[at]outlook[dot]com
+# URL : https://thl-cmk.hopto.org
+# Date : 2017-12-28
+
+from cmk.gui.i18n import _
+from cmk.gui.valuespec import (
+ Dictionary,
+ TextAscii,
+ Tuple,
+ MonitoringState,
+ ListOf,
+ IPv4Address,
+ TextUnicode,
+ FixedValue,
+)
+
+from cmk.gui.plugins.wato.utils import (
+ CheckParameterRulespecWithItem,
+ rulespec_registry,
+ RulespecGroupCheckParametersNetworking,
+ RulespecGroupCheckParametersDiscovery,
+ HostRulespec,
+)
+
+
+def _parameter_valuespec_cisco_vpn_tunnel():
+ return Dictionary(
+ elements=[
+ ('tunnels',
+ ListOf(
+ Tuple(
+ title=_('VPN Tunnel Endpoints'),
+ elements=[
+ IPv4Address(
+ title=_('Peer IP-Address'),
+ help=_('The configured value must match a tunnel reported by the monitored '
+ 'device.'),
+ ),
+ TextUnicode(
+ title=_('Tunnel Alias'),
+ help=_('You can configure an individual alias here for the tunnel matching '
+ 'the IP-Address or Name configured in the field above.'),
+ ),
+ MonitoringState(
+ default_value=2,
+ title=_('State if tunnel is not found'),
+ ),
+ MonitoringState(
+ default_value=1,
+ title=_('State if tunnel has no active IPSec SA'),
+ ),
+ ]),
+ add_label=_('Add tunnel'),
+ movable=False,
+ title=_('VPN tunnel specific configuration'),
+ )),
+ ('state',
+ MonitoringState(
+ title=_('Default state to report when tunnel can not be found anymore'),
+ help=_('Default state if a tunnel, which is not listed above in this rule, '
+ 'can no longer be found.'),
+ default_value=2,
+ )),
+ ('missing_ipsec_sa_state',
+ MonitoringState(
+ title=_('Default state to report when tunnel has no active IPSec SA'),
+ help=_('Default state if a tunnel, which is not listed above in this rule, '
+ 'has no active IPSec SA.'),
+ default_value=1,
+ )),
+ ],
+ )
+
+
+rulespec_registry.register(
+ CheckParameterRulespecWithItem(
+ check_group_name='cisco_vpn_tunnel',
+ group=RulespecGroupCheckParametersNetworking,
+ item_spec=lambda: TextAscii(title=_('IP-Address of Tunnel Endpoint'), ),
+ match_type='dict',
+ parameter_valuespec=_parameter_valuespec_cisco_vpn_tunnel,
+ title=lambda: _('Cisco VPN Tunnel'),
+ ))
+
+
+def _valuespec_discovery_cisco_vpn_tunnel():
+ return Dictionary(
+ title=_('VPN Tunnel discovery'),
+ elements=[(
+ 'discover_aggressive_mode',
+ FixedValue(
+ True,
+ default_value=False,
+ title=_('Discover aggressive mode VPN Tunnel'),
+ totext=_('Discover aggressive mode VPN Tunnel'),
+ ),
+ )],
+ )
+
+
+rulespec_registry.register(
+ HostRulespec(
+ group=RulespecGroupCheckParametersDiscovery,
+ match_type='dict',
+ name='discovery_cisco_vpn_tunnel',
+ valuespec=_valuespec_discovery_cisco_vpn_tunnel,
+ ))
diff --git a/packages/cisco_vpn_tunnel b/packages/cisco_vpn_tunnel
index c31c390ce5eb1ed805808e89dbddbfff25d1cf39..c6352d6397a971e28b109c2666a045575974604b 100644
--- a/packages/cisco_vpn_tunnel
+++ b/packages/cisco_vpn_tunnel
@@ -6,11 +6,10 @@
'in/out octets and packets.\n',
'download_url': 'https://thl-cmk.hopto.org',
'files': {'agent_based': ['cisco_vpn_tunnel.py'],
- 'web': ['plugins/metrics/cisco_vpn_tunnel.py',
- 'plugins/wato/cisco_vpn_tunnel.py']},
+ 'gui': ['metrics/cisco_vpn_tunnel.py', 'wato/cisco_vpn_tunnel.py']},
'name': 'cisco_vpn_tunnel',
'title': 'Monitor Cisco VPN Tunnel',
- 'version': '20230607.v0.4',
- 'version.min_required': '2.0.0b1',
+ 'version': '0.4.0-20230607',
+ 'version.min_required': '2.1.0b1',
'version.packaged': '2.1.0p21',
'version.usable_until': None}
\ No newline at end of file