Compare commits
	
		
			6 Commits
		
	
	
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | 7ecbfcd3e6 | ||
|  | a8125f9062 | ||
|  | b82576d49e | ||
|  | 1b80141dc4 | ||
|  | 22508e2755 | ||
|  | e2434ee93c | 
							
								
								
									
										50
									
								
								sio2/cyber/05-nagios/apache2.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										50
									
								
								sio2/cyber/05-nagios/apache2.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,50 @@ | |||||||
|  | # apache configuration for nagios 4.x | ||||||
|  |  | ||||||
|  | ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4 | ||||||
|  | ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4 | ||||||
|  |  | ||||||
|  | # Where the stylesheets (config files) reside | ||||||
|  | Alias /nagios4/stylesheets /etc/nagios4/stylesheets | ||||||
|  |  | ||||||
|  | # Where the HTML pages live | ||||||
|  | Alias /nagios4 /usr/share/nagios4/htdocs | ||||||
|  |  | ||||||
|  | <DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)> | ||||||
|  |     Options FollowSymLinks | ||||||
|  |     DirectoryIndex index.php index.html | ||||||
|  |     AllowOverride AuthConfig | ||||||
|  |     # | ||||||
|  |     # The default Debian nagios4 install sets use_authentication=0 in | ||||||
|  |     # /etc/nagios4/cgi.cfg, which turns off nagos's internal authentication. | ||||||
|  |     # This is insecure.  As a compromise this default apache2 configuration | ||||||
|  |     # only allows private IP addresses access. | ||||||
|  |     # | ||||||
|  |     # The <Files>...</Files> below shows how you can secure the nagios4 | ||||||
|  |     # web site so anybody can view it, but only authenticated users can issue | ||||||
|  |     # commands (such as silence notifications).  To do that replace the | ||||||
|  |     # "Require all granted" with "Require valid-user", and use htdigest | ||||||
|  |     # program from the apache2-utils package to add users to | ||||||
|  |     # /etc/nagios4/htdigest.users. | ||||||
|  |     # | ||||||
|  |     # A step up is to insist all users validate themselves by moving | ||||||
|  |     # the stanza's in the <Files>..<Files> into the <DirectoryMatch>. | ||||||
|  |     # Then by setting use_authentication=1 in /etc/nagios4/cgi.cfg you | ||||||
|  |     # can configure which people get to see a particular service from | ||||||
|  |     # within the nagios configuration. | ||||||
|  |     #  | ||||||
|  |     Require ip	::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16 | ||||||
|  |     <Files "cmd.cgi"> | ||||||
|  | 	AuthDigestDomain "Nagios4" | ||||||
|  | 	AuthDigestProvider file | ||||||
|  | 	AuthUserFile	"/etc/nagios4/htdigest.users" | ||||||
|  | 	AuthGroupFile	"/etc/group" | ||||||
|  | 	AuthName	"Nagios4" | ||||||
|  | 	AuthType	Digest | ||||||
|  | 	Require all	granted | ||||||
|  | 	#Require	valid-user | ||||||
|  |     </Files> | ||||||
|  | </DirectoryMatch> | ||||||
|  |  | ||||||
|  | <Directory /usr/share/nagios4/htdocs> | ||||||
|  |     Options	+ExecCGI	 | ||||||
|  | </Directory> | ||||||
							
								
								
									
										422
									
								
								sio2/cyber/05-nagios/cgi.cfg
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										422
									
								
								sio2/cyber/05-nagios/cgi.cfg
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,422 @@ | |||||||
|  | ################################################################# | ||||||
|  | # | ||||||
|  | # CGI.CFG - Sample CGI Configuration File for Nagios 4.4.6 | ||||||
|  | # | ||||||
|  | # | ||||||
|  | ################################################################# | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # MAIN CONFIGURATION FILE | ||||||
|  | # This tells the CGIs where to find your main configuration file. | ||||||
|  | # The CGIs will read the main and host config files for any other | ||||||
|  | # data they might need. | ||||||
|  |  | ||||||
|  | main_config_file=/etc/nagios4/nagios.cfg | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # PHYSICAL HTML PATH | ||||||
|  | # This is the path where the HTML files for Nagios reside.  This | ||||||
|  | # value is used to locate the logo images needed by the statusmap | ||||||
|  | # and statuswrl CGIs. | ||||||
|  |  | ||||||
|  | physical_html_path=/usr/share/nagios4/htdocs | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # URL HTML PATH | ||||||
|  | # This is the path portion of the URL that corresponds to the | ||||||
|  | # physical location of the Nagios HTML files (as defined above). | ||||||
|  | # This value is used by the CGIs to locate the online documentation | ||||||
|  | # and graphics.  If you access the Nagios pages with an URL like | ||||||
|  | # http://www.myhost.com/nagios, this value should be '/nagios' | ||||||
|  | # (without the quotes). | ||||||
|  |  | ||||||
|  | url_html_path=/nagios4 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # CONTEXT-SENSITIVE HELP | ||||||
|  | # This option determines whether or not a context-sensitive | ||||||
|  | # help icon will be displayed for most of the CGIs. | ||||||
|  | # Values: 0 = disables context-sensitive help | ||||||
|  | #         1 = enables context-sensitive help | ||||||
|  |  | ||||||
|  | show_context_help=0 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # PENDING STATES OPTION | ||||||
|  | # This option determines what states should be displayed in the web | ||||||
|  | # interface for hosts/services that have not yet been checked. | ||||||
|  | # Values: 0 = leave hosts/services that have not been check yet in their original state | ||||||
|  | #         1 = mark hosts/services that have not been checked yet as PENDING | ||||||
|  |  | ||||||
|  | use_pending_states=1 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # AUTHENTICATION USAGE | ||||||
|  | # This option controls whether or not the CGIs will use any | ||||||
|  | # authentication when displaying host and service information, as | ||||||
|  | # well as committing commands to Nagios for processing. | ||||||
|  | # | ||||||
|  | # Read the HTML documentation to learn how the authorization works! | ||||||
|  | # | ||||||
|  | # NOTE: It is a really *bad* idea to disable authorization, unless | ||||||
|  | # you plan on removing the command CGI (cmd.cgi)!  Failure to do | ||||||
|  | # so will leave you wide open to kiddies messing with Nagios and | ||||||
|  | # possibly hitting you with a denial of service attack by filling up | ||||||
|  | # your drive by continuously writing to your command file! | ||||||
|  | # | ||||||
|  | # Setting this value to 0 will cause the CGIs to *not* use | ||||||
|  | # authentication (bad idea), while any other value will make them | ||||||
|  | # use the authentication functions (the default). | ||||||
|  |  | ||||||
|  | use_authentication=0 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # x509 CERT AUTHENTICATION | ||||||
|  | # When enabled, this option allows you to use x509 cert (SSL) | ||||||
|  | # authentication in the CGIs.  This is an advanced option and should | ||||||
|  | # not be enabled unless you know what you're doing. | ||||||
|  |  | ||||||
|  | use_ssl_authentication=0 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # DEFAULT USER | ||||||
|  | # Setting this variable will define a default user name that can | ||||||
|  | # access pages without authentication.  This allows people within a | ||||||
|  | # secure domain (i.e., behind a firewall) to see the current status | ||||||
|  | # without authenticating.  You may want to use this to avoid basic | ||||||
|  | # authentication if you are not using a secure server since basic | ||||||
|  | # authentication transmits passwords in the clear. | ||||||
|  | # | ||||||
|  | # Important:  Do not define a default username unless you are | ||||||
|  | # running a secure web server and are sure that everyone who has | ||||||
|  | # access to the CGIs has been authenticated in some manner!  If you | ||||||
|  | # define this variable, anyone who has not authenticated to the web | ||||||
|  | # server will inherit all rights you assign to this user! | ||||||
|  |  | ||||||
|  | #default_user_name=guest | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # SYSTEM/PROCESS INFORMATION ACCESS | ||||||
|  | # This option is a comma-delimited list of all usernames that | ||||||
|  | # have access to viewing the Nagios process information as | ||||||
|  | # provided by the Extended Information CGI (extinfo.cgi).  By | ||||||
|  | # default, *no one* has access to this unless you choose to | ||||||
|  | # not use authorization.  You may use an asterisk (*) to | ||||||
|  | # authorize any user who has authenticated to the web server. | ||||||
|  |  | ||||||
|  | authorized_for_system_information=nagiosadmin | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # CONFIGURATION INFORMATION ACCESS | ||||||
|  | # This option is a comma-delimited list of all usernames that | ||||||
|  | # can view ALL configuration information (hosts, commands, etc). | ||||||
|  | # By default, users can only view configuration information | ||||||
|  | # for the hosts and services they are contacts for. You may use | ||||||
|  | # an asterisk (*) to authorize any user who has authenticated | ||||||
|  | # to the web server. | ||||||
|  |  | ||||||
|  | authorized_for_configuration_information=nagiosadmin | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # SYSTEM/PROCESS COMMAND ACCESS | ||||||
|  | # This option is a comma-delimited list of all usernames that | ||||||
|  | # can issue shutdown and restart commands to Nagios via the | ||||||
|  | # command CGI (cmd.cgi).  Users in this list can also change | ||||||
|  | # the program mode to active or standby. By default, *no one* | ||||||
|  | # has access to this unless you choose to not use authorization. | ||||||
|  | # You may use an asterisk (*) to authorize any user who has | ||||||
|  | # authenticated to the web server. | ||||||
|  |  | ||||||
|  | authorized_for_system_commands=nagiosadmin | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # GLOBAL HOST/SERVICE VIEW ACCESS | ||||||
|  | # These two options are comma-delimited lists of all usernames that | ||||||
|  | # can view information for all hosts and services that are being | ||||||
|  | # monitored.  By default, users can only view information | ||||||
|  | # for hosts or services that they are contacts for (unless you | ||||||
|  | # you choose to not use authorization). You may use an asterisk (*) | ||||||
|  | # to authorize any user who has authenticated to the web server. | ||||||
|  |  | ||||||
|  | authorized_for_all_services=nagiosadmin | ||||||
|  | authorized_for_all_hosts=nagiosadmin | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # GLOBAL HOST/SERVICE COMMAND ACCESS | ||||||
|  | # These two options are comma-delimited lists of all usernames that | ||||||
|  | # can issue host or service related commands via the command | ||||||
|  | # CGI (cmd.cgi) for all hosts and services that are being monitored. | ||||||
|  | # By default, users can only issue commands for hosts or services | ||||||
|  | # that they are contacts for (unless you you choose to not use | ||||||
|  | # authorization).  You may use an asterisk (*) to authorize any | ||||||
|  | # user who has authenticated to the web server. | ||||||
|  |  | ||||||
|  | authorized_for_all_service_commands=nagiosadmin | ||||||
|  | authorized_for_all_host_commands=nagiosadmin | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # READ-ONLY USERS | ||||||
|  | # A comma-delimited list of usernames that have read-only rights in | ||||||
|  | # the CGIs.  This will block any service or host commands normally shown | ||||||
|  | # on the extinfo CGI pages.  It will also block comments from being shown | ||||||
|  | # to read-only users. | ||||||
|  |  | ||||||
|  | #authorized_for_read_only=user1,user2 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # STATUSMAP BACKGROUND IMAGE | ||||||
|  | # This option allows you to specify an image to be used as a | ||||||
|  | # background in the statusmap CGI.  It is assumed that the image | ||||||
|  | # resides in the HTML images path (i.e. /usr/local/nagios/share/images). | ||||||
|  | # This path is automatically determined by appending "/images" | ||||||
|  | # to the path specified by the 'physical_html_path' directive. | ||||||
|  | # Note:  The image file may be in GIF, PNG, JPEG, or GD2 format. | ||||||
|  | # However, I recommend that you convert your image to GD2 format | ||||||
|  | # (uncompressed) but ONLY IF YOU WILL USE THE LEGACY MAP EXCLUSIVELY, | ||||||
|  | # as this will cause less CPU load when the CGI generates the image. | ||||||
|  |  | ||||||
|  | #statusmap_background_image=smbackground.gd2 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # STATUSMAP TRANSPARENCY INDEX COLOR | ||||||
|  | # These options set the r,g,b values of the background color used the statusmap CGI, | ||||||
|  | # so normal browsers that can't show real png transparency set the desired color as | ||||||
|  | # a background color instead (to make it look pretty). | ||||||
|  | # Defaults to white: (R,G,B) = (255,255,255). | ||||||
|  |  | ||||||
|  | #color_transparency_index_r=255 | ||||||
|  | #color_transparency_index_g=255 | ||||||
|  | #color_transparency_index_b=255 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # DEFAULT STATUSMAP LAYOUT METHOD | ||||||
|  | # This option allows you to specify the default layout method | ||||||
|  | # the statusmap CGI should use for drawing hosts.  If you do | ||||||
|  | # not use this option, the default for the legacy map is to use | ||||||
|  | # user-defined coordinates and the default for the new map is "6" | ||||||
|  | # (Circular Balloon). | ||||||
|  | # Valid options for the legacy map are as follows: | ||||||
|  | #	0 = User-defined coordinates | ||||||
|  | #	1 = Depth layers | ||||||
|  | #	2 = Collapsed tree | ||||||
|  | #	3 = Balanced tree | ||||||
|  | #	4 = Circular | ||||||
|  | #	5 = Circular (Marked Up) | ||||||
|  | # Valid options for the new map are as follows: | ||||||
|  | #	0 = User-defined coordinates | ||||||
|  | #	1 = Depth Layers (Horizontal) | ||||||
|  | #	2 = Collapsed tree (Horizontal) | ||||||
|  | #	3 = Balanced tree (Horizontal) | ||||||
|  | #	4 = DON'T USE | ||||||
|  | #	5 = Circular Markup | ||||||
|  | #	6 = Circular Balloon | ||||||
|  | #	7 = Balanced tree (Vertical) | ||||||
|  | #	8 = Collapsed tree (Vertical) | ||||||
|  | #	9 = Depth Layers (Vertical) | ||||||
|  | #	10 = Force Map | ||||||
|  |  | ||||||
|  | #default_statusmap_layout=6 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # DEFAULT STATUSWRL LAYOUT METHOD | ||||||
|  | # This option allows you to specify the default layout method | ||||||
|  | # the statuswrl (VRML) CGI should use for drawing hosts.  If you | ||||||
|  | # do not use this option, the default is to use user-defined | ||||||
|  | # coordinates.  Valid options are as follows: | ||||||
|  | #	0 = User-defined coordinates | ||||||
|  | #       2 = Collapsed tree | ||||||
|  | #       3 = Balanced tree | ||||||
|  | #       4 = Circular | ||||||
|  |  | ||||||
|  | default_statuswrl_layout=4 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # STATUSWRL INCLUDE | ||||||
|  | # This option allows you to include your own objects in the | ||||||
|  | # generated VRML world.  It is assumed that the file | ||||||
|  | # resides in the HTML path (i.e. /usr/local/nagios/share). | ||||||
|  |  | ||||||
|  | #statuswrl_include=myworld.wrl | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # PING SYNTAX | ||||||
|  | # This option determines what syntax should be used when | ||||||
|  | # attempting to ping a host from the WAP interface (using | ||||||
|  | # the statuswml CGI.  You must include the full path to | ||||||
|  | # the ping binary, along with all required options.  The | ||||||
|  | # $HOSTADDRESS$ macro is substituted with the address of | ||||||
|  | # the host before the command is executed. | ||||||
|  | # Please note that the syntax for the ping binary is | ||||||
|  | # notorious for being different on virtually ever *NIX | ||||||
|  | # OS and distribution, so you may have to tweak this to | ||||||
|  | # work on your system. | ||||||
|  |  | ||||||
|  | ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # REFRESH RATE | ||||||
|  | # This option allows you to specify the refresh rate in seconds | ||||||
|  | # of various CGIs (status, statusmap, extinfo, and outages). | ||||||
|  |  | ||||||
|  | refresh_rate=90 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # PAGE TOUR | ||||||
|  | # Enable page tour for helpful tips and tricks on various pages | ||||||
|  |  | ||||||
|  | #enable_page_tour=1 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # DEFAULT PAGE LIMIT | ||||||
|  | # This option allows you to specify the default number of results | ||||||
|  | # displayed on the status.cgi.  This number can be adjusted from | ||||||
|  | # within the UI after the initial page load. Setting this to 0 | ||||||
|  | # will show all results. | ||||||
|  |  | ||||||
|  | result_limit=100 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # ESCAPE HTML TAGS | ||||||
|  | # This option determines whether HTML tags in host and service | ||||||
|  | # status output is escaped in the web interface.  If enabled, | ||||||
|  | # your plugin output will not be able to contain clickable links. | ||||||
|  |  | ||||||
|  | escape_html_tags=1 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # SOUND OPTIONS | ||||||
|  | # These options allow you to specify an optional audio file | ||||||
|  | # that should be played in your browser window when there are | ||||||
|  | # problems on the network.  The audio files are used only in | ||||||
|  | # the status CGI.  Only the sound for the most critical problem | ||||||
|  | # will be played.  Order of importance (higher to lower) is as | ||||||
|  | # follows: unreachable hosts, down hosts, critical services, | ||||||
|  | # warning services, and unknown services. If there are no | ||||||
|  | # visible problems, the sound file optionally specified by | ||||||
|  | # 'normal_sound' variable will be played. | ||||||
|  | # | ||||||
|  | # | ||||||
|  | # <varname>=<sound_file> | ||||||
|  | # | ||||||
|  | # Note: All audio files must be placed in the /media subdirectory | ||||||
|  | # under the HTML path (i.e. /usr/local/nagios/share/media/). | ||||||
|  |  | ||||||
|  | #host_unreachable_sound=hostdown.wav | ||||||
|  | #host_down_sound=hostdown.wav | ||||||
|  | #service_critical_sound=critical.wav | ||||||
|  | #service_warning_sound=warning.wav | ||||||
|  | #service_unknown_sound=warning.wav | ||||||
|  | #normal_sound=noproblem.wav | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # URL TARGET FRAMES | ||||||
|  | # These options determine the target frames in which notes and | ||||||
|  | # action URLs will open. | ||||||
|  |  | ||||||
|  | action_url_target=_blank | ||||||
|  | notes_url_target=_blank | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # LOCK AUTHOR NAMES OPTION | ||||||
|  | # This option determines whether users can change the author name | ||||||
|  | # when submitting comments, scheduling downtime.  If disabled, the | ||||||
|  | # author names will be locked into their contact name, as defined in Nagios. | ||||||
|  | # Values: 0 = allow editing author names | ||||||
|  | #         1 = lock author names (disallow editing) | ||||||
|  |  | ||||||
|  | lock_author_names=1 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # SPLUNK INTEGRATION OPTIONS | ||||||
|  | # These options allow you to enable integration with Splunk | ||||||
|  | # in the web interface.  If enabled, you'll be presented with | ||||||
|  | # "Splunk It" links in various places in the CGIs (log file, | ||||||
|  | # alert history, host/service detail, etc).  Useful if you're | ||||||
|  | # trying to research why a particular problem occurred. | ||||||
|  | # For more information on Splunk, visit http://www.splunk.com/ | ||||||
|  |  | ||||||
|  | # This option determines whether the Splunk integration is enabled | ||||||
|  | # Values: 0 = disable Splunk integration | ||||||
|  | #         1 = enable Splunk integration | ||||||
|  |  | ||||||
|  | #enable_splunk_integration=1 | ||||||
|  |  | ||||||
|  | # This option should be the URL used to access your instance of Splunk | ||||||
|  | #splunk_url=http://127.0.0.1:8000/ | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # NAVIGATION BAR SEARCH OPTIONS | ||||||
|  | # The following options allow to configure the navbar search. Default | ||||||
|  | # is to search for hostnames. With enabled navbar_search_for_addresses, | ||||||
|  | # the navbar search queries IP addresses as well. It's also possible | ||||||
|  | # to enable search for aliases by setting navbar_search_for_aliases=1. | ||||||
|  |  | ||||||
|  | navbar_search_for_addresses=1 | ||||||
|  | navbar_search_for_aliases=1 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # DEFAULTS FOR CHECKBOXES FOR ACKNOWLEDGEMENTS | ||||||
|  | # Enabling ack_no_sticky will default the "Sticky Acknowledgement" to | ||||||
|  | # be unchecked. | ||||||
|  | # Enabling ack_no_send will default the "Send Notification" to | ||||||
|  | # be unchecked. | ||||||
|  |  | ||||||
|  | #ack_no_sticky=0 | ||||||
|  | #ack_no_send=0 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # SHOW ONLY HARD STATES IS TACTICAL OVERVIEW | ||||||
|  | # This option controls whether only HARD states are counted on the | ||||||
|  | # Tactical Overview, or if both HARD and SOFT states are counted. | ||||||
|  | # Set to 1 to show only HARD states. Defaults to 0 (HARD+SOFT). | ||||||
|  |  | ||||||
|  | #tac_cgi_hard_only=0 | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | # COMMAND COMMENTS | ||||||
|  | # These options control whether or not comments are required, optional, | ||||||
|  | # or not allowed for specific commands. The format for each line is: | ||||||
|  | #    cmd-name=req,def-comment | ||||||
|  | # | ||||||
|  | #    cmd-name     is "CMT_" plus a command such as ADD_HOST_COMMENT | ||||||
|  | #    req          0 = not allowed, 1 = optional, 2 = required | ||||||
|  | #    def-comment  optional default comment that will be put in the input field | ||||||
|  | # | ||||||
|  | # The following examples override the default comment requirements in | ||||||
|  | # some way. | ||||||
|  |  | ||||||
|  | #CMT_ADD_HOST_COMMENT=1 | ||||||
|  | #CMT_ACKNOWLEDGE_HOST_PROBLEM=2,"Problem is being looked into" | ||||||
|  | #CMT_SCHEDULE_SVC_CHECK=1 | ||||||
|  | #CMT_SCHEDULE_HOST_DOWNTIME=0 | ||||||
							
								
								
									
										1390
									
								
								sio2/cyber/05-nagios/nagios.cfg
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										1390
									
								
								sio2/cyber/05-nagios/nagios.cfg
									
									
									
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							
							
								
								
									
										20
									
								
								sio2/cyber/05-nagios/srv.cfg
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										20
									
								
								sio2/cyber/05-nagios/srv.cfg
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,20 @@ | |||||||
|  | define host { | ||||||
|  | 	use linux-server | ||||||
|  | 	host_name		srv | ||||||
|  | 	alias			srv | ||||||
|  | 	address			192.168.0.28 | ||||||
|  | } | ||||||
|  |  | ||||||
|  | define service { | ||||||
|  | 	use			generic-service | ||||||
|  | 	host_name		srv | ||||||
|  | 	service_description	WWW | ||||||
|  | 	check_command		check_http | ||||||
|  | } | ||||||
|  |  | ||||||
|  | define service { | ||||||
|  | 	use			generic-service | ||||||
|  | 	host_name		srv | ||||||
|  | 	service_description	SSH | ||||||
|  | 	check_command		check_ssh | ||||||
|  | } | ||||||
							
								
								
									
										11
									
								
								sio2/cyber/10-WireGuard/wg0.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								sio2/cyber/10-WireGuard/wg0.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,11 @@ | |||||||
|  | [Interface] | ||||||
|  | PrivateKey = GIOgHwIs/0uNvwn/iAX5dP5PGjDY7+OpM/c50X6ry2k= | ||||||
|  | Address = 10.0.2.2/32 | ||||||
|  | #DNS = 192.168.1.254 | ||||||
|  |  | ||||||
|  | [Peer] | ||||||
|  | PublicKey = COah6qTtwZo4h9GhtBHBhySOwmH4g78sI49NLGmze3M= | ||||||
|  | #AllowedIPs = 10.0.0.0/8, 192.168.1.0/24 | ||||||
|  | AllowedIPs = 0.0.0.0/0 | ||||||
|  | Endpoint = 192.168.0.40:51820 | ||||||
|  | PersistentKeepalive = 20 | ||||||
							
								
								
									
										109
									
								
								sio2/sisr/15-pxe/dhcpd.conf
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										109
									
								
								sio2/sisr/15-pxe/dhcpd.conf
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,109 @@ | |||||||
|  | # dhcpd.conf | ||||||
|  | # | ||||||
|  | # Sample configuration file for ISC dhcpd | ||||||
|  | # | ||||||
|  |  | ||||||
|  | # option definitions common to all supported networks... | ||||||
|  | option domain-name "example.org"; | ||||||
|  | option domain-name-servers ns1.example.org, ns2.example.org; | ||||||
|  |  | ||||||
|  | default-lease-time 600; | ||||||
|  | max-lease-time 7200; | ||||||
|  |  | ||||||
|  | # The ddns-updates-style parameter controls whether or not the server will | ||||||
|  | # attempt to do a DNS update when a lease is confirmed. We default to the | ||||||
|  | # behavior of the version 2 packages ('none', since DHCP v2 didn't | ||||||
|  | # have support for DDNS.) | ||||||
|  | ddns-update-style none; | ||||||
|  |  | ||||||
|  | # If this DHCP server is the official DHCP server for the local | ||||||
|  | # network, the authoritative directive should be uncommented. | ||||||
|  | #authoritative; | ||||||
|  |  | ||||||
|  | # Use this to send dhcp log messages to a different log file (you also | ||||||
|  | # have to hack syslog.conf to complete the redirection). | ||||||
|  | #log-facility local7; | ||||||
|  |  | ||||||
|  | # No service will be given on this subnet, but declaring it helps the  | ||||||
|  | # DHCP server to understand the network topology. | ||||||
|  |  | ||||||
|  | #subnet 10.152.187.0 netmask 255.255.255.0 { | ||||||
|  | #} | ||||||
|  |  | ||||||
|  | # This is a very basic subnet declaration. | ||||||
|  |  | ||||||
|  | #subnet 10.254.239.0 netmask 255.255.255.224 { | ||||||
|  | #  range 10.254.239.10 10.254.239.20; | ||||||
|  | #  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org; | ||||||
|  | #} | ||||||
|  |  | ||||||
|  | # This declaration allows BOOTP clients to get dynamic addresses, | ||||||
|  | # which we don't really recommend. | ||||||
|  |  | ||||||
|  | #subnet 192.168.1.1 netmask 255.255.255.0 { | ||||||
|  | #  range dynamic-bootp 10.254.239.40 10.254.239.60; | ||||||
|  | #  option broadcast-address 10.254.239.31; | ||||||
|  | #  option routers rtr-239-32-1.example.org; | ||||||
|  | #} | ||||||
|  |  | ||||||
|  | # A slightly different configuration for an internal subnet. | ||||||
|  | subnet 192.168.1.0 netmask 255.255.255.0 { | ||||||
|  |   range 192.168.1.20 192.168.1.40; | ||||||
|  |   option domain-name-servers 192.168.0.1; | ||||||
|  |   option routers 192.168.1.1; | ||||||
|  |   option broadcast-address 192.168.1.255; | ||||||
|  |   filename "pxelinux.0"; | ||||||
|  |   next-server 192.168.1.1; | ||||||
|  | } | ||||||
|  | #  default-lease-time 600; | ||||||
|  | #  max-lease-time 7200; | ||||||
|  | #} | ||||||
|  |  | ||||||
|  | # Hosts which require special configuration options can be listed in | ||||||
|  | # host statements.   If no address is specified, the address will be | ||||||
|  | # allocated dynamically (if possible), but the host-specific information | ||||||
|  | # will still come from the host declaration. | ||||||
|  |  | ||||||
|  | #host passacaglia { | ||||||
|  | #  hardware ethernet 0:0:c0:5d:bd:95; | ||||||
|  | #  filename "vmunix.passacaglia"; | ||||||
|  | #  server-name "toccata.example.com"; | ||||||
|  | #} | ||||||
|  |  | ||||||
|  | # Fixed IP addresses can also be specified for hosts.   These addresses | ||||||
|  | # should not also be listed as being available for dynamic assignment. | ||||||
|  | # Hosts for which fixed IP addresses have been specified can boot using | ||||||
|  | # BOOTP or DHCP.   Hosts for which no fixed address is specified can only | ||||||
|  | # be booted with DHCP, unless there is an address range on the subnet | ||||||
|  | # to which a BOOTP client is connected which has the dynamic-bootp flag | ||||||
|  | # set. | ||||||
|  | #host fantasia { | ||||||
|  | #  hardware ethernet 08:00:07:26:c0:a5; | ||||||
|  | #  fixed-address fantasia.example.com; | ||||||
|  | #} | ||||||
|  |  | ||||||
|  | # You can declare a class of clients and then do address allocation | ||||||
|  | # based on that.   The example below shows a case where all clients | ||||||
|  | # in a certain class get addresses on the 10.17.224/24 subnet, and all | ||||||
|  | # other clients get addresses on the 10.0.29/24 subnet. | ||||||
|  |  | ||||||
|  | #class "foo" { | ||||||
|  | #  match if substring (option vendor-class-identifier, 0, 4) = "SUNW"; | ||||||
|  | #} | ||||||
|  |  | ||||||
|  | #shared-network 224-29 { | ||||||
|  | #  subnet 10.17.224.0 netmask 255.255.255.0 { | ||||||
|  | #    option routers rtr-224.example.org; | ||||||
|  | #  } | ||||||
|  | #  subnet 10.0.29.0 netmask 255.255.255.0 { | ||||||
|  | #    option routers rtr-29.example.org; | ||||||
|  | #  } | ||||||
|  | #  pool { | ||||||
|  | #    allow members of "foo"; | ||||||
|  | #    range 10.17.224.10 10.17.224.250; | ||||||
|  | #  } | ||||||
|  | #  pool { | ||||||
|  | #    deny members of "foo"; | ||||||
|  | #    range 10.0.29.10 10.0.29.230; | ||||||
|  | #  } | ||||||
|  | #} | ||||||
							
								
								
									
										17
									
								
								sio2/sisr/15-pxe/interfaces
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								sio2/sisr/15-pxe/interfaces
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | |||||||
|  | # This file describes the network interfaces available on your system | ||||||
|  | # and how to activate them. For more information, see interfaces(5). | ||||||
|  |  | ||||||
|  | source /etc/network/interfaces.d/* | ||||||
|  |  | ||||||
|  | # The loopback network interface | ||||||
|  | auto lo | ||||||
|  | iface lo inet loopback | ||||||
|  |  | ||||||
|  | # The primary network interface | ||||||
|  | allow-hotplug enp0s3 | ||||||
|  | iface enp0s3 inet dhcp | ||||||
|  |  | ||||||
|  | allow-hotplug enp0s8 | ||||||
|  | iface enp0s8 inet static | ||||||
|  | 	address 192.168.1.1/24 | ||||||
|  | 	up /root/nat.sh	 | ||||||
							
								
								
									
										18
									
								
								sio2/sisr/15-pxe/isc-dhcp-server
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										18
									
								
								sio2/sisr/15-pxe/isc-dhcp-server
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,18 @@ | |||||||
|  | # Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server) | ||||||
|  |  | ||||||
|  | # Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf). | ||||||
|  | DHCPDv4_CONF=/etc/dhcp/dhcpd.conf | ||||||
|  | #DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf | ||||||
|  |  | ||||||
|  | # Path to dhcpd's PID file (default: /var/run/dhcpd.pid). | ||||||
|  | DHCPDv4_PID=/var/run/dhcpd.pid | ||||||
|  | #DHCPDv6_PID=/var/run/dhcpd6.pid | ||||||
|  |  | ||||||
|  | # Additional options to start dhcpd with. | ||||||
|  | #	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead | ||||||
|  | #OPTIONS="" | ||||||
|  |  | ||||||
|  | # On what interfaces should the DHCP server (dhcpd) serve DHCP requests? | ||||||
|  | #	Separate multiple interfaces with spaces, e.g. "eth0 eth1". | ||||||
|  | INTERFACESv4="enp0s8" | ||||||
|  | INTERFACESv6="" | ||||||
							
								
								
									
										3
									
								
								sio2/sisr/15-pxe/nat.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										3
									
								
								sio2/sisr/15-pxe/nat.sh
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,3 @@ | |||||||
|  | #!/bin/bash | ||||||
|  | echo "1" > /proc/sys/net/ipv4/ip_forward | ||||||
|  | iptables -t nat -A POSTROUTING -o enp0s3 -j MASQUERADE | ||||||
							
								
								
									
										4
									
								
								sio2/sisr/20-python/Exercice1
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										4
									
								
								sio2/sisr/20-python/Exercice1
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,4 @@ | |||||||
|  | #!/usr/bin/python3 | ||||||
|  | rayon = input('donnez la valeur du rayon : ') | ||||||
|  | perimetre = 2 * 3.141592 * int(rayon) | ||||||
|  | print (perimetre, " cm ") | ||||||
							
								
								
									
										18
									
								
								sio2/sisr/20-python/Exercice2
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										18
									
								
								sio2/sisr/20-python/Exercice2
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,18 @@ | |||||||
|  | #!/usr/bin/python3 | ||||||
|  | tableau = [] | ||||||
|  | for i in range(3) | ||||||
|  | 	entier = int(input('chiffre : ')) | ||||||
|  | 	tableau.append(entier) | ||||||
|  |  | ||||||
|  | moy= sum(tableau)/len(tableau) | ||||||
|  |  | ||||||
|  | def maximum(tableau): | ||||||
|  | 	vmax = tableau[0] | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  |  | ||||||
|  | def minimum(tableau): | ||||||
|  | 	vmax = tableau[0] | ||||||
|  |  | ||||||
|  |  | ||||||
							
								
								
									
										13
									
								
								sio2/sisr/20-python/Exercice3
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										13
									
								
								sio2/sisr/20-python/Exercice3
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,13 @@ | |||||||
|  | #!/usr/bin/python3 | ||||||
|  | phrase = input ("Phrase : ") | ||||||
|  | tabmot = phrase.split(' ') | ||||||
|  | cptmot = {} | ||||||
|  | for mot in tabmot : | ||||||
|  | 	if mot in tabmot: | ||||||
|  | 		cptmot [mot]=cptmot[mot] +1 | ||||||
|  | 	else: | ||||||
|  | 		cptmot[mot]=1 | ||||||
|  | for key in cptmot.keys(): | ||||||
|  | 	print (key, " ",cptmot[key]) | ||||||
|  |  | ||||||
|  |  | ||||||
							
								
								
									
										13
									
								
								sio2/sisr/20-python/cptmot.py
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										13
									
								
								sio2/sisr/20-python/cptmot.py
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,13 @@ | |||||||
|  | #!/usr/bin/python3 | ||||||
|  | phrase = input('Phrase : ') | ||||||
|  | tabmot = phrase.split(' ') | ||||||
|  | cptmot = {} | ||||||
|  |  | ||||||
|  | for mot in tabmot :  | ||||||
|  |     if mot in cptmot : | ||||||
|  |         cptmot[mot] = cptmot[mot] + 1 | ||||||
|  |     else : | ||||||
|  |         cptmot[mot] = 1 | ||||||
|  |  | ||||||
|  | for key in cptmot.keys() : | ||||||
|  |     print (key, " ", cptmot[key]) | ||||||
							
								
								
									
										26
									
								
								sio2/sisr/20-python/creatusr.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										26
									
								
								sio2/sisr/20-python/creatusr.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,26 @@ | |||||||
|  | #!/usr/bin/python3 | ||||||
|  |  | ||||||
|  | import sys | ||||||
|  | nbarg = len(sys.arg) | ||||||
|  |  | ||||||
|  | if nbarg !=2 | ||||||
|  | 	print ("Nombre d'arguments invalides") | ||||||
|  | 	exit (1) | ||||||
|  | filename = sys.arg[1] | ||||||
|  |  | ||||||
|  | try: | ||||||
|  |     fh = open("user.txt", "r") | ||||||
|  | except: | ||||||
|  |     print ("Fichier user.txt inconnu") | ||||||
|  | else: | ||||||
|  |     line = fh.readline () | ||||||
|  |     while line: | ||||||
|  | 	nouvline = line.rstrip() | ||||||
|  | 	login.nomlong = nouvline.split(':') | ||||||
|  | 	print (nbarg) | ||||||
|  | 	#useradd (login) | ||||||
|  |         line = fh.readline() | ||||||
|  |  | ||||||
|  |     fh.close() | ||||||
|  |  | ||||||
|  |  | ||||||
							
								
								
									
										10
									
								
								sio2/sisr/20-python/log.py
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										10
									
								
								sio2/sisr/20-python/log.py
									
									
									
									
									
										Executable file
									
								
							| @@ -0,0 +1,10 @@ | |||||||
|  | #!/bin/usr/python3 | ||||||
|  | import re | ||||||
|  | import  sys | ||||||
|  | group = {} | ||||||
|  | regexp = '^(\S+) (\S+) (\S+) \[([^]]+)\] "(\w+) (\S+).*" (\d+) (\S+)' | ||||||
|  | for line in sys.stdin: | ||||||
|  |     line = line.rstrip ( ) | ||||||
|  |     match = re.match (regexp, line) | ||||||
|  |     if match: | ||||||
|  |         print (match.group(1)," ",match.group(8)) | ||||||
							
								
								
									
										3
									
								
								sio2/sisr/20-python/user.txt
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								sio2/sisr/20-python/user.txt
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,3 @@ | |||||||
|  | jdaniel      : Jack Daniel | ||||||
|  | wpeel        : William Peel | ||||||
|  | ngraphaneaud : Noe Graphaneaud | ||||||
		Reference in New Issue
	
	Block a user