|
|
| Author |
Message |
gandalf
Developer
Joined: 02 Dec 2004
Posts: 12604
Location: Muenster, Germany
|
 Posted: Fri Mar 03, 2006 9:49 am Post subject: [revisited] Nokia IP Firewall Checkpoint Template V0.2 |
 |
|
As an update to Nokia IP Firewall Checkpoint Template please find attached ressources for the well known Templates.
Added:
Memory Graphs
per Interface Statistics retrieved from CHECKPOINT fwIfTable
corrected issue with [fwDropPcktsOut] being a COUNTER instead of a GAUGE
Please find attached
- XML Host Template to be imported via Import Templates
- XML snmp_query to be copied to ./ressources/snmp_queries
Attention: As always, this import will perhaps overwrite your RRA Settings. If you changed the defaults, this import will reset RRA deinitions to default. So you will have to tweak them again. Unfortunately, I do not know any way to avoid this
Usage
If you have a Nokia Checkpoint Device, please click the Host Template dropdown to select the Checkpoint Firewall Host Template. Then Create Graphs for this Host
You should see some | Code: | Graph Templates
Graph Template Name
Create: Checkpoint - Connections
Create: Checkpoint - CPU Usage
Create: Checkpoint - Memory Usage
Create: Checkpoint - Packets accepted
Create: Checkpoint - Packets dropped
Create: Checkpoint - Packets logged
Create: Checkpoint - Packets rejected |
and | Code: | Data Query [Checkpoint Firewall - fwIfTable] Reload Associated Query
Index Interface Name
1 eth-s1p3c0
2 eth-s1p1c0
3 eth-s1p4c0
4 eth-s1p2c0
5 eth4c0
6 eth2c0
7 eth3c0
8 eth1c0 |
(Interface Names may vary) apart from the well-known Interface Traffic Table.
Please select the wanted Graphs.
Call for Help
When querying our Checkpoints, they respond with sth like | Code: | CHECKPOINT-MIB::fwIfEntry.3.1.0 = INTEGER: 0
CHECKPOINT-MIB::fwIfEntry.3.2.0 = INTEGER: 0
CHECKPOINT-MIB::fwIfEntry.3.3.0 = INTEGER: 0
CHECKPOINT-MIB::fwIfEntry.3.4.0 = INTEGER: 459724
CHECKPOINT-MIB::fwIfEntry.3.5.0 = INTEGER: 149286
CHECKPOINT-MIB::fwIfEntry.3.6.0 = INTEGER: 546851
CHECKPOINT-MIB::fwIfEntry.3.7.0 = INTEGER: 217364
CHECKPOINT-MIB::fwIfEntry.4.1.0 = INTEGER: 0
CHECKPOINT-MIB::fwIfEntry.4.2.0 = INTEGER: 0
CHECKPOINT-MIB::fwIfEntry.4.3.0 = INTEGER: 0
CHECKPOINT-MIB::fwIfEntry.4.4.0 = INTEGER: 442288
CHECKPOINT-MIB::fwIfEntry.4.5.0 = INTEGER: 820097
CHECKPOINT-MIB::fwIfEntry.4.6.0 = INTEGER: 942251
CHECKPOINT-MIB::fwIfEntry.4.7.0 = INTEGER: 991164 |
The fwIfEntry.3/4 are not know by the checkpoint MIB. Does anyone know what this is?
Greetings
Reinhard
| Description: |
Host Template to be imported by cacti's "Import Template" Feature
Corrected Issue with [fwDropPcktsOut] |
|
Download |
| Filename: |
cacti_host_template_checkpoint_firewall.xml |
| Filesize: |
115.1 KB |
| Downloaded: |
2541 Time(s) |
| Description: |
| XML definitions to be put into ./ressource/snmp_queries |
|
Download |
| Filename: |
checkpoint_fwIfTable.xml |
| Filesize: |
4.95 KB |
| Downloaded: |
2554 Time(s) |
Last edited by gandalf on Mon Oct 30, 2006 8:19 am; edited 1 time in total |
|
| Back to top |
|
 |
poezie
Joined: 28 Feb 2006
Posts: 22
|
| Posted: Tue Mar 07, 2006 3:59 am Post subject: |
|
|
Hi
When I try and import the cacti_host_template_checkpoint_firewall_116.xml I get "Error: XML: Hash version does not exist."
Any ideas ?
|
|
| Back to top |
|
|
fmangeant
Cacti Guru User
Joined: 19 Sep 2003
Posts: 2325
Location: Sophia-Antipolis, France
|
| Posted: Tue Mar 07, 2006 4:06 am Post subject: |
|
|
Hi
what version of Cacti are you running ? You need 0.8.6h to import this template.
|
|
| Back to top |
|
|
poezie
Joined: 28 Feb 2006
Posts: 22
|
| Posted: Tue Mar 07, 2006 4:11 am Post subject: |
|
|
| Ah Okay will need to update my version I am running f
|
|
| Back to top |
|
|
Pumpi
Cacti User
Joined: 14 Jan 2004
Posts: 256
Location: Germany
|
| Posted: Tue Mar 07, 2006 4:23 am Post subject: |
|
|
Hallo lvm,
I still unable poll my Checkpoint Firewall NG R55 through udp port 260.
The server is running SUSE Enterprise Linux 9 with recent version of Cacti/Cactid, Net-SNMP 5.1.3.1, Perl 5.8.3
I'm always getting Timeout:No response from xxx.xxx.xxx:260
The SmartTracker shows that a Fw1_snmp packet has been received from the Cacti Server as Source.
Any idea how to fix this problem ?
|
|
| Back to top |
|
|
kharford
Joined: 07 Jul 2005
Posts: 40
Location: Mass, USA
|
| Posted: Tue Mar 07, 2006 2:07 pm Post subject: Re: [revisited] Nokia IP Firewall Checkpoint Template V0.2 |
|
|
Great work Reinhard.
However, I am having a heck of a problem graphing the data. I see the data being collected put nothing is showing up in the graphs.
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[418] SNMP: v1: , dsname: mem_free_real, oid: .1.3.6.1.4.1.2620.1.6.7.4.5.0, value: 12374016
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[416] SNMP: v1: , dsname: mem_act_real, oid: .1.3.6.1.4.1.2620.1.6.7.4.4.0, value: 514150400
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[419] SNMP: v1: , dsname: mem_tot_real, oid: .1.3.6.1.4.1.2620.1.6.7.4.3.0, value: 526524416
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[417] SNMP: v1: , dsname: mem_act_virtual, oid: .1.3.6.1.4.1.2620.1.6.7.4.2.0, value: 0
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[420] SNMP: v1: , dsname: mem_total_virtual, oid: .1.3.6.1.4.1.2620.1.6.7.4.1.0, value: 2146754560
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[414] SNMP: v1: , dsname: proc_system, oid: .1.3.6.1.4.1.2620.1.6.7.2.2.0, value: 44
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[415] SNMP: v1: , dsname: proc_user, oid: .1.3.6.1.4.1.2620.1.6.7.2.1.0, value: 1
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[423] SNMP: v1: , dsname: logged, oid: .1.3.6.1.4.1.2620.1.1.7.0, value: 5724435
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[422] SNMP: v1: , dsname: dropped, oid: .1.3.6.1.4.1.2620.1.1.6.0, value: 5523687
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[424] SNMP: v1: , dsname: rejected, oid: .1.3.6.1.4.1.2620.1.1.5.0, value: 0
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[421] SNMP: v1: , dsname: acc, oid: .1.3.6.1.4.1.2620.1.1.4.0, value: 1633179673
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[425] SNMP: v1: , dsname: fwDropPcktsIn, oid: .1.3.6.1.4.1.2620.1.1.25.5.1.9.6.0, value: 105100
03/07/2006 02:00:12 PM - CACTID: Poller[0] Host[36] DS[425] SNMP: v1: , dsname: fwAcceptBytesOut, oid: .1.3.6.1.4.1.2620.1.1.25.5.1.8.6.0, value: 0
Any ideas?? 
Thanks
KMH
|
|
| Back to top |
|
|
kharford
Joined: 07 Jul 2005
Posts: 40
Location: Mass, USA
|
| Posted: Tue Mar 07, 2006 5:35 pm Post subject: |
|
|
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_rejected_424.rrd --template rejected 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_acc_421.rrd --template acc 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_dropped_422.rrd --template dropped 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_proc_user_415.rrd --template proc_user 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_logged_423.rrd --template logged 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_proc_system_414.rrd --template proc_system 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_mem_total_virtual_420.rrd --template mem_total_virtual 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_mem_act_virtual_417.rrd --template mem_act_virtual 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_mem_tot_real_419.rrd --template mem_tot_real 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_mem_act_real_416.rrd --template mem_act_real 1141770308:U
03/07/2006 05:25:12 PM - POLLER: Poller[0] CACTI2RRD: /usr/local/rrdtool-1.2.12/bin/rrdtool update /var/www/html/cacti-0.8.6h/rra/fwdell1mailers_mem_free_real_418.rrd --template mem_free_real 1141770308:U
|
|
| Back to top |
|
|
gandalf
Developer
Joined: 02 Dec 2004
Posts: 12604
Location: Muenster, Germany
|
| Posted: Wed Mar 08, 2006 3:05 pm Post subject: |
|
|
| Pumpi wrote: | Hallo lvm,
I still unable poll my Checkpoint Firewall NG R55 through udp port 260.
The server is running SUSE Enterprise Linux 9 with recent version of Cacti/Cactid, Net-SNMP 5.1.3.1, Perl 5.8.3
I'm always getting Timeout:No response from xxx.xxx.xxx:260
The SmartTracker shows that a Fw1_snmp packet has been received from the Cacti Server as Source.
Any idea how to fix this problem ? |
Please check http://forums.cacti.net/viewtopic.php?p=59166#59166
Reinhard
|
|
| Back to top |
|
|
gandalf
Developer
Joined: 02 Dec 2004
Posts: 12604
Location: Muenster, Germany
|
| Posted: Wed Mar 08, 2006 3:08 pm Post subject: |
|
|
hi kharford
what versions of cacti/cactid are you running?
Reinhard
|
|
| Back to top |
|
|
kharford
Joined: 07 Jul 2005
Posts: 40
Location: Mass, USA
|
| Posted: Wed Mar 08, 2006 3:11 pm Post subject: |
|
|
cacti-0.8.6h
CACTID 0.8.6f
Thanks for responding Reinhard
|
|
| Back to top |
|
|
gandalf
Developer
Joined: 02 Dec 2004
Posts: 12604
Location: Muenster, Germany
|
| Posted: Wed Mar 08, 2006 4:19 pm Post subject: |
|
|
cactid-0.8.6f is know to be buggy. Please upgrade to latest but pay attention to upgrading hints (am just discussing a cactid bug I ran into with these templates with The Witness)
Reinhard
|
|
| Back to top |
|
|
egironda
Joined: 19 Dec 2005
Posts: 45
|
| Posted: Wed Mar 08, 2006 6:16 pm Post subject: |
|
|
Speaking of cactid 0.8.6g...
I downloaded and installed it some time ago, but the binary tells its version as 0.8.6f. How do I know I actually have the right package?
|
|
| Back to top |
|
|
gandalf
Developer
Joined: 02 Dec 2004
Posts: 12604
Location: Muenster, Germany
|
| Posted: Thu Mar 09, 2006 3:15 pm Post subject: |
|
|
| egironda wrote: | Speaking of cactid 0.8.6g...
I downloaded and installed it some time ago, but the binary tells its version as 0.8.6f. How do I know I actually have the right package? |
Yes, this is already known. So you're already using latest release.
I'm very surprised, that cactid reports "resonable" values (the OID part of the logs you posted) but rrdtool update commands are generated with "U" (means: unknown) data. I already saw lots of "strange" behaviour, but never this way. I suppose this to be part of cactid code (so I asked for the version). But I'm using this very version (no rpm, build from source) without problems. Perhaps TheWitness (=author of cactid) should have a look
Reinhard
|
|
| Back to top |
|
|
kharford
Joined: 07 Jul 2005
Posts: 40
Location: Mass, USA
|
| Posted: Sat Mar 11, 2006 6:05 am Post subject: |
|
|
Okay, I have got my graphs somewhat in working condition.
I did have snmp and csnmpd running at the same time. I needed to set up a proxy in Net-SNMP on the firewall to query the Checkpoint mib.
Once I did that data started to be graphed.
Thanks for all your help
KMH
|
|
| Back to top |
|
|
ymartin59
Joined: 17 Feb 2006
Posts: 40
|
| Posted: Tue Mar 14, 2006 3:07 am Post subject: |
|
|
| kharford wrote: |
I did have snmp and csnmpd running at the same time. I needed to set up a proxy in Net-SNMP on the firewall to query the Checkpoint mib.
KMH |
Hello,
May you describe how you configured that proxy ? Thank you in advance.
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
