Code: Select all
https://www.pingdom DOT com/rss/probe_servers.xmlCode: Select all
###############################################
# pingdom.com servers
# updated Fri, 02 Mar 2012 23:40:02 +0100
###############################################
46.165.195.139
69.59.28.19
178.255.154.2
178.255.153.2
178.255.155.2
178.255.152.2
64.141.100.136
212.84.74.156
173.204.85.217
50.23.94.74
46.20.45.18
199.87.228.66
76.72.167.90
94.247.174.83
69.64.56.47
176.31.228.137
184.75.210.186
108.62.115.226
94.46.4.1
173.248.147.18
72.46.130.42
74.53.193.66
74.52.50.50
83.170.113.102
95.211.87.85
207.218.231.170
207.97.207.200
67.192.120.134
78.136.27.223
204.152.200.42
85.25.176.167
174.34.162.242
94.46.240.121
208.43.68.59
67.228.213.178
64.237.55.3
82.103.128.63
174.34.156.130
70.32.40.2
67.205.112.79
96.31.66.245
##############################################
# pingdom servers
##############################################
...We’re big into monitoring for servers, networks, services and reporting, and we use Pingdom for a number of uptime and response monitoring services.
Pingdom have a number of servers around the world which perform their monitoring. As we like to be as secure as possible, we usually implement a firewall on our Linux servers, and this means that the firewall rules must be updated when Pingdom (or any other service) brings a new monitoring server online.
We don’t like doing things manually, so we implemented a set of simple scripts to backup, generate and automatically update our firewall rules based on Pingdom’s RSS feed of their monitoring servers. Hopefully these will help you, too.
We have a script which runs daily under cron, called update_pingdom_servers :
So.. 40 time I try to write/paste this answers..As you can see from the last line, we then execute pingdom_smtp_rules which was generated from pingdom_ips and has the list of iptables commands to update the firewall in the ufw-user-input chain. If there is every a problem we keep 7 days of firewall rule backups in /root so that previous versions of the rules can easily be restored.Code: Select all
#!/bin/bash # Update the pingdom firewall rules based on their feed /usr/bin/wget [b]DAMN-AND-STUPID-ANTISPAM-"FEATURE"[/b] probe_servers.xml -O /root/probe_servers.xml -o /dev/null /bin/cat /root/probe_servers.xml | grep IP | sed -e 's/.*IP: //g' | sed -e 's/; Host.*//g' | grep -v IP > /root/pingdom_ips /bin/rm /root/pingdom_smtp_rules for ip in `cat /root/pingdom_ips` do /bin/echo "iptables -D ufw-user-input -s $ip -p tcp --dport 25 -j ACCEPT" >> /root/pingdom_smtp_rules [i]#< [b]DAMN-AND-STUPID-ANTISPAM-"FEATURE"[/b][/i] /bin/echo "iptables -A ufw-user-input -s $ip -p tcp --dport 25 -j ACCEPT" >> /root/pingdom_smtp_rules [i]#< [b]DAMN-AND-STUPID-ANTISPAM-"FEATURE"[/b][/i] done TODAY=`date +%a%d%b%Y` iptables-save > /root/firewall.rules.$TODAY find /root -type f -mtime +7 -name firewall.rules.\* -print | xargs rm -f sh /root/pingdom_smtp_rules
(But don't say "Minimum is x")There is a minimum forum post count before URL's can be posted. This is to prevent spamming. Please do not try and subvert this as it will simply mean that your posts will be deleted.