2022年8月25日 星期四

Zabbix + iPerf整合

  • 安裝好Zabbix agent,並可連線到Zabbix server且運作正常
  • 分別在Zabbix agent及Zabbix server所在的機器上安裝好iPerf3,並設定開機啟動
  • download zabbix-speedtest-lan程式

https://gitlab.mirhosting.com/root/zabbix-iperf 

  • On Zabbix agent, copy the speedtest-lan.sh to /etc/zabbix/script and make executable: chmod +x /etc/zabbix/script/speedtest-lan.sh
  • On Zabbix agent, modify the speedtest-lan.sh
  • On Zabbix agent, copy the speedtest-lan.cron to /etc/cron.d
  • On Zabbix agent, cp speedtest-lan.conf /etc/zabbix/zabbix_agentd.conf.d/
  • On Zabbix agent, restart zabbix-agent: systemctl restart zabbix-agent
  • Import template _speedtest-lan.xml on Zabbix server
  • On Zabbix server, add Zabbix agent to Zabbix server並開始監控

2022年8月7日 星期日

建立自行簽署的SSL憑證,Nginx設定HTTPS + 設定Palo Alto Firewall SSL Inbound Inspection + Enable Anti-Virus/Anti-Spyware

1. 建立自行簽署的SSL憑證,Nginx設定HTTPS

sudo mkdir /etc/nginx/ssl

sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt


sudo vi /etc/nginx/sites-available/default











sudo service nginx restart

2. 設定Palo Alto Firewall SSL Inbound Inspection

sudo mkdir /etc/nginx/ssl/output

openssl pkcs12 -in nginx.crt -inkey nginx.key -export -out output/nginx.pfx -password pass:xxxxxxxx

cd output

openssl pkcs12 -in nginx.pfx -nokeys -password "pass:xxxxxxxx" -out - 2>/dev/null | openssl x509 -out server.crt

openssl pkcs12 -in nginx.pfx -nocerts -password "pass:xxxxxxxx" -out server.key




























3. Enable Anti-Virus/Anti-Spyware