Monitor the RAID Status Avago LSI Logic SAS3008 Fusion-MPT SAS-3 with Linux

Hi

Need to monitor the RAID Status of your Avago LSI Logic / Symbios Logic SAS3008 PCI-Express Fusion-MPT SAS-3 under Linux with perl?

Yes Avago has a crappy website. When you search the website for SAS3008 you only find some pdf. But not the utility to query your raid controller. Crappy website or intentionally. Who knows :-)

Below is a script which send’s a simple mail if something goes bad to your RAID. Just put it in your crontab. Might someone want’s to adopt it. Might use with Nagios/Icinga. Actually I’ve not the case to do this. Might later…

#!/usr/bin/perl

use warnings;
use MIME::Lite;

$emailFrom = 'root@server.domain.tld';
$emailTo = 'hostmaster@yourdomain.tpl';
$smartHost = 'smarthost.mail.local';
$hostName = 'server.domain.tld';
$pathSas3ircu = '/root/bin/SAS3IRCU_P12/sas3ircu_linux_x64_rel/sas3ircu';

if (check_status() == 1) {
  $body = join("", get_info("0","STATUS"));
  send_email($emailTo,$body);
}

sub check_status {
  $error = 0;

  foreach $line (get_info("0","DISPLAY")) {
    if ($line =~ /Status of volume/) {
      if ($line !~/Okay/) {
        $error = 1;
      }
    }
    if ($line =~ /State/) {
      if ($line !~ /Optimal/ ) {
        $error = 1;
      }
    }
  }
  return $error;
}

sub get_info {
  $arg1 = shift;
  $arg2 = shift;

  $cmd = "$pathSas3ircu $arg1 $arg2";
  @output = `$cmd`;
  return @output;
}

sub send_email {
  $arg1 = shift;
  $arg2 = shift;
  
  $subject = "Warning RAID inconsitent $hostName";

  $msg = MIME::Lite->new(
    From     => $emailFrom,
    To       => $arg1,
    Subject  => $subject,
    Data     => $arg2
  );

  $msg->send('smtp',$smartHost,Debug=>0);
}

Here a download link of the tool:
http://docs.avagotech.com/docs/SAS3IRCU_P12.zip

Here a link of an different controller where you find the download link:
http://www.avagotech.com/products/server-storage/host-bus-adapters/sas-9305-16e#downloads

EDIT 16.05.2018:
TomD kindly provided a simple nagios script:

#!/bin/bash

status=$(sas3ircu 0 STATUS | grep -o 'Optimal')
status1=$(sas3ircu 0 DISPLAY | grep -o 'OKY')

if [ "$status" =  "Optimal" ]
        then 
        if [ "$status1" =  "OKY" ]
                then 
                echo OK raid is good
                exit 0
fi
else
        echo Warn raid failed
        exit 1
fi

echo Critical raid failed
exit 3

Have Fun!

pxe live antivirus

hi

need some live antivirus boot from pxe?
here another one of my howto’s to boot avg live cd from pxe

wget http://download.avg.com/filedir/inst/avg_arl_cdi_all_120_150814a10442.iso
mount -o loop avg_arl_cdi_all_120_150814a10442.iso /mnt
 cp -rv /mnt/* /var/lib/tftpboot/avg/
vim /var/lib/tftpboot/pxelinux.cfg/avg.menu
LABEL 1
 MENU LABEL AVG Antivirus Live
 KERNEL avg/isolinux/vmlinuz
 APPEND max_loop=255 vga=791 initrd=avg/isolinux/initrd.lzm init=linuxrc reboot=bios
 TEXT HELP
 AVG Antivirus Live
 ENDTEXT
vim /var/lib/tftpboot/pxelinux.cfg/default
...
MENU BEGIN AVG-Antivirus
 MENU TITLE AVG-Antivirus
 LABEL Previous
 MENU LABEL Previous Menu
 TEXT HELP
 Return to previous menu
 ENDTEXT
 MENU EXIT
 MENU SEPARATOR
 MENU INCLUDE pxelinux.cfg/avg.menu
 MENU END
...

happy virus removal!

l2tp ipsec linux client bash script

hi

here is my simple approach of a vpn client via bash
The main script i found https://wiki.archlinux.org/index.php/L2TP/IPsec_VPN_client_setup
I’ve adopted it to my needs.

First we configure strongswan:

/etc/ipsec.conf
conn yourcompany
    keyexchange=ikev1
    authby=secret
    type=transport
    left=%defaultroute
    leftprotoport=17/1701
    right=2.2.2.2
    rightprotoport=17/1701
    auto=add
/etc/ipsec.secrets
2.2.2.2 : PSK "yourpsk"

Now we configure xl2tpd

/etc/xl2tpd/xl2tpd.conf
[lac vpn-connection]
lns = 2.2.2.2
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd.client
length bit = yes
/etc/ppp/options.l2tpd.client
ipcp-accept-local
ipcp-accept-remote
refuse-eap
require-mschap-v2
noccp
noauth
idle 1800
mtu 1410
mru 1410
defaultroute
debug
lock
connect-delay 5000
name yourusername
password yourpassword

Here is my bash script

#!/bin/bash
if [ $# != 1 ] ; then
    echo "Usage: (sudo) sh $0 {start|stop}" 
    exit 1;
fi

VPN_ADDR=2.2.2.2

function getIP(){
    /sbin/ifconfig $1 | grep "inet "| awk '{print $2}'
}

function getGateWay(){
    /sbin/route -n | grep -m 1 "^0\.0\.0\.0" | awk '{print $2}'
}

function getVPNGateWay(){
    /sbin/route -n | grep -m 1 "$VPN_ADDR" | awk '{print $2}'
}

function saveInterface() {
    echo $(/sbin/route -n | grep -m 1 "^0\.0\.0\.0" | awk '{print $8}') > /tmp/interface.txt
}

function getInterface(){
    cat /tmp/interface.txt
}

GW_ADDR=$(getGateWay)  

function start(){
    saveInterface
    ipsec up youconnectioname
    sleep 2    #delay to ensure that IPsec is started before overlaying L2TP

    systemctl start xl2tpd
    sleep 2
    /bin/echo "c vpn-connection" > /var/run/xl2tpd/l2tp-control     
    sleep 2    #delay again to make that the PPP connection is up.

    route add $VPN_ADDR gw $GW_ADDR $(getInterface)
    route add default gw $(getIP ppp0)
    route delete default gw $GW_ADDR
}

function stop(){
    ipsec down yourconnectioname
    /bin/echo "d vpn-connection" > /var/run/xl2tpd/l2tp-control
    systemctl stop xl2tpd
    
    VPN_GW=$(getVPNGateWay)
    route delete $VPN_ADDR gw $VPN_GW $(getInterface)
    route add default gw $VPN_GW
}
$1
exit 0

sstp client linux howto

Hi  There

Here some nice howto to get SSTP client for Linux to run:

1)Download deb or rpm or compile yourself:

http://sstp-client.sourceforge.net/

2)Install deb or rpm or binary
(in my case install deb for ubuntu)

dpkg -i libsstp-client0_1.0.9_amd64.deb
dpkg -i sstp-client_1.0.9_amd64.deb

3)Configure ppp manager
sudo su
3.1) you may want your targets reachable over your sstp tunnel, therefore we need to setup some routes

vim /etc/ppp/ip-up.d/route
#!/bin/bash
NET="1.1.1.1/24 x.x.x.x/24"
GW="192.168.x.5"

if (ip addr show | grep -q $GW) then
        for PREF in $NET
        do
                route add -net $PREF gw $GW
        done
fi
chmod 755 /etc/ppp/ip-up.d/route

3.2) we need to store your credentials in chap-secrets file

vim /etc/ppp/chap-secrets
bla-user.name   *       passwordtopsecret

3.3)we need to add a ppp peer

vim /etc/ppp/peers/youpeername
#
# Put this file in /etc/ppp/peers/sstp-test, the name should be the same as 
#   for remotename, linkname, and ipparam. Update the url for the server as a part
#   of the pty statement, and finally update your username.
#
# Make sure your user 'kendo' have an appropriate entry in /etc/ppp/chap-secrets.
# Example:
#  #client              server  secret                  IP addresses
#  kendo                *       xxxxxxx                 *
#  'DOMAIN\\kendo'      *       xxxxxxx
#
# Connect to sstp-test peer:
#   sudo pon sstp-test
#
remotename      fqdn-of-your-vpn-peer
linkname        fqdn-of-your-vpn-peer
ipparam         fqdn-of-your-vpn-peer
pty             "sstpc --save-server-route --cert-warn --ipparam fqdn-of-your-vpn-peer --log-level 0 --nolaunchpppd fqdn-of-your-vpn-peer"
name            bla-user.name
plugin          sstp-pppd-plugin.so
sstp-sock       /var/run/sstpc/sstpc-fqdn-of-your-vpn-peer
usepeerdns
#require-mppe
require-mschap-v2
noauth
lock
refuse-pap
refuse-eap
refuse-chap
refuse-mschap
nobsdcomp
nodeflate
persist

# Uncomment this if you want additional debug in your /var/log/messages
# debug

4)fire it up

pon youpeername

Have fun!