LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 10-28-2006, 05:11 PM   #1
Danteleo
LQ Newbie
 
Registered: Oct 2006
Posts: 28

Rep: Reputation: 16
Pinging servers thru firewall


Here is my current challenge.

I have a script that with the help of crontab sends a ping to an ip address. If the ip address is successfully pinged then there is no responce from the script. If the ping fails then my cell is text that the server is down. All of that works as desined.

Here is the fun part.

I had 3 servers that need to have this script pinging them from another server outside the LAN. The servers are behind a firewall which has the ICMP Ping port forwarded to each of the three servers (Problem).

With the script that I'm running I can only put in one IP address (external static IP address)and the firewall can port forward the ICMP Ping port to each of the internal ip addresses (Problem).

I need to know how I can either edit my script to be able to ping the ip address of each of my servers from the external server. Or, configure my Sonic Firewall to allow ICMP pinging to pass thru other specified ports.

Also, I have made an identical script for pinging each server and match crontab jobs. Below is my script I hope this all make sence and someone can help.

THX

Script

# xxx.xxx.xxx.xxx = public IP Address
HOSTS="xxx.xxx.xxx.xxx"

# no ping request
COUNT=1

# email report when
SUBJECT="Ping failed"
EMAILID="myphone#@isp.com"
for myHost in $HOSTS
do
count=$(ping -c $COUNT $myHost | grep 'received' | awk -F',' '{ print $2 }' | awk '{ print $1 }')
if [ $count -eq 0 ]; then
# 100% failed
echo "Host : $hosts is down (ping failed) at $(date)" | mail -s "$SUBJECT" $EMAILID
fi
done
 
Old 10-28-2006, 05:25 PM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,414

Rep: Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967Reputation: 1967
ping does not use ports, that's UDP and TCP within the TCP/IP model. you can't port forward somethign that doesn't know about ports. what i'd probably suggest is not using pings at all, if you do a port forward on your external device to a known service on each internal box, then use a tool like netcat or nmap to try to open that port. if, for example, you have an ssh server on each host, port forward each from say, port 2201 2202 and 2203, then run nmap against those port numbers "nmap host.com -p2201,2202,2203" that will show if each port is successfully port forwarding and therefore the internal box (AND the service) is running. alternatively, try netcat. run "nc host.com 2201 -w1" this will actaully connect to that port and show you the id string it recieves, so sticking with the ssh example, that would return something like "SSH-1.99-OpenSSH_3.9p1" showing that the remote service is OpenSSH etc... obviously exposing SSH to the internet is a generally dumb idea, but that's just an example.

also you could just run a web server on each box, and pull down a basic index.html page via curl...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
script for pinging servers steste Linux - Networking 12 11-16-2004 10:38 AM
pinging delos Linux - Networking 6 07-02-2004 10:14 AM
Pinging?? Sherpa Linux - General 3 05-13-2004 08:23 AM
pinging via proxy metallica_tony Linux - Networking 2 03-06-2004 11:21 AM
Microsoft ISA Firewall Returns Port Scan Warnings From Linux BIND DNS Servers. ramram29 Linux - Security 4 01-26-2004 11:09 PM


All times are GMT -5. The time now is 01:59 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration