Monitoring DNS BIND with Zabbix

Shockingly enough out of the box Zabbix (version 6) does not include any template to monitor a very crucial compontent every organization: DNS. Like most open source aficionado my DNS of choice is BIND named. Luckily Zabbix has a pretty huge community and plenty of templates for it are freely available, a quick search on the interwebz lead me to this page. Kudos to whoever wrote this template, I just took it and tweaked it a little bit. …

Posted on

CentOS, DNSCrypt and pdnsd

DNSCrypt installation process is pretty simple since it is present in the repository, pdnsd on the other hand is missing, luckily compiling from source is not that hard. For the sake of completeness I will also cover the procedure to install DNSCrypt from source, alternatively yum install dnscrypt-proxy. Install the required dependencies and get the source code: [root@CentOS ~]# yum install gcc libsodium-devel libtool-ltdl-dev git wget [root@CentOS ~]# git clone https://github.com/jedisct1/dnscrypt-proxy.git [root@CentOS ~]# wget http://members.home.nl/p.a.rombouts/pdnsd/releases/pdnsd-1.2.9a-par.tar.gz pdnsd Compile and install: …

Posted on

CentOS as router, transparent proxy, and much more

As usual, long story short: I’ve to setup a firewall to log traffic, block some stuff and do some other things. – epel repo is required – The system is made of a single CentOS machine with 2 physical network adapters: eth0, connected to WAN, static IP address 192.168.0.3 eth1, connected to LAN, static IP address 10.0.0.1/24 .:. Network adapters configuration WAN network adapter: [root@CentOS ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE="eth0" BOOTPROTO="none" HWADDR="**:**:**:**:**:**" IPADDR=192.168.0.3 NETMASK=255.255.255.0 GATEWAY=192.168.0.1 DNS=192.168.0.1 IPV6INIT="yes" IPV6_AUTOCONF="yes" NM_CONTROLLED="yes" ONBOOT="yes" TYPE="Ethernet" UUID="***" LAN network adapter: …

Posted on