Difference between revisions of "Bering-uClibc 6.x - User Guide - Basic Configuration - Email Alerts"

From bering-uClibc
Jump to: navigation, search
 
(12 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
{| summary="Navigation header" width="100%"
 +
! colspan="3" align="center" | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Email Alerts|Basic Configuration - Email Alerts]]
 +
|-
 +
| width="20%" align="left"  | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Log Files|Prev]]
 +
! width="60%" align="center" | [[Bering-uClibc 6.x - User Guide]]
 +
| width="20%" align="right"  | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Setup a small timeserver|Next]]
 +
|}
 +
----
 +
 
==Note, work in progress...==
 
==Note, work in progress...==
 
These examples are not using the Bering-uClibc builtin email notification found in the master configuration file  
 
These examples are not using the Bering-uClibc builtin email notification found in the master configuration file  
Line 14: Line 23:
 
  ACCEPT          fw      net    tcp 465
 
  ACCEPT          fw      net    tcp 465
  
=== This email gets sent when the router IP address changes ===
+
=== This example will send an email when the router dynamic IP address changes ===
The script is saved as <code class="filename">/etc/cron.daily/mailIP</code> so it is executed daily at 06:42. It will check if the IP has changed.  
+
The script is saved as <code class="filename">/etc/cron.daily/mailIP</code> so it is executed daily at 06:42.
  
 +
You should also realize that this is a cheap way of getting your dynamic IP address, should it change,  without using a so called free dynamic DNS service. They are not always a reliable long term solution, remember DYNDNS...
  
  
*'''Using sendmail:'''  
+
 
 +
*'''Using <code class="filename">sendmail</code>:''' with simple authentication username & password
  
 
The code can be found in this forum, along with many other hints...
 
The code can be found in this forum, along with many other hints...
Line 29: Line 40:
 
   #!/bin/sh
 
   #!/bin/sh
 
   #
 
   #
   # transmet l'adresse ip quand il change...
+
   # transmit the IP address when it changes...
 
   #
 
   #
 
   #
 
   #
Line 38: Line 49:
 
   else
 
   else
 
   echo $IPNOW > /tmp/MyIP.log
 
   echo $IPNOW > /tmp/MyIP.log
   echo "Subject: l'adresse IP aujourd'hui: $IPNOW !!! " > /tmp/MyIP1.log
+
   echo "Subject: today IP address: $IPNOW !!! " > /tmp/MyIP1.log
 
   echo "From: root@firewall" >> /tmp/MyIP1.log
 
   echo "From: root@firewall" >> /tmp/MyIP1.log
 
   echo "Date:  `date -R`" >> /tmp/MyIP1.log
 
   echo "Date:  `date -R`" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
   echo "Salut mon petit JR..." >> /tmp/MyIP1.log
+
   echo "Hello my dear Creator" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
   echo "nouvel IP:  $IPNOW" >> /tmp/MyIP1.log
+
   echo "my IP is now:  $IPNOW" >> /tmp/MyIP1.log
   echo "Uptime est: `uptime | cut -d ',' -f1 | sed 's/^.\{12\}//g'`" >> /tmp/MyIP1.log
+
   echo "Uptime is: `uptime | cut -d ',' -f1 | sed 's/^.\{12\}//g'`" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
 
   echo "---- " >> /tmp/MyIP1.log
 
   echo "---- " >> /tmp/MyIP1.log
   echo "de la part de ton gentil Routeur !!!" >> /tmp/MyIP1.log
+
   echo "from your friendly Router  !!!" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
 
   echo "" >> /tmp/MyIP1.log
Line 55: Line 66:
  
  
 +
*'''Using <code class="filename">sendmail</code>:''' with SSL/TLS
  
 +
 +
'''1- first obtain a certificate:'''
 +
cd  (to /root)
 +
wget https://pki.google.com/roots.pem
 +
mv roots.pem google-roots.pem
 +
 +
Look here for references: https://www.snbforums.com/threads/notifications-e-mail.8190/page-10#post-400586
 +
 +
I had some issues with the Equifax Certificate using this: https://www.snbforums.com/threads/notifications-e-mail.8190/page-10#post-332399
 +
 +
 +
'''2- then replace the previous sendmail stanza with this one:'''
 +
 +
sendmail -H"exec openssl s_client -quiet -CAfile /root/google-roots.pem -connect smtp.videotron.ca:465 -tls1 -pause" </tmp/MyIP1.log -froot@firewall -auxxxxxxxx -apyyyyyyyy blablabla@gmail.com
  
  
*'''Using curl:''' replace the sendmail stanza with this one:
+
*'''Using <code class="filename">curl</code>:''' replace the sendmail stanza with this one:
  
 
   curl --url smtps://smtp.videotron.ca:465 --mail-from root@firewall --mail-rcpt blablabla@gmail.com    --upload-file /tmp/MyIP1.log --ssl-reqd --user xxxxxxxx:yyyyyyyy --insecure
 
   curl --url smtps://smtp.videotron.ca:465 --mail-from root@firewall --mail-rcpt blablabla@gmail.com    --upload-file /tmp/MyIP1.log --ssl-reqd --user xxxxxxxx:yyyyyyyy --insecure
Line 67: Line 93:
 
  cat /tmp/MyIP1.log | sendmail -H"exec openssl s_client -quiet -CAfile /root/google-roots.pem -connect smtp.gmail.com:587 -tls1 -starttls smtp" -fblablabla@gmail.com -aublablabla@gmail.com -apyourgmailpassw blablabla@gmail.com
 
  cat /tmp/MyIP1.log | sendmail -H"exec openssl s_client -quiet -CAfile /root/google-roots.pem -connect smtp.gmail.com:587 -tls1 -starttls smtp" -fblablabla@gmail.com -aublablabla@gmail.com -apyourgmailpassw blablabla@gmail.com
  
The certificate google-roots.pem comes from:
 
  
cd  (to /root)
 
wget https://pki.google.com/roots.pem
 
mv roots.pem google-roots.pem
 
Look here for references: https://www.snbforums.com/threads/notifications-e-mail.8190/page-10#post-400586
 
  
I had some issues with the Equifax Certificate using this: https://www.snbforums.com/threads/notifications-e-mail.8190/page-10#post-332399
+
*'''Periodic notifications'''
  
*'''usefull notification'''
 
  
You want to get an email every week, IP changes or not !!!
+
Maybe if you are like me, you would like your router to report regularly to you that it's alive and well, but without flooding your emails. Then have it send a weekly or monthly notification like so:
  
add this script to <code class="filename">/etc/cron.weekly/mailIP_week</code>
+
add this script as <code class="filename">/etc/cron.weekly/mailIP_week</code>
  
 
  firewall# cat mailIP_week
 
  firewall# cat mailIP_week
 
   #!/bin/sh
 
   #!/bin/sh
 
   #
 
   #
   # PURPOSE: e-Mail me my external IP toutes les semaines...
+
   # PURPOSE: e-Mail me my external IP every week...
   # si ca marche bien deplace dans cron.monthly
+
   #  
 
   #
 
   #
 
   echo "" > /tmp/MyIP.log
 
   echo "" > /tmp/MyIP.log
 
   #
 
   #
 
   #
 
   #
 +
 
you get the picture...
 
you get the picture...
 +
 +
 +
----
 +
{| summary="Navigation footer" width="100%"
 +
| width="40%" align="left"  | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Log Files|Prev]]
 +
| width="20%" align="center" | [[Bering-uClibc 6.x - User Guide - Basic Configuration|Up]]
 +
| width="40%" align="right"  | [[Bering-uClibc 6.x - User Guide - Basic Configuration - Setup a small timeserver|Next]]
 +
|}
 +
 +
[[Category:Bering-uClibc 6.x]]
 +
[[Category:User Guide]]

Latest revision as of 04:34, 17 July 2018

Basic Configuration - Email Alerts
Prev Bering-uClibc 6.x - User Guide Next

Note, work in progress...

These examples are not using the Bering-uClibc builtin email notification found in the master configuration file

[ lrcfg... 2) system configuration... 1) Master LRP settings... ]

Email notification example using your own ISP SMTP server or Google's:

If your ISP provides you with an email account, using their SMTP server to send notification emails is the simplest method since most will only require a simple authentication username & password. Some might use TLS/SSL in which case simply use curl otherwise you will need to get a certificate. In any case check your ISP SMTP server requirements. Last resort (joking...), if you have a Google account and certificate, you can use their SMTP server.

For the emails to get out you will have to add these rules to /etc/shorewall/rules

# pour les mails de Videotron....
SMTP(ACCEPT)    fw       net
ACCEPT          fw       net    tcp 587
ACCEPT          fw       net    tcp 465

This example will send an email when the router dynamic IP address changes

The script is saved as /etc/cron.daily/mailIP so it is executed daily at 06:42.

You should also realize that this is a cheap way of getting your dynamic IP address, should it change, without using a so called free dynamic DNS service. They are not always a reliable long term solution, remember DYNDNS...


  • Using sendmail: with simple authentication username & password

The code can be found in this forum, along with many other hints... https://www.snbforums.com/threads/notifications-e-mail.8190/page-8#post-267789


firewall# cat mailIP
  #!/bin/sh
  #
  # transmit the IP address when it changes...
  #
  #
  IPNOW=$(ip addr | grep 255.255. | sed -n 's/^ *inet *\([.0-9]*\).*/\1/p')
  if grep -q $IPNOW /tmp/MyIP.log
  then
  echo "No change"
  else
  echo $IPNOW > /tmp/MyIP.log
  echo "Subject: today IP address: $IPNOW !!! " > /tmp/MyIP1.log
  echo "From: root@firewall" >> /tmp/MyIP1.log
  echo "Date:  `date -R`" >> /tmp/MyIP1.log
  echo "" >> /tmp/MyIP1.log
  echo "Hello my dear Creator" >> /tmp/MyIP1.log
  echo "" >> /tmp/MyIP1.log
  echo "my IP is now:  $IPNOW" >> /tmp/MyIP1.log
  echo "Uptime is: `uptime | cut -d ',' -f1 | sed 's/^.\{12\}//g'`" >> /tmp/MyIP1.log
  echo "" >> /tmp/MyIP1.log
  echo "---- " >> /tmp/MyIP1.log
  echo "from your friendly Router  !!!" >> /tmp/MyIP1.log
  echo "" >> /tmp/MyIP1.log
  echo "" >> /tmp/MyIP1.log
  sendmail -S relais.videotron.ca:587 </tmp/MyIP1.log -froot@firewall -auxxxxxxxx -apyyyyyyyy blablabla@gmail.com
  fi


  • Using sendmail: with SSL/TLS


1- first obtain a certificate:

cd  (to /root)
wget https://pki.google.com/roots.pem
mv roots.pem google-roots.pem

Look here for references: https://www.snbforums.com/threads/notifications-e-mail.8190/page-10#post-400586

I had some issues with the Equifax Certificate using this: https://www.snbforums.com/threads/notifications-e-mail.8190/page-10#post-332399


2- then replace the previous sendmail stanza with this one:

sendmail -H"exec openssl s_client -quiet -CAfile /root/google-roots.pem -connect smtp.videotron.ca:465 -tls1 -pause" </tmp/MyIP1.log -froot@firewall -auxxxxxxxx -apyyyyyyyy blablabla@gmail.com


  • Using curl: replace the sendmail stanza with this one:
  curl --url smtps://smtp.videotron.ca:465 --mail-from root@firewall --mail-rcpt blablabla@gmail.com    --upload-file /tmp/MyIP1.log --ssl-reqd --user xxxxxxxx:yyyyyyyy --insecure


  • Using Google's SMTP: again replace the previous sendmail stanza with this one...
cat /tmp/MyIP1.log | sendmail -H"exec openssl s_client -quiet -CAfile /root/google-roots.pem -connect smtp.gmail.com:587 -tls1 -starttls smtp" -fblablabla@gmail.com -aublablabla@gmail.com -apyourgmailpassw blablabla@gmail.com


  • Periodic notifications


Maybe if you are like me, you would like your router to report regularly to you that it's alive and well, but without flooding your emails. Then have it send a weekly or monthly notification like so:

add this script as /etc/cron.weekly/mailIP_week

firewall# cat mailIP_week
 #!/bin/sh
 #
 # PURPOSE: e-Mail me my external IP every week...
 # 
 #
 echo "" > /tmp/MyIP.log
 #
 #

you get the picture...



Prev Up Next