Collector Type: Agent
Category: Application Monitors
Application Name: IPTables
Global Template Name: LINUX IPTables Template
Parameters
| Name | Default Value | Description |
|---|---|---|
| IPTables Chain Name | INPUT, OUTPUT, FORWARD | Enter coma(,) separated string of chain names of the iptables. Examples:INPUT,OUTPUT,FORWARD (To get chain names of iptables, run the command: iptables -nvL | grep Chain | awk '{ print $2 }'). |
| NAT Table Min Count | 0 | Minimum number of rules for NAT table. If the IPTables-NatRules monitor is disabled, pass 0 for this argument. |
| Filter Table Min Count | 0 | Minimum number of rules for FILTER table. If the IPTables-FilterRules monitor is disabled, pass 0 for this argument. |
| Mangle Table Min Count | 0 | Minimum number of rules for MANGLE table. If the IPTables-MangleRules monitor is disabled, pass 0 for this argument. |
Note: All field attributes are mandatory, use default values wherever applicable.
Collected Metrics
| Metric Name | Display Name | Description |
|---|---|---|
| iptables.loaded | IPTables-Loaded | Checks if rules have been specified for all chains except for Output and Forward. If no rules are specified then it throws an alert. |
| iptables.chain_bandwidth | IPTables-ChainBandwidth | Captures traffic following through the IPTables which matches a given Chain. |
| iptables.nat_rules | IPTables-NatRules | Checks a given table for a specific number of rules. If the number of rules in that table is less than what is specified in the argument it throws an alert. |
| iptables.filter_rules | IPTables-FilterRules | Checks a given table for a specific number of rules. If the number of rules in that table is less than what is specified in the argument it throws an alert. |
| iptables.mangle_rules | IPTables-MangleRules | Checks a given table for a specific number of rules. If the number of rules in that table is less than what is specified in the argument it throws an alert. |
| iptables.syn_connections | IPTables-SYNConnections | Provides the number of activeSYNC connections. |
| iptables.tcp_connections | IPTables-TCPConnections | Provides the number of active TCP connections. |
| iptables.udp_connections | IPTables-UDPConnections | Provides the number of active UDP connections. |
| iptables.icmp_connections | IPTables-ICMPConnections | Provides the number of active ICMP connections. |
| iptables.close_connections | IPTables-CLOSEConnections | Provides the number of active CLOSE connections. |
| iptables.time_wait_connections | IPTables-TIME_WAITConnections | Provides the number of active TIME_WAIT connections. |
| iptables.established_connections | IPTables-ESTABLISHEDConnections | Provides the number of active established connections. |
| iptables.state | IPTables-State | Checks if the iptables file has been changed. |