Theodore Baschak

BOFH. Open Source Guru. Founder/Operator of Hextet Systems, AS395089 and Network Architect for Daemon Defense Systems, AS55101.

Monitoring Onions

Sun, 29 Nov 2015 02:17:21 -0600 » Nerd Projects, System Administration, Networking, CLI, Network Monitoring, Programming, Troubleshooting, Privacy

One of the first questions I had when Facebook launched their onion was “I wonder how stable it is?”. Tonight with some help from torsocks I am now monitoring availability of several onions, and trending all Nagios perfdata outputs from check_http, check_ssh, and check_tcp.

I’ve written a set of instructions and sample configurations for monitoring Tor hidden services (onions) using Nagios and put them in a public Github repository. check_commands for everything you need to monitor http, ssh, and other more generic tcp services on your onions is in the repo.

The process I went through to get working monitoring of onions was fairly simple, initially I was going to use proxychains, however torsocks turned out to be simpler. Basically I ran torsocks check_http -H onion; echo $? to check that torsocks passed the exit codes through, confirmed that it did, and then wrote out a set of check_commands and put them in my nagios configuration by simply copying the regular check and prepending it with /usr/bin/torsocks.

The load performance of Facebook’s https onion site after about an hour.

© Theodore Baschak - https://github.com/tbaschak - Powered by Jekyll.
Powered by Les.net.
CiscoDude.net is a personal website. Opinions expressed are not necessarily those of his employer.