.TH HQDAEMON 8 "August 2007" "OpenFWTK" .SH NAME hqdaemon \- simple host health status monitor .SH SYNOPSIS .B hqdaemon .RB "[-daemon ] " .RB "[-fastdaemon ] [-as ]" .sp .SH DESCRIPTION .IX "hqdaemon" "" "\(em simple host health status monitor" .I hqdaemon provides filesystem usage and host load average data for .I hqmon and similar tools and may be used with any enterprise monitoring system which allows custom sensors communication (like Nagios or else). It is designed to be used in environments where running SNMP agent on the firewall is not allowed. .PP The hqdaemon sensor .RB "(" hqdaemon ")" generally runs as a daemon (invoked from system startup script, p.e. .IR "/etc/rc.local" ) and listens for requests on the specified port. Whenever the system receives an connection request on this port, .IR hqdaemon checks its configuration information (in the .IR "netperm-table" ) and determines whether the initiating host has permission to request the status data. If the host does not have permission, .IR hqdaemon logs the connection attempt and displays an error message. .PP The sensor may also be invoked from tcp/ip "superserver" (inetd or xinetd). .IR "-daemon" parameter should be omitted in this case. .PP If the host has permission, the sensor provides the information via client tcp connection. .PP .SH OPTIONS .SS Command Line Options The sensor recognizes the following command line options (whether started from the command line or from within .IR /etc/rc.local ): .TP .BI "-daemon " port Indicates that .IR hqdaemon runs as a daemon, and the port (name or number) on which it listens. When .IR "-daemon" option is used, configuration is being read from .IR netperm-table for every new connection accepted by sensor. .IP .I port Specifies either a numeric id or symbolic name from the .I /etc/services file. .TP .BI "-fastdaemon " port Indicates that .IR hqdaemon runs as a daemon, and the port (name or number) on which the sensor listens. When .IR "-fastdaemon" option is used, configuration is being read from .IR netperm-table once the daemon starts or if .IR SIGHUP is received. .TP .BI "-as " tag Changes default application tag for .IR netperm-table from "hqdaemon" to any given string. .SS Configuration Options The sensor reads configuration rules from the .IR "/usr/local/etc/netperm-table" . It reads all rules using the .B hqdaemon and .B * (wildcard) keywords. The sensor reads the .I netperm-table from top to bottom. If there are multiple rules in the table that could apply for a particular attribute, the sensor uses the first one that it finds. See .BR "netperm-table" (5) for a more complete explanation of .I netperm-table syntax and precedence. .PP The sensor recognizes the following attributes: .TP .BI "load " "warn crit" Specifies load average warning and critical thresholds. .RS .TP .I warn Specifies decimal load average value treated as warning condition. .TP .I crit Specifies decimal load average value treated as critical condition. .RE .TP .BI "disk " "mountpoint warn crit" Specifies disk filesystem warning and critical thresholds. .RS .TP .I mountpoint File system mount point (absolute unix path) .TP .I warn Specifies filesystem usage percent value treated as warning condition. .TP .I crit Specifies filesystem usage percent value treated as critical condition. .RE .TP .B hosts host-pattern [host-pattern2...] rules specify host and access permissions. Typically, a hosts rule will be in the form of: .na .sp 1 hqdaemon: deny-hosts unknown .sp hqdaemon: hosts 10.0.0.3 .ad .sp 1 There may be several host patterns following the "hosts" keyword. .TP .BI "groupid " group Specifies the name of the group the sensor uses when running. .RS .TP .I group Specifies either a name or numeric id from the .I /etc/group file. .RE .TP .BI "userid " user Specifies the user ID the sensor uses when running. .RS .TP .I user Specifies either a name or numeric id from the .I /etc/passwd file. .RE .SH FILES .IP /etc/rc.local Command script that controls automatic reboot, and includes startup information for the sensor. .IP /usr/local/etc/netperm-table The network permissions file contains configuration information for the Firewall Toolkit, including hqdaemon. .SH BUGS Report bugs to arkenoi@gmail.com or fwtk-users@buoy.com mailing list. Include a complete example, explaining what you expected to happen and what actually happened. Be sure to indicate the type of system (operating system, hardware, etc.) you are using, as well as the version of hqdaemon. .SH AUTHOR Alexander Snarskii. .SH SEE ALSO .BR netperm-table "(5), " rc "(8), "authsrv "(8), "netacl "(8)"