Collector Type: Agent

Category: Application Monitors

Application Name: IPTables

Global Template Name: LINUX IPTables Template

Parameters

NameDefault ValueDescription
IPTables Chain NameINPUT, OUTPUT, FORWARDEnter coma(,) separated string of chain names of the iptables. Examples:INPUT,OUTPUT,FORWARD (To get chain names of iptables, run the command: iptables -nvL | grep Chain | awk '{ print $2 }').
NAT Table Min Count0Minimum number of rules for NAT table. If the IPTables-NatRules monitor is disabled, pass 0 for this argument.
Filter Table Min Count0Minimum number of rules for FILTER table. If the IPTables-FilterRules monitor is disabled, pass 0 for this argument.
Mangle Table Min Count0Minimum number of rules for MANGLE table. If the IPTables-MangleRules monitor is disabled, pass 0 for this argument.

Note: All field attributes are mandatory, use default values wherever applicable.

Collected Metrics

Metric NameDisplay NameDescription
iptables.loadedIPTables-LoadedChecks if rules have been specified for all chains except for Output and Forward. If no rules are specified then it throws an alert.
iptables.chain_bandwidthIPTables-ChainBandwidthCaptures traffic following through the IPTables which matches a given Chain.
iptables.nat_rulesIPTables-NatRulesChecks a given table for a specific number of rules. If the number of rules in that table is less than what is specified in the argument it throws an alert.
iptables.filter_rulesIPTables-FilterRulesChecks a given table for a specific number of rules. If the number of rules in that table is less than what is specified in the argument it throws an alert.
iptables.mangle_rulesIPTables-MangleRulesChecks a given table for a specific number of rules. If the number of rules in that table is less than what is specified in the argument it throws an alert.
iptables.syn_connectionsIPTables-SYNConnectionsProvides the number of activeSYNC connections.
iptables.tcp_connectionsIPTables-TCPConnectionsProvides the number of active TCP connections.
iptables.udp_connectionsIPTables-UDPConnectionsProvides the number of active UDP connections.
iptables.icmp_connectionsIPTables-ICMPConnectionsProvides the number of active ICMP connections.
iptables.close_connectionsIPTables-CLOSEConnectionsProvides the number of active CLOSE connections.
iptables.time_wait_connectionsIPTables-TIME_WAITConnectionsProvides the number of active TIME_WAIT connections.
iptables.established_connectionsIPTables-ESTABLISHEDConnectionsProvides the number of active established connections.
iptables.stateIPTables-StateChecks if the iptables file has been changed.