To make sure that your IP is listed on any RBL you can implement a daily check in icinga2.
The check can be implement with the check_rbl script:
https://trac.id.ethz.ch/projects/nagios_plugins/wiki/check_rbl
The script has a few perl module dependencies. To install them on a debian system execute:
apt-get install libreadonly-xs-perl libnagios-plugin-perl libdata-validate-ip-perl libdata-validate-domain-perl
Then download the script and make it executable:
curl -o /usr/local/bin/check_rbl https://svn.id.ethz.ch/nagios_plugins/check_rbl/check_rbl
chmod 755 /usr/local/bin/check_rbl
Also download a copy of the configuration file:
curl -o /etc/check_rbl.ini https://svn.id.ethz.ch/nagios_plugins/check_rbl/check_rbl.ini
Edit the configuration file and add/remove RBLs as needed. When writting this, the list still included the retired AHBL blacklist. To disable it comment the following line:
; server=dnsbl.ahbl.org
Now its time to start a test run:
check_rbl -t 60 --extra-opts=rbl@/etc/check_rbl.ini -H markusbenning.de -v
The script will display all checked RBLs and exit with a Nagios status line:
CHECK_RBL OK - markusbenning.de BLACKLISTED on 0 servers of 38 | servers=0;0;0 time=10s;;
Now add the command/service definitions to your icinga2 configuration and apply the rbl_address to your hosts definition.
Create /etc/icinga2/conf.d/check_rbl.conf with the following content:
object CheckCommand "rbl" {
import "plugin-check-command"
command = [ "/usr/local/bin/check_rbl" ]
arguments = {
"-t" = "$rbl_timeout$"
"--extra-opts" = "rbl@$rbl_config$"
"-H" = "$rbl_address$"
}
vars.rbl_address = "$address$"
vars.rbl_timeout = "60"
vars.rbl_config = "/etc/check_rbl.ini"
}
Add the following service description to your /etc/icinga2/conf.d/services.conf:
apply Service "rbl" {
import "generic-service"
check_command = "rbl"
assign where host.vars.rbl_address
}
And a rbl_address variable to all hosts you want to check:
vars.rbl_address = "78.47.220.83"
Restart the icinga2 service and see the results in icinga-web.