Home > All, Linux > Automatically update iptables rules for Pingdom monitors.

Automatically update iptables rules for Pingdom monitors.

Pingdom is an awesome service that tracks the uptime, downtime, and performance of websites (you can see an example of the public stats of this server here). If you have a firewall running on your system, you need to whitelist Pingdom’s servers or else their monitors will fail. As their servers may change at any given time, it is better to automate this whitelisting by realistically and responsibly polling the RSS feed of their monitoring servers.

It’s been done before, but this is how I have chosen to do it.

First, a little php helper script to extract the Active IP addresses of the monitors. For this example, let’s save it as pingdom.com.php alongside our bash script which will be executed by cron.

preg_match_all(
    '/((\d+\.){3}\d+).*?Active/',
    file_get_contents('https://www.pingdom.com/rss/probe_servers.xml'),
    $ips
);

echo implode("\n", $ips[1]);

Then, our bash script which is called from cron:

for ip in $(/usr/bin/php pingdom.com.php); do
    $IPTABLES -A INPUT -s $ip -p icmp -j ACCEPT
done

Of course, this is just an example and you will need to modify the firewall rule(s) according to your needs.