From 959ba2bd03ec11baacaa5af4f4113585fb8d595f Mon Sep 17 00:00:00 2001 From: Stefan Huber Date: Thu, 7 Nov 2013 00:45:07 +0100 Subject: [PATCH] nagios: add check_rdns --- nagios/plugins/check_rdns | 141 +++++++++++++++++++++++++++++++++ nagios/plugins/utils.sh | 108 +++++++++++++++++++++++++ nagios/plugins/utils.sh.README | 1 + 3 files changed, 250 insertions(+) create mode 100755 nagios/plugins/check_rdns create mode 100755 nagios/plugins/utils.sh create mode 100644 nagios/plugins/utils.sh.README diff --git a/nagios/plugins/check_rdns b/nagios/plugins/check_rdns new file mode 100755 index 0000000..5310cb5 --- /dev/null +++ b/nagios/plugins/check_rdns @@ -0,0 +1,141 @@ +#!/bin/sh + +# Copyright (c) 2013 Stefan Huber +# +# Permission is hereby granted, free of charge, to any person +# obtaining a copy of this software and associated documentation +# files (the "Software"), to deal in the Software without +# restriction, including without limitation the rights to use, +# copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following +# conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES +# OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT +# HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +. $(dirname $0)/utils.sh + + +PROGNAME=$(basename $0) +REVISION="0.1" + +usage() { + + cat < + +Usage: $PROGNAME -H ip-address [OPTIONS] + +Arguments: + -H, --address IP-address The ip-addres on which reverse-DNS is performed. + +Options: + -h, --help Print this text. + -a, --expect=HOST The expected result. + -s, --server=HOST The DNS server to contact. + -t, --timeout=SEC Seconds before lookup times out. (Default: 10) + -w, --warning=MSEC Return warning if lookup time exceeds value. + -c, --critical=MSEC Return critical if lookup time exceeds value. + -V, --version Print version info. +EOF +} + + +TEMP=`getopt -o "H:a:c:hs:t:w:V" --long "help,address:,expect:,critical:,server:,timeout:,warning:,version" -n "$0" -- "$@"` +eval set - "$TEMP" + +ADDRESS= +EXPECT= +SERVER= +TIMEOUT=10 +WARNING= +CRITICAL= + +while true; do + case "$1" in + -h | --help ) + usage + exit $STATE_OK ;; + -V | --version ) + echo "$PROGNAME v$REVISION" + exit $STATE_OK ;; + -H | --address ) + ADDRESS="$2"; shift 2 ;; + -a | --expect ) + EXPECT="$2"; shift 2 ;; + -s | --server ) + SERVER="$2"; shift 2 ;; + -t | --timeout ) + TIMEOUT="$2"; shift 2 ;; + -w | --warning ) + WARNING="$2"; shift 2 ;; + -c | --critical ) + CRITICAL="$2"; shift 2 ;; + -- | *) + break ;; + esac +done + +if [ -z "$ADDRESS" ]; then + echo "Error: No address given." + usage + exit $STATE_CRITICAL +fi + +DIGOPTS="+time=$TIMEOUT +noquestion +noauthority -t PTR" +[ -z "$SERVER" ] || DIGOPTS="@$SERVER $DIGOPTS" + +RESULT=$(dig $DIGOPTS -x "$ADDRESS"): +DIGSTATUS=$? + +if [ $DIGSTATUS != "0" ]; then + echo "DNS failed: dig exit code $DIGSTATUS |" + exit $STATUS_CRITICAL +fi + +# Get the actual result +HOST=$(echo "$RESULT" | grep -m 1 -o "[[:space:]]IN[[:space:]]*PTR[[:space:]].*\.$" | awk '{ print $3 }' ) +if [ -z "$HOST" ]; then + echo "DNS failed: reverse DNS gave no answer. |" + exit $STATUS_CRITICAL +fi + + +# Get the query time in msec +QUERYTIME=$(echo "$RESULT" | grep -m 1 "Query time:" | cut -d ":" -f 2 | awk '{ print $1 }') + + +MATCHED= +if [ -n "$EXPECT" ]; then + if [ "$EXPECT" != "$HOST" ]; then + echo "DNS critical - query result \"$HOST\" != \"$EXPECT\", query time: $QUERYTIME msec |" + exit $STATUS_CRITICAL + else + MATCHED=" (match ok)" + fi +fi + +if [ -n "$CRITICAL" ] && [ "$QUERYTIME" -gt "$CRITICAL" ]; then + echo "DNS critical - query time $QUERYTIME msec too large ($CRITICAL msec), query result: \"$HOST\"$MATCHED |" + exit $STATUS_CRITICAL +fi + +if [ -n "$WARNING" ] && [ "$QUERYTIME" -gt "$WARNING" ]; then + echo "DNS warning - query time $QUERYTIME msec too large ($WARNING msec), query result: \"$HOST\"$MATCHED |" + exit $STATUS_WARNING +fi + +echo "DNS ok - query time $QUERYTIME msec, query result: \"$HOST\"$MATCHED |" +exit $STATUS_OK + diff --git a/nagios/plugins/utils.sh b/nagios/plugins/utils.sh new file mode 100755 index 0000000..077bd67 --- /dev/null +++ b/nagios/plugins/utils.sh @@ -0,0 +1,108 @@ +#! /bin/sh + +STATE_OK=0 +STATE_WARNING=1 +STATE_CRITICAL=2 +STATE_UNKNOWN=3 +STATE_DEPENDENT=4 + +if test -x /usr/bin/printf; then + ECHO=/usr/bin/printf +else + ECHO=echo +fi + +print_revision() { + echo "$1 v$2 (nagios-plugins 1.4.16)" + $ECHO "The nagios plugins come with ABSOLUTELY NO WARRANTY. You may redistribute\ncopies of the plugins under the terms of the GNU General Public License.\nFor more information about these matters, see the file named COPYING.\n" | sed -e 's/\n/ /g' +} + +support() { + $ECHO "Send email to nagios-users@lists.sourceforge.net if you have questions\nregarding use of this software. To submit patches or suggest improvements,\nsend email to nagiosplug-devel@lists.sourceforge.net.\nPlease include version information with all correspondence (when possible,\nuse output from the --version option of the plugin itself).\n" | sed -e 's/\n/ /g' +} + +# +# check_range takes a value and a range string, returning successfully if an +# alert should be raised based on the range. +# +check_range() { + local v range yes no err decimal start end cmp match + v="$1" + range="$2" + + # whether to raise an alert or not + yes=0 + no=1 + err=2 + + # regex to match a decimal number + decimal="-?([0-9]+\.?[0-9]*|[0-9]*\.[0-9]+)" + + # compare numbers (including decimals), returning true/false + cmp() { awk "BEGIN{ if ($1) exit(0); exit(1)}"; } + + # returns successfully if the string in the first argument matches the + # regex in the second + match() { echo "$1" | grep -E -q -- "$2"; } + + # make sure value is valid + if ! match "$v" "^$decimal$"; then + echo "${0##*/}: check_range: invalid value" >&2 + unset -f cmp match + return "$err" + fi + + # make sure range is valid + if ! match "$range" "^@?(~|$decimal)(:($decimal)?)?$"; then + echo "${0##*/}: check_range: invalid range" >&2 + unset -f cmp match + return "$err" + fi + + # check for leading @ char, which negates the range + if match $range '^@'; then + range=${range#@} + yes=1 + no=0 + fi + + # parse the range string + if ! match "$range" ':'; then + start=0 + end="$range" + else + start="${range%%:*}" + end="${range#*:}" + fi + + # do the comparison, taking positive ("") and negative infinity ("~") + # into account + if [ "$start" != "~" ] && [ "$end" != "" ]; then + if cmp "$start <= $v" && cmp "$v <= $end"; then + unset -f cmp match + return "$no" + else + unset -f cmp match + return "$yes" + fi + elif [ "$start" != "~" ] && [ "$end" = "" ]; then + if cmp "$start <= $v"; then + unset -f cmp match + return "$no" + else + unset -f cmp match + return "$yes" + fi + elif [ "$start" = "~" ] && [ "$end" != "" ]; then + if cmp "$v <= $end"; then + unset -f cmp match + return "$no" + else + unset -f cmp match + return "$yes" + fi + else + unset -f cmp match + return "$no" + fi +} diff --git a/nagios/plugins/utils.sh.README b/nagios/plugins/utils.sh.README new file mode 100644 index 0000000..9253439 --- /dev/null +++ b/nagios/plugins/utils.sh.README @@ -0,0 +1 @@ +utils.sh is taken from Debian Wheezy's package nagios-plugins-common. -- 2.30.2