[Nagiosplug-help] Problem with TCP-Sessions via check_smtp or check_ssh

[Holger Weiss]

* "Dieter Hendricks (web.de)" <dieter.hendricks at web.de> [2007-07-31 08:13]:
> I have a problem with check_smtp and check_ssh from the Nagios-Plugins.
> After the session was closed [FIN,ACK] by the NagiosMonitor it seems the
> Machine didn´t wait for an [ACK] by the SMTPServer instead it responses
> all packets from the SMTPServer with an [RST]. This [RST]s logged by the
> Firewall as multiply Session-Resets and fill the LOG-File.

The problem is that check_smtp doesn't read the server's response to the
SMTP QUIT command.  The attached patch against check_smtp.c should fix
that; will be included with the next release.  For check_ssh, it's not
that easy to fix, sorry.

Thanks for your report, Holger

-- 
PGP fingerprint:  F1F0 9071 8084 A426 DD59  9839 59D3 F3A1 B8B5 D3DE
-------------- next part --------------
Index: check_smtp.c
===================================================================
--- check_smtp.c	(revision 1767)
+++ check_smtp.c	(working copy)
@@ -74,6 +74,7 @@
 int validate_arguments (void);
 void print_help (void);
 void print_usage (void);
+void smtp_quit(void);
 int my_close(void);
 
 #include "regex.h"
@@ -258,7 +259,7 @@
 
 		if(use_ssl && ! supports_tls){
 			printf(_("WARNING - TLS not supported by server\n"));
-			send (sd, SMTP_QUIT, strlen (SMTP_QUIT), 0);
+			smtp_quit();
 			return STATE_WARNING;
 		}
 
@@ -270,7 +271,7 @@
 		  recv(sd,buffer, MAX_INPUT_BUFFER-1, 0); /* wait for it */
 		  if (!strstr (buffer, server_expect)) {
 		    printf (_("Server does not support STARTTLS\n"));
-		    send (sd, SMTP_QUIT, strlen (SMTP_QUIT), 0);
+		    smtp_quit();
 		    return STATE_UNKNOWN;
 		  }
 		  result = np_net_ssl_init(sd);
@@ -460,7 +461,7 @@
 		}
 
 		/* tell the server we're done */
-		my_send (SMTP_QUIT, strlen (SMTP_QUIT));
+		smtp_quit();
 
 		/* finally close the connection */
 		close (sd);
@@ -704,6 +705,30 @@
 }
 
 
+void
+smtp_quit(void)
+{
+	int bytes;
+
+	my_send(SMTP_QUIT, strlen(SMTP_QUIT));
+	if (verbose)
+		printf(_("sent %s\n"), "QUIT");
+
+	/* read the response but don't care about problems */
+	bytes = my_recv(buffer, MAXBUF - 1);
+	if (verbose) {
+		if (bytes < 0)
+			printf(_("recv() failed after QUIT."));
+		else if (bytes == 0)
+			printf(_("Connection reset by peer."));
+		else {
+			buffer[bytes] = '\0';
+			printf(_("received %s\n"), buffer);
+		}
+	}
+}
+
+
 int 
 my_close (void)
 {