diff options
author | Subhendu Ghosh <sghosh@users.sourceforge.net> | 2003-10-14 03:15:19 (GMT) |
---|---|---|
committer | Subhendu Ghosh <sghosh@users.sourceforge.net> | 2003-10-14 03:15:19 (GMT) |
commit | e4354556c3f4a1c4631c4feb1979fdabc07b1e06 (patch) | |
tree | 7a910c8757fdb23ed44a9746a020e5fdc5fecf60 /plugins-scripts | |
parent | fa9983a26043e067546667e2f9721e1b499a4fba (diff) | |
download | monitoring-plugins-e4354556c3f4a1c4631c4feb1979fdabc07b1e06.tar.gz |
snmpv3 patches
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@746 f882894a-f735-0410-b71e-b25c423dba1c
Diffstat (limited to 'plugins-scripts')
-rw-r--r-- | plugins-scripts/check_ifoperstatus.pl | 315 |
1 files changed, 224 insertions, 91 deletions
diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl index f4eaefc..8a23ca5 100644 --- a/plugins-scripts/check_ifoperstatus.pl +++ b/plugins-scripts/check_ifoperstatus.pl | |||
@@ -5,6 +5,7 @@ | |||
5 | # Copyright (C) 2000 Christoph Kron, | 5 | # Copyright (C) 2000 Christoph Kron, |
6 | # Modified 5/2002 to conform to updated Nagios Plugin Guidelines | 6 | # Modified 5/2002 to conform to updated Nagios Plugin Guidelines |
7 | # Added support for named interfaces per Valdimir Ivaschenko (S. Ghosh) | 7 | # Added support for named interfaces per Valdimir Ivaschenko (S. Ghosh) |
8 | # Added SNMPv3 support (10/2003) | ||
8 | # | 9 | # |
9 | # This program is free software; you can redistribute it and/or | 10 | # This program is free software; you can redistribute it and/or |
10 | # modify it under the terms of the GNU General Public License | 11 | # modify it under the terms of the GNU General Public License |
@@ -42,6 +43,10 @@ use Getopt::Long; | |||
42 | &Getopt::Long::config('bundling'); | 43 | &Getopt::Long::config('bundling'); |
43 | 44 | ||
44 | my $PROGNAME = "check_ifoperstatus"; | 45 | my $PROGNAME = "check_ifoperstatus"; |
46 | sub print_help (); | ||
47 | sub usage (); | ||
48 | sub process_arguments (); | ||
49 | |||
45 | my $status; | 50 | my $status; |
46 | my %ifOperStatus = ('1','up', | 51 | my %ifOperStatus = ('1','up', |
47 | '2','down', | 52 | '2','down', |
@@ -55,6 +60,8 @@ my $state = "UNKNOWN"; | |||
55 | my $answer = ""; | 60 | my $answer = ""; |
56 | my $snmpkey = 0; | 61 | my $snmpkey = 0; |
57 | my $community = "public"; | 62 | my $community = "public"; |
63 | my $maxmsgsize = 1472 ; # Net::SNMP default is 1472 | ||
64 | my ($seclevel, $authproto, $secname, $authpass, $privpass, $auth, $priv, $context); | ||
58 | my $port = 161; | 65 | my $port = 161; |
59 | my @snmpoids; | 66 | my @snmpoids; |
60 | my $sysUptime = '1.3.6.1.2.1.1.3.0'; | 67 | my $sysUptime = '1.3.6.1.2.1.1.3.0'; |
@@ -92,81 +99,7 @@ alarm($TIMEOUT); | |||
92 | 99 | ||
93 | ### Validate Arguments | 100 | ### Validate Arguments |
94 | 101 | ||
95 | $status = GetOptions( | 102 | $status = process_arguments(); |
96 | "V" => \$opt_V, "version" => \$opt_V, | ||
97 | "h" => \$opt_h, "help" => \$opt_h, | ||
98 | "v=i" => \$snmp_version, "snmp_version=i" => \$snmp_version, | ||
99 | "C=s" =>\$community, "community=s" => \$community, | ||
100 | "k=i" =>\$snmpkey, "key=i",\$snmpkey, | ||
101 | "d=s" =>\$ifdescr, "descr=s" => \$ifdescr, | ||
102 | "l=s" => \$lastc, "lastchange=s" => \$lastc, | ||
103 | "p=i" =>\$port, "port=i",\$port, | ||
104 | "H=s" => \$hostname, "hostname=s" => \$hostname, | ||
105 | "I" => \$ifXTable, "ifmib" => \$ifXTable, | ||
106 | "n=s" => \$ifName, "name=s" => \$ifName, | ||
107 | "w=s" => \$dormantWarn, "warn=s" => \$dormantWarn ); | ||
108 | |||
109 | |||
110 | |||
111 | if ($status == 0) | ||
112 | { | ||
113 | print_help(); | ||
114 | exit $ERRORS{'OK'}; | ||
115 | } | ||
116 | |||
117 | if ($opt_V) { | ||
118 | print_revision($PROGNAME,'$Revision$ '); | ||
119 | exit $ERRORS{'OK'}; | ||
120 | } | ||
121 | |||
122 | if ($opt_h) { | ||
123 | print_help(); | ||
124 | exit $ERRORS{'OK'}; | ||
125 | } | ||
126 | |||
127 | if (! utils::is_hostname($hostname)){ | ||
128 | usage(); | ||
129 | exit $ERRORS{"UNKNOWN"}; | ||
130 | } | ||
131 | |||
132 | |||
133 | unless ($snmpkey > 0 || defined $ifdescr){ | ||
134 | printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n"; | ||
135 | usage(); | ||
136 | exit $ERRORS{"UNKNOWN"}; | ||
137 | } | ||
138 | |||
139 | |||
140 | if (defined $name) { | ||
141 | $ifXTable=1; | ||
142 | } | ||
143 | |||
144 | if ( $snmp_version =~ /[12]/ ) { | ||
145 | ($session, $error) = Net::SNMP->session( | ||
146 | -hostname => $hostname, | ||
147 | -community => $community, | ||
148 | -port => $port, | ||
149 | -version => $snmp_version | ||
150 | ); | ||
151 | |||
152 | if (!defined($session)) { | ||
153 | $state='UNKNOWN'; | ||
154 | $answer=$error; | ||
155 | print ("$state: $answer"); | ||
156 | exit $ERRORS{$state}; | ||
157 | } | ||
158 | }elsif ( $snmp_version =~ /3/ ) { | ||
159 | $state='UNKNOWN'; | ||
160 | print ("$state: No support for SNMP v3 yet\n"); | ||
161 | exit $ERRORS{$state}; | ||
162 | }else{ | ||
163 | $state='UNKNOWN'; | ||
164 | print ("$state: No support for SNMP v$snmp_version yet\n"); | ||
165 | exit $ERRORS{$state}; | ||
166 | } | ||
167 | |||
168 | ## End validation | ||
169 | |||
170 | 103 | ||
171 | 104 | ||
172 | ## map ifdescr to ifindex - should look at being able to cache this value | 105 | ## map ifdescr to ifindex - should look at being able to cache this value |
@@ -179,7 +112,7 @@ if (defined $ifdescr) { | |||
179 | # recommend use of SNMP v2 (get-bulk) | 112 | # recommend use of SNMP v2 (get-bulk) |
180 | if ($status==0) { | 113 | if ($status==0) { |
181 | $state = "UNKNOWN"; | 114 | $state = "UNKNOWN"; |
182 | printf "$state: could not retrive snmpkey - $status-$snmpkey\n"; | 115 | printf "$state: could not retrive ifdescr snmpkey - $status-$snmpkey\n"; |
183 | $session->close; | 116 | $session->close; |
184 | exit $ERRORS{$state}; | 117 | exit $ERRORS{$state}; |
185 | } | 118 | } |
@@ -245,21 +178,21 @@ push(@snmpoids,$snmpIfAlias) if (defined $ifXTable) ; | |||
245 | $answer = "Interface $name (index $snmpkey) is down."; | 178 | $answer = "Interface $name (index $snmpkey) is down."; |
246 | } elsif ( $response->{$snmpIfOperStatus} == 5 ) { | 179 | } elsif ( $response->{$snmpIfOperStatus} == 5 ) { |
247 | if (defined $dormantWarn ) { | 180 | if (defined $dormantWarn ) { |
248 | if ($dormantWarn eq "w") { | 181 | if ($dormantWarn eq "w") { |
249 | $state = 'WARNNG'; | 182 | $state = 'WARNNG'; |
250 | $answer = "Interface $name (index $snmpkey) is dormant."; | 183 | $answer = "Interface $name (index $snmpkey) is dormant."; |
251 | }elsif($dormantWarn eq "c") { | 184 | }elsif($dormantWarn eq "c") { |
252 | $state = 'CRITICAL'; | 185 | $state = 'CRITICAL'; |
253 | $answer = "Interface $name (index $snmpkey) is dormant."; | 186 | $answer = "Interface $name (index $snmpkey) is dormant."; |
254 | }elsif($dormantWarn eq "i") { | 187 | }elsif($dormantWarn eq "i") { |
255 | $state = 'OK'; | 188 | $state = 'OK'; |
256 | $answer = "Interface $name (index $snmpkey) is dormant."; | 189 | $answer = "Interface $name (index $snmpkey) is dormant."; |
257 | } | 190 | } |
258 | }else{ | 191 | }else{ |
259 | # dormant interface - but warning/critical/ignore not requested | 192 | # dormant interface - but warning/critical/ignore not requested |
260 | $state = 'CRITICAL'; | 193 | $state = 'CRITICAL'; |
261 | $answer = "Interface $name (index $snmpkey) is dormant."; | 194 | $answer = "Interface $name (index $snmpkey) is dormant."; |
262 | } | 195 | } |
263 | } elsif ( $response->{$snmpIfOperStatus} == 6 ) { | 196 | } elsif ( $response->{$snmpIfOperStatus} == 6 ) { |
264 | $state = 'CRITICAL'; | 197 | $state = 'CRITICAL'; |
265 | $answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress."; | 198 | $answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress."; |
@@ -311,7 +244,7 @@ sub fetch_ifdescr { | |||
311 | return $snmpkey; | 244 | return $snmpkey; |
312 | } | 245 | } |
313 | 246 | ||
314 | sub usage { | 247 | sub usage() { |
315 | printf "\nMissing arguments!\n"; | 248 | printf "\nMissing arguments!\n"; |
316 | printf "\n"; | 249 | printf "\n"; |
317 | printf "usage: \n"; | 250 | printf "usage: \n"; |
@@ -324,7 +257,7 @@ sub usage { | |||
324 | exit $ERRORS{"UNKNOWN"}; | 257 | exit $ERRORS{"UNKNOWN"}; |
325 | } | 258 | } |
326 | 259 | ||
327 | sub print_help { | 260 | sub print_help() { |
328 | printf "check_ifoperstatus plugin for Nagios monitors operational \n"; | 261 | printf "check_ifoperstatus plugin for Nagios monitors operational \n"; |
329 | printf "status of a particular network interface on the target host\n"; | 262 | printf "status of a particular network interface on the target host\n"; |
330 | printf "\nUsage:\n"; | 263 | printf "\nUsage:\n"; |
@@ -335,6 +268,16 @@ sub print_help { | |||
335 | printf " 2 for SNMP v2c\n"; | 268 | printf " 2 for SNMP v2c\n"; |
336 | printf " SNMP v2c will use get_bulk for less overhead\n"; | 269 | printf " SNMP v2c will use get_bulk for less overhead\n"; |
337 | printf " if monitoring with -d\n"; | 270 | printf " if monitoring with -d\n"; |
271 | printf " -L (--seclevel) choice of \"noAuthNoPriv\", \"authNoPriv\", or \"authPriv\"\n"; | ||
272 | printf " -U (--secname) username for SNMPv3 context\n"; | ||
273 | printf " -c (--context) SNMPv3 context name (default is empty string)"; | ||
274 | printf " -A (--authpass) authentication password (cleartext ascii or localized key\n"; | ||
275 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; | ||
276 | printf " auth password and authEngineID\n"; | ||
277 | printf " -a (--authproto) Authentication protocol ( MD5 or SHA1)\n"; | ||
278 | printf " -X (--privpass) privacy password (cleartext ascii or localized key\n"; | ||
279 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; | ||
280 | printf " privacy password and authEngineID\n"; | ||
338 | printf " -k (--key) SNMP IfIndex value\n"; | 281 | printf " -k (--key) SNMP IfIndex value\n"; |
339 | printf " -d (--descr) SNMP ifDescr value\n"; | 282 | printf " -d (--descr) SNMP ifDescr value\n"; |
340 | printf " -p (--port) SNMP port (default 161)\n"; | 283 | printf " -p (--port) SNMP port (default 161)\n"; |
@@ -343,6 +286,7 @@ sub print_help { | |||
343 | printf " -n (--name) the value should match the returned ifName\n"; | 286 | printf " -n (--name) the value should match the returned ifName\n"; |
344 | printf " (Implies the use of -I)\n"; | 287 | printf " (Implies the use of -I)\n"; |
345 | printf " -w (--warn =i|w|c) ignore|warn|crit if the interface is dormant (default critical)\n"; | 288 | printf " -w (--warn =i|w|c) ignore|warn|crit if the interface is dormant (default critical)\n"; |
289 | printf " -M (--maxmsgsize) Max message size - usefull only for v1 or v2c\n"; | ||
346 | printf " -V (--version) Plugin version\n"; | 290 | printf " -V (--version) Plugin version\n"; |
347 | printf " -h (--help) usage help \n\n"; | 291 | printf " -h (--help) usage help \n\n"; |
348 | printf " -k or -d must be specified\n\n"; | 292 | printf " -k or -d must be specified\n\n"; |
@@ -353,3 +297,192 @@ sub print_help { | |||
353 | print_revision($PROGNAME, '$Revision$'); | 297 | print_revision($PROGNAME, '$Revision$'); |
354 | 298 | ||
355 | } | 299 | } |
300 | |||
301 | sub process_arguments() { | ||
302 | $status = GetOptions( | ||
303 | "V" => \$opt_V, "version" => \$opt_V, | ||
304 | "h" => \$opt_h, "help" => \$opt_h, | ||
305 | "v=i" => \$snmp_version, "snmp_version=i" => \$snmp_version, | ||
306 | "C=s" => \$community, "community=s" => \$community, | ||
307 | "L=s" => \$seclevel, "seclevel=s" => \$seclevel, | ||
308 | "a=s" => \$authproto, "authproto=s" => \$authproto, | ||
309 | "U=s" => \$secname, "secname=s" => \$secname, | ||
310 | "A=s" => \$authpass, "authpass=s" => \$authpass, | ||
311 | "X=s" => \$privpass, "privpass=s" => \$privpass, | ||
312 | "c=s" => \$context, "context=s" => \$context, | ||
313 | "k=i" => \$snmpkey, "key=i",\$snmpkey, | ||
314 | "d=s" => \$ifdescr, "descr=s" => \$ifdescr, | ||
315 | "l=s" => \$lastc, "lastchange=s" => \$lastc, | ||
316 | "p=i" = >\$port, "port=i" =>\$port, | ||
317 | "H=s" => \$hostname, "hostname=s" => \$hostname, | ||
318 | "I" => \$ifXTable, "ifmib" => \$ifXTable, | ||
319 | "n=s" => \$ifName, "name=s" => \$ifName, | ||
320 | "w=s" => \$dormantWarn, "warn=s" => \$dormantWarn, | ||
321 | "M=i" => \$maxmsgsize, "maxmsgsize=i" => \$maxmsgsize); | ||
322 | |||
323 | |||
324 | |||
325 | if ($status == 0){ | ||
326 | print_help(); | ||
327 | exit $ERRORS{'OK'}; | ||
328 | } | ||
329 | |||
330 | if ($opt_V) { | ||
331 | print_revision($PROGNAME,'$Revision$ '); | ||
332 | exit $ERRORS{'OK'}; | ||
333 | } | ||
334 | |||
335 | if ($opt_h) { | ||
336 | print_help(); | ||
337 | exit $ERRORS{'OK'}; | ||
338 | } | ||
339 | |||
340 | if (! utils::is_hostname($hostname)){ | ||
341 | usage(); | ||
342 | exit $ERRORS{"UNKNOWN"}; | ||
343 | } | ||
344 | |||
345 | |||
346 | unless ($snmpkey > 0 || defined $ifdescr){ | ||
347 | printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n"; | ||
348 | usage(); | ||
349 | exit $ERRORS{"UNKNOWN"}; | ||
350 | } | ||
351 | |||
352 | |||
353 | if (defined $name) { | ||
354 | $ifXTable=1; | ||
355 | } | ||
356 | |||
357 | if (defined $dormantWarn) { | ||
358 | unless ($dormantWarn =~ /^(w|c|i)$/ ) { | ||
359 | printf "Dormant alerts must be one of w|c|i \n"; | ||
360 | exit $ERRORS{'UNKNOWN'}; | ||
361 | } | ||
362 | } | ||
363 | |||
364 | if ($snmp_version =~ /3/ ) { | ||
365 | # Must define a security level even though default is noAuthNoPriv | ||
366 | # v3 requires a security username | ||
367 | if (defined $seclevel && defined $secname) { | ||
368 | |||
369 | # Must define a security level even though defualt is noAuthNoPriv | ||
370 | unless ($seclevel eq ('noAuthNoPriv' || 'authNoPriv' || 'authPriv' ) ) { | ||
371 | usage(); | ||
372 | exit $ERRORS{"UNKNOWN"}; | ||
373 | } | ||
374 | |||
375 | # Authentication wanted | ||
376 | if ($seclevel eq ('authNoPriv' || 'authPriv') ) { | ||
377 | |||
378 | unless ($authproto eq ('MD5' || 'SHA1') ) { | ||
379 | usage(); | ||
380 | exit $ERRORS{"UNKNOWN"}; | ||
381 | } | ||
382 | |||
383 | if ( !defined $authpass) { | ||
384 | usage(); | ||
385 | exit $ERRORS{"UNKNOWN"}; | ||
386 | }else{ | ||
387 | if ($authpass =~ /^0x/ ) { | ||
388 | $auth = "-authkey => $authpass" ; | ||
389 | }else{ | ||
390 | $auth = "-authpassword => $authpass"; | ||
391 | } | ||
392 | } | ||
393 | |||
394 | } | ||
395 | |||
396 | # Privacy (DES encryption) wanted | ||
397 | if ($seclevel eq 'authPriv' ) { | ||
398 | if (! defined $privpass) { | ||
399 | usage(); | ||
400 | exit $ERRORS{"UNKNOWN"}; | ||
401 | }else{ | ||
402 | if ($privpass =~ /^0x/){ | ||
403 | $priv = "-privkey => $privpass"; | ||
404 | }else{ | ||
405 | $priv = "-privpassword => $privpass"; | ||
406 | } | ||
407 | } | ||
408 | } | ||
409 | |||
410 | # Context name defined or default | ||
411 | |||
412 | unless ( defined $context) { | ||
413 | $context = ""; | ||
414 | } | ||
415 | |||
416 | |||
417 | |||
418 | }else { | ||
419 | usage(); | ||
420 | exit $ERRORS{'UNKNOWN'}; ; | ||
421 | } | ||
422 | } # end snmpv3 | ||
423 | |||
424 | |||
425 | if ( $snmp_version =~ /[12]/ ) { | ||
426 | ($session, $error) = Net::SNMP->session( | ||
427 | -hostname => $hostname, | ||
428 | -community => $community, | ||
429 | -port => $port, | ||
430 | -version => $snmp_version, | ||
431 | -maxmsgsize => $maxmsgsize | ||
432 | ); | ||
433 | |||
434 | if (!defined($session)) { | ||
435 | $state='UNKNOWN'; | ||
436 | $answer=$error; | ||
437 | print ("$state: $answer"); | ||
438 | exit $ERRORS{$state}; | ||
439 | } | ||
440 | |||
441 | }elsif ( $snmp_version =~ /3/ ) { | ||
442 | |||
443 | if ($seclevel eq 'noAuthNoPriv') { | ||
444 | ($session, $error) = Net::SNMP->session( | ||
445 | -hostname => $hostname, | ||
446 | -port => $port, | ||
447 | -version => $snmp_version, | ||
448 | -username => $secname, | ||
449 | ); | ||
450 | |||
451 | }elsif ( $seclevel eq 'authNoPriv' ) { | ||
452 | ($session, $error) = Net::SNMP->session( | ||
453 | -hostname => $hostname, | ||
454 | -port => $port, | ||
455 | -version => $snmp_version, | ||
456 | -username => $secname, | ||
457 | $auth, | ||
458 | -authprotocol => $authproto, | ||
459 | ); | ||
460 | }elsif ($seclevel eq 'authPriv' ) { | ||
461 | ($session, $error) = Net::SNMP->session( | ||
462 | -hostname => $hostname, | ||
463 | -port => $port, | ||
464 | -version => $snmp_version, | ||
465 | -username => $secname, | ||
466 | $auth, | ||
467 | -authprotocol => $authproto, | ||
468 | $priv | ||
469 | ); | ||
470 | } | ||
471 | |||
472 | |||
473 | if (!defined($session)) { | ||
474 | $state='UNKNOWN'; | ||
475 | $answer=$error; | ||
476 | print ("$state: $answer"); | ||
477 | exit $ERRORS{$state}; | ||
478 | } | ||
479 | |||
480 | }else{ | ||
481 | $state='UNKNOWN'; | ||
482 | print ("$state: No support for SNMP v$snmp_version yet\n"); | ||
483 | exit $ERRORS{$state}; | ||
484 | } | ||
485 | |||
486 | } | ||
487 | ## End validation | ||
488 | |||