summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--NEWS1
-rw-r--r--plugins/check_dns.c30
2 files changed, 23 insertions, 8 deletions
diff --git a/NEWS b/NEWS
index 72da71d3..f77bfa05 100644
--- a/NEWS
+++ b/NEWS
@@ -17,6 +17,7 @@ This file documents the major additions and syntax changes between releases.
17 If applicable, Gettext linked dynamically instead of statically 17 If applicable, Gettext linked dynamically instead of statically
18 check_dig can now pass arguments dig by using -A/--dig-arguments (#1874041/#1889453) 18 check_dig can now pass arguments dig by using -A/--dig-arguments (#1874041/#1889453)
19 check_ntp and check_ntp_peer now show proper jitter/stratum thresholds longopts in --help 19 check_ntp and check_ntp_peer now show proper jitter/stratum thresholds longopts in --help
20 check_dns now allow to repeat -a to match multiple possibly returned address (common with load balancers)
20 21
211.4.11 13th December 2007 221.4.11 13th December 2007
22 Fixed check_http regression in 1.4.10 where following redirects to 23 Fixed check_http regression in 1.4.10 where following redirects to
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index 9322aef9..732cde7f 100644
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
@@ -54,8 +54,9 @@ char query_address[ADDRESS_LENGTH] = "";
54char dns_server[ADDRESS_LENGTH] = ""; 54char dns_server[ADDRESS_LENGTH] = "";
55char ptr_server[ADDRESS_LENGTH] = ""; 55char ptr_server[ADDRESS_LENGTH] = "";
56int verbose = FALSE; 56int verbose = FALSE;
57char expected_address[ADDRESS_LENGTH] = ""; 57char **expected_address = NULL;
58int match_expected_address = FALSE; 58int expected_address_cnt = 0;
59
59int expect_authority = FALSE; 60int expect_authority = FALSE;
60thresholds *time_thresholds = NULL; 61thresholds *time_thresholds = NULL;
61 62
@@ -202,9 +203,19 @@ main (int argc, char **argv)
202 NSLOOKUP_COMMAND); 203 NSLOOKUP_COMMAND);
203 204
204 /* compare to expected address */ 205 /* compare to expected address */
205 if (result == STATE_OK && match_expected_address && strcmp(address, expected_address)) { 206 if (result == STATE_OK && expected_address_cnt > 0) {
206 result = STATE_CRITICAL; 207 result = STATE_CRITICAL;
207 asprintf(&msg, _("expected '%s' but got '%s'"), expected_address, address); 208 temp_buffer = "";
209 for (i=0; i<expected_address_cnt; i++) {
210 /* check if we get a match and prepare an error string */
211 if (strcmp(address, expected_address[i]) == 0) result = STATE_OK;
212 asprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]);
213 }
214 if (result == STATE_CRITICAL) {
215 /* Strip off last semicolon... */
216 temp_buffer[strlen(temp_buffer)-2] = '\0';
217 asprintf(&msg, _("expected '%s' but got '%s'"), temp_buffer, address);
218 }
208 } 219 }
209 220
210 /* check if authoritative */ 221 /* check if authoritative */
@@ -380,8 +391,9 @@ process_arguments (int argc, char **argv)
380 case 'a': /* expected address */ 391 case 'a': /* expected address */
381 if (strlen (optarg) >= ADDRESS_LENGTH) 392 if (strlen (optarg) >= ADDRESS_LENGTH)
382 die (STATE_UNKNOWN, _("Input buffer overflow\n")); 393 die (STATE_UNKNOWN, _("Input buffer overflow\n"));
383 strcpy (expected_address, optarg); 394 expected_address = (char **)realloc(expected_address, (expected_address_cnt+1) * sizeof(char**));
384 match_expected_address = TRUE; 395 expected_address[expected_address_cnt] = strdup(optarg);
396 expected_address_cnt++;
385 break; 397 break;
386 case 'A': /* expect authority */ 398 case 'A': /* expect authority */
387 expect_authority = TRUE; 399 expect_authority = TRUE;
@@ -451,8 +463,10 @@ print_help (void)
451 printf (" -s, --server=HOST\n"); 463 printf (" -s, --server=HOST\n");
452 printf (" %s\n", _("Optional DNS server you want to use for the lookup")); 464 printf (" %s\n", _("Optional DNS server you want to use for the lookup"));
453 printf (" -a, --expected-address=IP-ADDRESS|HOST\n"); 465 printf (" -a, --expected-address=IP-ADDRESS|HOST\n");
454 printf (" %s\n", _("Optional IP-ADDRESS you expect the DNS server to return. HOST must end with .")); 466 printf (" %s\n", _("Optional IP-ADDRESS you expect the DNS server to return. HOST must end with"));
455 printf (" %s\n", _("Multiple addresses can be separated with commas, and need to be sorted.")); 467 printf (" %s\n", _("a dot (.). This option can be repeated multiple times (Returns OK if any"));
468 printf (" %s\n", _("value match). If multiple are returned at once, you have to match the whole"));
469 printf (" %s\n", _("string of addresses separated with commas (it needs to be sorted)."));
456 printf (" -A, --expect-authority\n"); 470 printf (" -A, --expect-authority\n");
457 printf (" %s\n", _("Optionally expect the DNS server to be authoritative for the lookup")); 471 printf (" %s\n", _("Optionally expect the DNS server to be authoritative for the lookup"));
458 printf (" -w, --warning=seconds\n"); 472 printf (" -w, --warning=seconds\n");