diff options
Diffstat (limited to 'plugins-scripts/check_ifoperstatus.pl')
-rwxr-xr-x | plugins-scripts/check_ifoperstatus.pl | 362 |
1 files changed, 160 insertions, 202 deletions
diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl index d0a1655a..588993be 100755 --- a/plugins-scripts/check_ifoperstatus.pl +++ b/plugins-scripts/check_ifoperstatus.pl | |||
@@ -43,25 +43,26 @@ use Getopt::Long; | |||
43 | 43 | ||
44 | my $PROGNAME = "check_ifoperstatus"; | 44 | my $PROGNAME = "check_ifoperstatus"; |
45 | sub print_help (); | 45 | sub print_help (); |
46 | sub usage (); | 46 | sub usage ($); |
47 | sub print_usage (); | ||
47 | sub process_arguments (); | 48 | sub process_arguments (); |
48 | 49 | ||
49 | my $timeout; | 50 | my $timeout; |
50 | my $status; | 51 | my $status; |
51 | my %ifOperStatus = ('1','up', | 52 | my %ifOperStatus = ('1','up', |
52 | '2','down', | 53 | '2','down', |
53 | '3','testing', | 54 | '3','testing', |
54 | '4','unknown', | 55 | '4','unknown', |
55 | '5','dormant', | 56 | '5','dormant', |
56 | '6','notPresent', | 57 | '6','notPresent', |
57 | '7','lowerLayerDown'); # down due to the state of lower layer interface(s) | 58 | '7','lowerLayerDown'); # down due to the state of lower layer interface(s) |
58 | 59 | ||
59 | my $state = "UNKNOWN"; | 60 | my $state = "UNKNOWN"; |
60 | my $answer = ""; | 61 | my $answer = ""; |
61 | my $snmpkey = 0; | 62 | my $snmpkey = 0; |
62 | my $community = "public"; | 63 | my $community = "public"; |
63 | my $maxmsgsize = 1472 ; # Net::SNMP default is 1472 | 64 | my $maxmsgsize = 1472 ; # Net::SNMP default is 1472 |
64 | my ($seclevel, $authproto, $secname, $authpass, $privpass, $auth, $priv, $context); | 65 | my ($seclevel, $authproto, $secname, $authpass, $privpass, $privproto, $auth, $priv, $context); |
65 | my $port = 161; | 66 | my $port = 161; |
66 | my @snmpoids; | 67 | my @snmpoids; |
67 | my $sysUptime = '1.3.6.1.2.1.1.3.0'; | 68 | my $sysUptime = '1.3.6.1.2.1.1.3.0'; |
@@ -89,6 +90,7 @@ my $lastc; | |||
89 | my $dormantWarn; | 90 | my $dormantWarn; |
90 | my $adminWarn; | 91 | my $adminWarn; |
91 | my $name; | 92 | my $name; |
93 | my %session_opts; | ||
92 | 94 | ||
93 | ### Validate Arguments | 95 | ### Validate Arguments |
94 | 96 | ||
@@ -97,19 +99,28 @@ $status = process_arguments(); | |||
97 | 99 | ||
98 | # Just in case of problems, let's not hang Nagios | 100 | # Just in case of problems, let's not hang Nagios |
99 | $SIG{'ALRM'} = sub { | 101 | $SIG{'ALRM'} = sub { |
100 | print ("ERROR: No snmp response from $hostname (alarm)\n"); | 102 | print ("ERROR: No snmp response from $hostname (alarm)\n"); |
101 | exit $ERRORS{"UNKNOWN"}; | 103 | exit $ERRORS{"UNKNOWN"}; |
102 | }; | 104 | }; |
103 | 105 | ||
104 | alarm($timeout); | 106 | alarm($timeout); |
105 | 107 | ||
108 | ($session, $error) = Net::SNMP->session(%session_opts); | ||
109 | |||
110 | |||
111 | if (!defined($session)) { | ||
112 | $state='UNKNOWN'; | ||
113 | $answer=$error; | ||
114 | print ("$state: $answer\n"); | ||
115 | exit $ERRORS{$state}; | ||
116 | } | ||
106 | 117 | ||
107 | ## map ifdescr to ifindex - should look at being able to cache this value | 118 | ## map ifdescr to ifindex - should look at being able to cache this value |
108 | 119 | ||
109 | if (defined $ifdescr || defined $iftype) { | 120 | if (defined $ifdescr || defined $iftype) { |
110 | # escape "/" in ifdescr - very common in the Cisco world | 121 | # escape "/" in ifdescr - very common in the Cisco world |
111 | if (defined $iftype) { | 122 | if (defined $iftype) { |
112 | $status=fetch_ifindex($snmpIfType, $iftype); | 123 | $status=fetch_ifindex($snmpIfType, $iftype); |
113 | } else { | 124 | } else { |
114 | $ifdescr =~ s/\//\\\//g; | 125 | $ifdescr =~ s/\//\\\//g; |
115 | $status=fetch_ifindex($snmpIfDescr, $ifdescr); # if using on device with large number of interfaces | 126 | $status=fetch_ifindex($snmpIfDescr, $ifdescr); # if using on device with large number of interfaces |
@@ -138,88 +149,86 @@ push(@snmpoids,$snmpIfDescr); | |||
138 | push(@snmpoids,$snmpIfName) if (defined $ifXTable) ; | 149 | push(@snmpoids,$snmpIfName) if (defined $ifXTable) ; |
139 | push(@snmpoids,$snmpIfAlias) if (defined $ifXTable) ; | 150 | push(@snmpoids,$snmpIfAlias) if (defined $ifXTable) ; |
140 | 151 | ||
141 | if (!defined($response = $session->get_request(@snmpoids))) { | 152 | if (!defined($response = $session->get_request(@snmpoids))) { |
142 | $answer=$session->error; | 153 | $answer=$session->error; |
143 | $session->close; | 154 | $session->close; |
144 | $state = 'WARNING'; | 155 | $state = 'WARNING'; |
145 | print ("$state: SNMP error: $answer\n"); | 156 | print ("$state: SNMP error: $answer\n"); |
146 | exit $ERRORS{$state}; | 157 | exit $ERRORS{$state}; |
147 | } | 158 | } |
148 | |||
149 | $answer = sprintf("host '%s', %s(%s) is %s\n", | ||
150 | $hostname, | ||
151 | $response->{$snmpIfDescr}, | ||
152 | $snmpkey, | ||
153 | $ifOperStatus{$response->{$snmpIfOperStatus}} | ||
154 | ); | ||
155 | |||
156 | |||
157 | ## Check to see if ifName match is requested and it matches - exit if no match | ||
158 | ## not the interface we want to monitor | ||
159 | if ( defined $ifName && not ($response->{$snmpIfName} eq $ifName) ) { | ||
160 | $state = 'UNKNOWN'; | ||
161 | $answer = "Interface name ($ifName) doesn't match snmp value ($response->{$snmpIfName}) (index $snmpkey)"; | ||
162 | print ("$state: $answer\n"); | ||
163 | exit $ERRORS{$state}; | ||
164 | } | ||
165 | |||
166 | ## define the interface name | ||
167 | if (defined $ifXTable) { | ||
168 | $name = $response->{$snmpIfName} ." - " .$response->{$snmpIfAlias} ; | ||
169 | }else{ | ||
170 | $name = $response->{$snmpIfDescr} ; | ||
171 | } | ||
172 | |||
173 | ## if AdminStatus is down - some one made a consious effort to change config | ||
174 | ## | ||
175 | if ( not ($response->{$snmpIfAdminStatus} == 1) ) { | ||
176 | $answer = "Interface $name (index $snmpkey) is administratively down."; | ||
177 | if ( not defined $adminWarn or $adminWarn eq "w" ) { | ||
178 | $state = 'WARNING'; | ||
179 | } elsif ( $adminWarn eq "i" ) { | ||
180 | $state = 'OK'; | ||
181 | } elsif ( $adminWarn eq "c" ) { | ||
182 | $state = 'CRITICAL'; | ||
183 | } else { # If wrong value for -a, say warning | ||
184 | $state = 'WARNING'; | ||
185 | } | ||
186 | } | ||
187 | ## Check operational status | ||
188 | elsif ( $response->{$snmpIfOperStatus} == 2 ) { | ||
189 | $state = 'CRITICAL'; | ||
190 | $answer = "Interface $name (index $snmpkey) is down."; | ||
191 | } elsif ( $response->{$snmpIfOperStatus} == 5 ) { | ||
192 | if (defined $dormantWarn ) { | ||
193 | if ($dormantWarn eq "w") { | ||
194 | $state = 'WARNING'; | ||
195 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
196 | }elsif($dormantWarn eq "c") { | ||
197 | $state = 'CRITICAL'; | ||
198 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
199 | }elsif($dormantWarn eq "i") { | ||
200 | $state = 'OK'; | ||
201 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
202 | } | ||
203 | }else{ | ||
204 | # dormant interface - but warning/critical/ignore not requested | ||
205 | $state = 'CRITICAL'; | ||
206 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
207 | } | ||
208 | } elsif ( $response->{$snmpIfOperStatus} == 6 ) { | ||
209 | $state = 'CRITICAL'; | ||
210 | $answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress."; | ||
211 | } elsif ( $response->{$snmpIfOperStatus} == 7 ) { | ||
212 | $state = 'CRITICAL'; | ||
213 | $answer = "Interface $name (index $snmpkey) down due to lower layer being down."; | ||
214 | 159 | ||
215 | } elsif ( $response->{$snmpIfOperStatus} == 3 || $response->{$snmpIfOperStatus} == 4 ) { | 160 | $answer = sprintf("host '%s', %s(%s) is %s\n", |
216 | $state = 'CRITICAL'; | 161 | $hostname, |
217 | $answer = "Interface $name (index $snmpkey) down (testing/unknown)."; | 162 | $response->{$snmpIfDescr}, |
163 | $snmpkey, | ||
164 | $ifOperStatus{$response->{$snmpIfOperStatus}} | ||
165 | ); | ||
166 | |||
167 | |||
168 | ## Check to see if ifName match is requested and it matches - exit if no match | ||
169 | ## not the interface we want to monitor | ||
170 | if ( defined $ifName && not ($response->{$snmpIfName} eq $ifName) ) { | ||
171 | $state = 'UNKNOWN'; | ||
172 | $answer = "Interface name ($ifName) doesn't match snmp value ($response->{$snmpIfName}) (index $snmpkey)"; | ||
173 | print ("$state: $answer\n"); | ||
174 | exit $ERRORS{$state}; | ||
175 | } | ||
176 | |||
177 | ## define the interface name | ||
178 | if (defined $ifXTable) { | ||
179 | $name = $response->{$snmpIfName} ." - " .$response->{$snmpIfAlias} ; | ||
180 | }else{ | ||
181 | $name = $response->{$snmpIfDescr} ; | ||
182 | } | ||
218 | 183 | ||
219 | } else { | 184 | ## if AdminStatus is down - some one made a consious effort to change config |
220 | $state = 'OK'; | 185 | ## |
221 | $answer = "Interface $name (index $snmpkey) is up."; | 186 | if ( not ($response->{$snmpIfAdminStatus} == 1) ) { |
222 | } | 187 | $answer = "Interface $name (index $snmpkey) is administratively down."; |
188 | if ( not defined $adminWarn or $adminWarn eq "w" ) { | ||
189 | $state = 'WARNING'; | ||
190 | } elsif ( $adminWarn eq "i" ) { | ||
191 | $state = 'OK'; | ||
192 | } elsif ( $adminWarn eq "c" ) { | ||
193 | $state = 'CRITICAL'; | ||
194 | } else { # If wrong value for -a, say warning | ||
195 | $state = 'WARNING'; | ||
196 | } | ||
197 | } | ||
198 | ## Check operational status | ||
199 | elsif ( $response->{$snmpIfOperStatus} == 2 ) { | ||
200 | $state = 'CRITICAL'; | ||
201 | $answer = "Interface $name (index $snmpkey) is down."; | ||
202 | } elsif ( $response->{$snmpIfOperStatus} == 5 ) { | ||
203 | if (defined $dormantWarn ) { | ||
204 | if ($dormantWarn eq "w") { | ||
205 | $state = 'WARNING'; | ||
206 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
207 | }elsif($dormantWarn eq "c") { | ||
208 | $state = 'CRITICAL'; | ||
209 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
210 | }elsif($dormantWarn eq "i") { | ||
211 | $state = 'OK'; | ||
212 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
213 | } | ||
214 | }else{ | ||
215 | # dormant interface - but warning/critical/ignore not requested | ||
216 | $state = 'CRITICAL'; | ||
217 | $answer = "Interface $name (index $snmpkey) is dormant."; | ||
218 | } | ||
219 | } elsif ( $response->{$snmpIfOperStatus} == 6 ) { | ||
220 | $state = 'CRITICAL'; | ||
221 | $answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress."; | ||
222 | } elsif ( $response->{$snmpIfOperStatus} == 7 ) { | ||
223 | $state = 'CRITICAL'; | ||
224 | $answer = "Interface $name (index $snmpkey) down due to lower layer being down."; | ||
225 | } elsif ( $response->{$snmpIfOperStatus} == 3 || $response->{$snmpIfOperStatus} == 4 ) { | ||
226 | $state = 'CRITICAL'; | ||
227 | $answer = "Interface $name (index $snmpkey) down (testing/unknown)."; | ||
228 | } else { | ||
229 | $state = 'OK'; | ||
230 | $answer = "Interface $name (index $snmpkey) is up."; | ||
231 | } | ||
223 | 232 | ||
224 | 233 | ||
225 | 234 | ||
@@ -259,22 +268,28 @@ sub fetch_ifindex { | |||
259 | return $snmpkey; | 268 | return $snmpkey; |
260 | } | 269 | } |
261 | 270 | ||
262 | sub usage() { | 271 | sub usage($) { |
263 | printf "\nMissing arguments!\n"; | 272 | print "$_[0]\n"; |
264 | printf "\n"; | 273 | print_usage(); |
265 | printf "usage: \n"; | 274 | exit $ERRORS{"UNKNOWN"}; |
266 | printf "check_ifoperstatus -k <IF_KEY> -H <HOSTNAME> [-C <community>]\n"; | 275 | } |
267 | printf "Copyright (C) 2000 Christoph Kron\n"; | 276 | |
268 | printf "check_ifoperstatus.pl comes with ABSOLUTELY NO WARRANTY\n"; | 277 | sub print_usage() { |
269 | printf "This programm is licensed under the terms of the "; | 278 | printf "\n"; |
270 | printf "GNU General Public License\n(check source code for details)\n"; | 279 | printf "usage: \n"; |
271 | printf "\n\n"; | 280 | printf "check_ifoperstatus -k <IF_KEY> -H <HOSTNAME> [-C <community>]\n"; |
272 | exit $ERRORS{"UNKNOWN"}; | 281 | printf "Copyright (C) 2000 Christoph Kron\n"; |
282 | printf "check_ifoperstatus.pl comes with ABSOLUTELY NO WARRANTY\n"; | ||
283 | printf "This programm is licensed under the terms of the "; | ||
284 | printf "GNU General Public License\n(check source code for details)\n"; | ||
285 | printf "\n\n"; | ||
273 | } | 286 | } |
274 | 287 | ||
275 | sub print_help() { | 288 | sub print_help() { |
289 | print_revision($PROGNAME, '@NP_VERSION@'); | ||
290 | print_usage(); | ||
276 | printf "check_ifoperstatus plugin for Nagios monitors operational \n"; | 291 | printf "check_ifoperstatus plugin for Nagios monitors operational \n"; |
277 | printf "status of a particular network interface on the target host\n"; | 292 | printf "status of a particular network interface on the target host\n"; |
278 | printf "\nUsage:\n"; | 293 | printf "\nUsage:\n"; |
279 | printf " -H (--hostname) Hostname to query - (required)\n"; | 294 | printf " -H (--hostname) Hostname to query - (required)\n"; |
280 | printf " -C (--community) SNMP read community (defaults to public,\n"; | 295 | printf " -C (--community) SNMP read community (defaults to public,\n"; |
@@ -285,19 +300,20 @@ sub print_help() { | |||
285 | printf " if monitoring with -d\n"; | 300 | printf " if monitoring with -d\n"; |
286 | printf " -L (--seclevel) choice of \"noAuthNoPriv\", \"authNoPriv\", or \"authPriv\"\n"; | 301 | printf " -L (--seclevel) choice of \"noAuthNoPriv\", \"authNoPriv\", or \"authPriv\"\n"; |
287 | printf " -U (--secname) username for SNMPv3 context\n"; | 302 | printf " -U (--secname) username for SNMPv3 context\n"; |
288 | printf " -c (--context) SNMPv3 context name (default is empty string)"; | 303 | printf " -c (--context) SNMPv3 context name (default is empty string)\n"; |
289 | printf " -A (--authpass) authentication password (cleartext ascii or localized key\n"; | 304 | printf " -A (--authpass) authentication password (cleartext ascii or localized key\n"; |
290 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; | 305 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; |
291 | printf " auth password and authEngineID\n"; | 306 | printf " auth password and authEngineID\n"; |
292 | printf " -a (--authproto) Authentication protocol ( MD5 or SHA1)\n"; | 307 | printf " -a (--authproto) Authentication protocol (MD5 or SHA1)\n"; |
293 | printf " -X (--privpass) privacy password (cleartext ascii or localized key\n"; | 308 | printf " -X (--privpass) privacy password (cleartext ascii or localized key\n"; |
294 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; | 309 | printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n"; |
295 | printf " privacy password and authEngineID\n"; | 310 | printf " privacy password and authEngineID\n"; |
311 | printf " -P (--privproto) privacy protocol (DES or AES; default: DES)\n"; | ||
296 | printf " -k (--key) SNMP IfIndex value\n"; | 312 | printf " -k (--key) SNMP IfIndex value\n"; |
297 | printf " -d (--descr) SNMP ifDescr value\n"; | 313 | printf " -d (--descr) SNMP ifDescr value\n"; |
298 | printf " -T (--type) SNMP ifType integer value (see http://www.iana.org/assignments/ianaiftype-mib)\n"; | 314 | printf " -T (--type) SNMP ifType integer value (see http://www.iana.org/assignments/ianaiftype-mib)\n"; |
299 | printf " -p (--port) SNMP port (default 161)\n"; | 315 | printf " -p (--port) SNMP port (default 161)\n"; |
300 | printf " -I (--ifmib) Agent supports IFMIB ifXTable. Do not use if\n"; | 316 | printf " -I (--ifmib) Agent supports IFMIB ifXTable. Do not use if\n"; |
301 | printf " you don't know what this is. \n"; | 317 | printf " you don't know what this is. \n"; |
302 | printf " -n (--name) the value should match the returned ifName\n"; | 318 | printf " -n (--name) the value should match the returned ifName\n"; |
303 | printf " (Implies the use of -I)\n"; | 319 | printf " (Implies the use of -I)\n"; |
@@ -312,7 +328,6 @@ sub print_help() { | |||
312 | printf "intensive. Use it sparingly or not at all. -n is used to match against\n"; | 328 | printf "intensive. Use it sparingly or not at all. -n is used to match against\n"; |
313 | printf "a much more descriptive ifName value in the IfXTable to verify that the\n"; | 329 | printf "a much more descriptive ifName value in the IfXTable to verify that the\n"; |
314 | printf "snmpkey has not changed to some other network interface after a reboot.\n\n"; | 330 | printf "snmpkey has not changed to some other network interface after a reboot.\n\n"; |
315 | print_revision($PROGNAME, '@NP_VERSION@'); | ||
316 | 331 | ||
317 | } | 332 | } |
318 | 333 | ||
@@ -327,6 +342,7 @@ sub process_arguments() { | |||
327 | "U=s" => \$secname, "secname=s" => \$secname, | 342 | "U=s" => \$secname, "secname=s" => \$secname, |
328 | "A=s" => \$authpass, "authpass=s" => \$authpass, | 343 | "A=s" => \$authpass, "authpass=s" => \$authpass, |
329 | "X=s" => \$privpass, "privpass=s" => \$privpass, | 344 | "X=s" => \$privpass, "privpass=s" => \$privpass, |
345 | "P=s" => \$privproto, "privproto=s" => \$privproto, | ||
330 | "c=s" => \$context, "context=s" => \$context, | 346 | "c=s" => \$context, "context=s" => \$context, |
331 | "k=i" => \$snmpkey, "key=i",\$snmpkey, | 347 | "k=i" => \$snmpkey, "key=i",\$snmpkey, |
332 | "d=s" => \$ifdescr, "descr=s" => \$ifdescr, | 348 | "d=s" => \$ifdescr, "descr=s" => \$ifdescr, |
@@ -343,12 +359,11 @@ sub process_arguments() { | |||
343 | ); | 359 | ); |
344 | 360 | ||
345 | 361 | ||
346 | |||
347 | if ($status == 0){ | 362 | if ($status == 0){ |
348 | print_help(); | 363 | print_help(); |
349 | exit $ERRORS{'OK'}; | 364 | exit $ERRORS{'OK'}; |
350 | } | 365 | } |
351 | 366 | ||
352 | if ($opt_V) { | 367 | if ($opt_V) { |
353 | print_revision($PROGNAME,'@NP_VERSION@'); | 368 | print_revision($PROGNAME,'@NP_VERSION@'); |
354 | exit $ERRORS{'OK'}; | 369 | exit $ERRORS{'OK'}; |
@@ -360,19 +375,14 @@ sub process_arguments() { | |||
360 | } | 375 | } |
361 | 376 | ||
362 | if (! utils::is_hostname($hostname)){ | 377 | if (! utils::is_hostname($hostname)){ |
363 | usage(); | 378 | usage("Hostname invalid or not given"); |
364 | exit $ERRORS{"UNKNOWN"}; | ||
365 | } | 379 | } |
366 | 380 | ||
367 | |||
368 | unless ($snmpkey > 0 || defined $ifdescr || defined $iftype){ | 381 | unless ($snmpkey > 0 || defined $ifdescr || defined $iftype){ |
369 | printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n"; | 382 | usage("Either a valid snmp key (-k) or a ifDescr (-d) must be provided"); |
370 | usage(); | ||
371 | exit $ERRORS{"UNKNOWN"}; | ||
372 | } | 383 | } |
373 | 384 | ||
374 | 385 | if (defined $ifName) { | |
375 | if (defined $name) { | ||
376 | $ifXTable=1; | 386 | $ifXTable=1; |
377 | } | 387 | } |
378 | 388 | ||
@@ -387,128 +397,76 @@ sub process_arguments() { | |||
387 | $timeout = $TIMEOUT; | 397 | $timeout = $TIMEOUT; |
388 | } | 398 | } |
389 | 399 | ||
400 | if ($snmp_version !~ /[123]/){ | ||
401 | $state='UNKNOWN'; | ||
402 | print ("$state: No support for SNMP v$snmp_version yet\n"); | ||
403 | exit $ERRORS{$state}; | ||
404 | } | ||
405 | |||
406 | %session_opts = ( | ||
407 | -hostname => $hostname, | ||
408 | -port => $port, | ||
409 | -version => $snmp_version, | ||
410 | -maxmsgsize => $maxmsgsize | ||
411 | ); | ||
412 | |||
413 | $session_opts{'-community'} = $community if (defined $community && $snmp_version =~ /[12]/); | ||
414 | |||
390 | if ($snmp_version =~ /3/ ) { | 415 | if ($snmp_version =~ /3/ ) { |
391 | # Must define a security level even though default is noAuthNoPriv | 416 | # Must define a security level even though default is noAuthNoPriv |
392 | # v3 requires a security username | 417 | # v3 requires a security username |
393 | if (defined $seclevel && defined $secname) { | 418 | if (defined $seclevel && defined $secname) { |
419 | $session_opts{'-username'} = $secname; | ||
394 | 420 | ||
395 | # Must define a security level even though defualt is noAuthNoPriv | 421 | # Must define a security level even though defualt is noAuthNoPriv |
396 | unless ( grep /^$seclevel$/, qw(noAuthNoPriv authNoPriv authPriv) ) { | 422 | unless ( grep /^$seclevel$/, qw(noAuthNoPriv authNoPriv authPriv) ) { |
397 | usage(); | 423 | usage("Must define a valid security level even though default is noAuthNoPriv"); |
398 | exit $ERRORS{"UNKNOWN"}; | ||
399 | } | 424 | } |
400 | 425 | ||
401 | # Authentication wanted | 426 | # Authentication wanted |
402 | if ( $seclevel eq 'authNoPriv' || $seclevel eq 'authPriv' ) { | 427 | if ( $seclevel eq 'authNoPriv' || $seclevel eq 'authPriv' ) { |
403 | 428 | if (defined $authproto && $authproto ne 'MD5' && $authproto ne 'SHA1') { | |
404 | unless ( $authproto eq 'MD5' || $authproto eq 'SHA1' ) { | 429 | usage("Auth protocol can be either MD5 or SHA1"); |
405 | usage(); | ||
406 | exit $ERRORS{"UNKNOWN"}; | ||
407 | } | 430 | } |
431 | $session_opts{'-authprotocol'} = $authproto if(defined $authproto); | ||
408 | 432 | ||
409 | if ( !defined $authpass) { | 433 | if ( !defined $authpass) { |
410 | usage(); | 434 | usage("Auth password/key is not defined"); |
411 | exit $ERRORS{"UNKNOWN"}; | ||
412 | }else{ | 435 | }else{ |
413 | if ($authpass =~ /^0x/ ) { | 436 | if ($authpass =~ /^0x/ ) { |
414 | $auth = "-authkey => $authpass" ; | 437 | $session_opts{'-authkey'} = $authpass ; |
415 | }else{ | 438 | }else{ |
416 | $auth = "-authpassword => $authpass"; | 439 | $session_opts{'-authpassword'} = $authpass ; |
417 | } | 440 | } |
418 | } | 441 | } |
419 | |||
420 | } | 442 | } |
421 | 443 | ||
422 | # Privacy (DES encryption) wanted | 444 | # Privacy (DES encryption) wanted |
423 | if ($seclevel eq 'authPriv' ) { | 445 | if ($seclevel eq 'authPriv' ) { |
424 | if (! defined $privpass) { | 446 | if (! defined $privpass) { |
425 | usage(); | 447 | usage("Privacy passphrase/key is not defined"); |
426 | exit $ERRORS{"UNKNOWN"}; | ||
427 | }else{ | 448 | }else{ |
428 | if ($privpass =~ /^0x/){ | 449 | if ($privpass =~ /^0x/){ |
429 | $priv = "-privkey => $privpass"; | 450 | $session_opts{'-privkey'} = $privpass; |
430 | }else{ | 451 | }else{ |
431 | $priv = "-privpassword => $privpass"; | 452 | $session_opts{'-privpassword'} = $privpass; |
432 | } | 453 | } |
433 | } | 454 | } |
455 | |||
456 | $session_opts{'-privprotocol'} = $privproto if(defined $privproto); | ||
434 | } | 457 | } |
435 | 458 | ||
436 | # Context name defined or default | 459 | # Context name defined or default |
437 | |||
438 | unless ( defined $context) { | 460 | unless ( defined $context) { |
439 | $context = ""; | 461 | $context = ""; |
440 | } | 462 | } |
441 | 463 | ||
442 | |||
443 | |||
444 | }else { | 464 | }else { |
445 | usage(); | 465 | usage("Security level or name is not defined"); |
446 | exit $ERRORS{'UNKNOWN'}; ; | ||
447 | } | 466 | } |
448 | } # end snmpv3 | 467 | } # end snmpv3 |
449 | 468 | ||
450 | 469 | ||
451 | if ( $snmp_version =~ /[12]/ ) { | ||
452 | ($session, $error) = Net::SNMP->session( | ||
453 | -hostname => $hostname, | ||
454 | -community => $community, | ||
455 | -port => $port, | ||
456 | -version => $snmp_version, | ||
457 | -maxmsgsize => $maxmsgsize | ||
458 | ); | ||
459 | |||
460 | if (!defined($session)) { | ||
461 | $state='UNKNOWN'; | ||
462 | $answer=$error; | ||
463 | print ("$state: $answer\n"); | ||
464 | exit $ERRORS{$state}; | ||
465 | } | ||
466 | |||
467 | }elsif ( $snmp_version =~ /3/ ) { | ||
468 | |||
469 | if ($seclevel eq 'noAuthNoPriv') { | ||
470 | ($session, $error) = Net::SNMP->session( | ||
471 | -hostname => $hostname, | ||
472 | -port => $port, | ||
473 | -version => $snmp_version, | ||
474 | -username => $secname, | ||
475 | ); | ||
476 | |||
477 | }elsif ( $seclevel eq 'authNoPriv' ) { | ||
478 | ($session, $error) = Net::SNMP->session( | ||
479 | -hostname => $hostname, | ||
480 | -port => $port, | ||
481 | -version => $snmp_version, | ||
482 | -username => $secname, | ||
483 | $auth, | ||
484 | -authprotocol => $authproto, | ||
485 | ); | ||
486 | }elsif ($seclevel eq 'authPriv' ) { | ||
487 | ($session, $error) = Net::SNMP->session( | ||
488 | -hostname => $hostname, | ||
489 | -port => $port, | ||
490 | -version => $snmp_version, | ||
491 | -username => $secname, | ||
492 | $auth, | ||
493 | -authprotocol => $authproto, | ||
494 | $priv | ||
495 | ); | ||
496 | } | ||
497 | |||
498 | |||
499 | if (!defined($session)) { | ||
500 | $state='UNKNOWN'; | ||
501 | $answer=$error; | ||
502 | print ("$state: $answer\n"); | ||
503 | exit $ERRORS{$state}; | ||
504 | } | ||
505 | |||
506 | }else{ | ||
507 | $state='UNKNOWN'; | ||
508 | print ("$state: No support for SNMP v$snmp_version yet\n"); | ||
509 | exit $ERRORS{$state}; | ||
510 | } | ||
511 | |||
512 | } | 470 | } |
513 | ## End validation | 471 | ## End validation |
514 | 472 | ||