summaryrefslogtreecommitdiffstats
path: root/plugins/check_dns.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_dns.c')
-rw-r--r--plugins/check_dns.c30
1 files changed, 22 insertions, 8 deletions
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index 9322aef..732cde7 100644
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
@@ -54,8 +54,9 @@ char query_address[ADDRESS_LENGTH] = "";
54char dns_server[ADDRESS_LENGTH] = ""; 54char dns_server[ADDRESS_LENGTH] = "";
55char ptr_server[ADDRESS_LENGTH] = ""; 55char ptr_server[ADDRESS_LENGTH] = "";
56int verbose = FALSE; 56int verbose = FALSE;
57char expected_address[ADDRESS_LENGTH] = ""; 57char **expected_address = NULL;
58int match_expected_address = FALSE; 58int expected_address_cnt = 0;
59
59int expect_authority = FALSE; 60int expect_authority = FALSE;
60thresholds *time_thresholds = NULL; 61thresholds *time_thresholds = NULL;
61 62
@@ -202,9 +203,19 @@ main (int argc, char **argv)
202 NSLOOKUP_COMMAND); 203 NSLOOKUP_COMMAND);
203 204
204 /* compare to expected address */ 205 /* compare to expected address */
205 if (result == STATE_OK && match_expected_address && strcmp(address, expected_address)) { 206 if (result == STATE_OK && expected_address_cnt > 0) {
206 result = STATE_CRITICAL; 207 result = STATE_CRITICAL;
207 asprintf(&msg, _("expected '%s' but got '%s'"), expected_address, address); 208 temp_buffer = "";
209 for (i=0; i<expected_address_cnt; i++) {
210 /* check if we get a match and prepare an error string */
211 if (strcmp(address, expected_address[i]) == 0) result = STATE_OK;
212 asprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]);
213 }
214 if (result == STATE_CRITICAL) {
215 /* Strip off last semicolon... */
216 temp_buffer[strlen(temp_buffer)-2] = '\0';
217 asprintf(&msg, _("expected '%s' but got '%s'"), temp_buffer, address);
218 }
208 } 219 }
209 220
210 /* check if authoritative */ 221 /* check if authoritative */
@@ -380,8 +391,9 @@ process_arguments (int argc, char **argv)
380 case 'a': /* expected address */ 391 case 'a': /* expected address */
381 if (strlen (optarg) >= ADDRESS_LENGTH) 392 if (strlen (optarg) >= ADDRESS_LENGTH)
382 die (STATE_UNKNOWN, _("Input buffer overflow\n")); 393 die (STATE_UNKNOWN, _("Input buffer overflow\n"));
383 strcpy (expected_address, optarg); 394 expected_address = (char **)realloc(expected_address, (expected_address_cnt+1) * sizeof(char**));
384 match_expected_address = TRUE; 395 expected_address[expected_address_cnt] = strdup(optarg);
396 expected_address_cnt++;
385 break; 397 break;
386 case 'A': /* expect authority */ 398 case 'A': /* expect authority */
387 expect_authority = TRUE; 399 expect_authority = TRUE;
@@ -451,8 +463,10 @@ print_help (void)
451 printf (" -s, --server=HOST\n"); 463 printf (" -s, --server=HOST\n");
452 printf (" %s\n", _("Optional DNS server you want to use for the lookup")); 464 printf (" %s\n", _("Optional DNS server you want to use for the lookup"));
453 printf (" -a, --expected-address=IP-ADDRESS|HOST\n"); 465 printf (" -a, --expected-address=IP-ADDRESS|HOST\n");
454 printf (" %s\n", _("Optional IP-ADDRESS you expect the DNS server to return. HOST must end with .")); 466 printf (" %s\n", _("Optional IP-ADDRESS you expect the DNS server to return. HOST must end with"));
455 printf (" %s\n", _("Multiple addresses can be separated with commas, and need to be sorted.")); 467 printf (" %s\n", _("a dot (.). This option can be repeated multiple times (Returns OK if any"));
468 printf (" %s\n", _("value match). If multiple are returned at once, you have to match the whole"));
469 printf (" %s\n", _("string of addresses separated with commas (it needs to be sorted)."));
456 printf (" -A, --expect-authority\n"); 470 printf (" -A, --expect-authority\n");
457 printf (" %s\n", _("Optionally expect the DNS server to be authoritative for the lookup")); 471 printf (" %s\n", _("Optionally expect the DNS server to be authoritative for the lookup"));
458 printf (" -w, --warning=seconds\n"); 472 printf (" -w, --warning=seconds\n");