summaryrefslogtreecommitdiffstats
path: root/plugins/check_dns.c
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/check_dns.c')
-rw-r--r--plugins/check_dns.c43
1 files changed, 33 insertions, 10 deletions
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index f2061636..b90f50e6 100644
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
@@ -56,6 +56,7 @@ char **expected_address = NULL;
56int expected_address_cnt = 0; 56int expected_address_cnt = 0;
57 57
58int expect_authority = FALSE; 58int expect_authority = FALSE;
59int all_match = FALSE;
59thresholds *time_thresholds = NULL; 60thresholds *time_thresholds = NULL;
60 61
61static int 62static int
@@ -168,8 +169,8 @@ main (int argc, char **argv)
168 temp_buffer++; 169 temp_buffer++;
169 170
170 /* Strip leading spaces */ 171 /* Strip leading spaces */
171 for (; *temp_buffer != '\0' && *temp_buffer == ' '; temp_buffer++) 172 while (*temp_buffer == ' ')
172 /* NOOP */; 173 temp_buffer++;
173 174
174 strip(temp_buffer); 175 strip(temp_buffer);
175 if (temp_buffer==NULL || strlen(temp_buffer)==0) { 176 if (temp_buffer==NULL || strlen(temp_buffer)==0) {
@@ -201,7 +202,10 @@ main (int argc, char **argv)
201 if (error_scan (chld_err.line[i]) != STATE_OK) { 202 if (error_scan (chld_err.line[i]) != STATE_OK) {
202 result = max_state (result, error_scan (chld_err.line[i])); 203 result = max_state (result, error_scan (chld_err.line[i]));
203 msg = strchr(input_buffer, ':'); 204 msg = strchr(input_buffer, ':');
204 if(msg) msg++; 205 if(msg)
206 msg++;
207 else
208 msg = input_buffer;
205 } 209 }
206 } 210 }
207 211
@@ -228,16 +232,27 @@ main (int argc, char **argv)
228 if (result == STATE_OK && expected_address_cnt > 0) { 232 if (result == STATE_OK && expected_address_cnt > 0) {
229 result = STATE_CRITICAL; 233 result = STATE_CRITICAL;
230 temp_buffer = ""; 234 temp_buffer = "";
235 unsigned long expect_match = (1 << expected_address_cnt) - 1;
236 unsigned long addr_match = (1 << n_addresses) - 1;
231 237
232 for (i=0; i<expected_address_cnt; i++) { 238 for (i=0; i<expected_address_cnt; i++) {
239 int j;
233 /* check if we get a match on 'raw' ip or cidr */ 240 /* check if we get a match on 'raw' ip or cidr */
234 if ( strcmp(address, expected_address[i]) == 0 241 for (j=0; j<n_addresses; j++) {
235 || ip_match_cidr(address, expected_address[i]) ) 242 if ( strcmp(addresses[j], expected_address[i]) == 0
236 result = STATE_OK; 243 || ip_match_cidr(addresses[j], expected_address[i]) ) {
244 result = STATE_OK;
245 addr_match &= ~(1 << j);
246 expect_match &= ~(1 << i);
247 }
248 }
237 249
238 /* prepare an error string */ 250 /* prepare an error string */
239 xasprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]); 251 xasprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]);
240 } 252 }
253 /* check if expected_address must cover all in addresses and none may be missing */
254 if (all_match && (expect_match != 0 || addr_match != 0))
255 result = STATE_CRITICAL;
241 if (result == STATE_CRITICAL) { 256 if (result == STATE_CRITICAL) {
242 /* Strip off last semicolon... */ 257 /* Strip off last semicolon... */
243 temp_buffer[strlen(temp_buffer)-2] = '\0'; 258 temp_buffer[strlen(temp_buffer)-2] = '\0';
@@ -336,6 +351,8 @@ error_scan (char *input_buffer)
336 /* DNS server is not running... */ 351 /* DNS server is not running... */
337 else if (strstr (input_buffer, "No response from server")) 352 else if (strstr (input_buffer, "No response from server"))
338 die (STATE_CRITICAL, _("No response from DNS %s\n"), dns_server); 353 die (STATE_CRITICAL, _("No response from DNS %s\n"), dns_server);
354 else if (strstr (input_buffer, "no servers could be reached"))
355 die (STATE_CRITICAL, _("No response from DNS %s\n"), dns_server);
339 356
340 /* Host name is valid, but server doesn't have records... */ 357 /* Host name is valid, but server doesn't have records... */
341 else if (strstr (input_buffer, "No records")) 358 else if (strstr (input_buffer, "No records"))
@@ -401,6 +418,7 @@ process_arguments (int argc, char **argv)
401 {"reverse-server", required_argument, 0, 'r'}, 418 {"reverse-server", required_argument, 0, 'r'},
402 {"expected-address", required_argument, 0, 'a'}, 419 {"expected-address", required_argument, 0, 'a'},
403 {"expect-authority", no_argument, 0, 'A'}, 420 {"expect-authority", no_argument, 0, 'A'},
421 {"all", no_argument, 0, 'L'},
404 {"warning", required_argument, 0, 'w'}, 422 {"warning", required_argument, 0, 'w'},
405 {"critical", required_argument, 0, 'c'}, 423 {"critical", required_argument, 0, 'c'},
406 {0, 0, 0, 0} 424 {0, 0, 0, 0}
@@ -414,7 +432,7 @@ process_arguments (int argc, char **argv)
414 strcpy (argv[c], "-t"); 432 strcpy (argv[c], "-t");
415 433
416 while (1) { 434 while (1) {
417 c = getopt_long (argc, argv, "hVvAt:H:s:r:a:w:c:", long_opts, &opt_index); 435 c = getopt_long (argc, argv, "hVvALt:H:s:r:a:w:c:", long_opts, &opt_index);
418 436
419 if (c == -1 || c == EOF) 437 if (c == -1 || c == EOF)
420 break; 438 break;
@@ -462,6 +480,9 @@ process_arguments (int argc, char **argv)
462 case 'A': /* expect authority */ 480 case 'A': /* expect authority */
463 expect_authority = TRUE; 481 expect_authority = TRUE;
464 break; 482 break;
483 case 'L': /* all must match */
484 all_match = TRUE;
485 break;
465 case 'w': 486 case 'w':
466 warning = optarg; 487 warning = optarg;
467 break; 488 break;
@@ -530,14 +551,16 @@ print_help (void)
530 printf (" -a, --expected-address=IP-ADDRESS|CIDR|HOST\n"); 551 printf (" -a, --expected-address=IP-ADDRESS|CIDR|HOST\n");
531 printf (" %s\n", _("Optional IP-ADDRESS/CIDR you expect the DNS server to return. HOST must end")); 552 printf (" %s\n", _("Optional IP-ADDRESS/CIDR you expect the DNS server to return. HOST must end"));
532 printf (" %s\n", _("with a dot (.). This option can be repeated multiple times (Returns OK if any")); 553 printf (" %s\n", _("with a dot (.). This option can be repeated multiple times (Returns OK if any"));
533 printf (" %s\n", _("value match). If multiple addresses are returned at once, you have to match")); 554 printf (" %s\n", _("value matches)."));
534 printf (" %s\n", _("the whole string of addresses separated with commas (sorted alphabetically)."));
535 printf (" -A, --expect-authority\n"); 555 printf (" -A, --expect-authority\n");
536 printf (" %s\n", _("Optionally expect the DNS server to be authoritative for the lookup")); 556 printf (" %s\n", _("Optionally expect the DNS server to be authoritative for the lookup"));
537 printf (" -w, --warning=seconds\n"); 557 printf (" -w, --warning=seconds\n");
538 printf (" %s\n", _("Return warning if elapsed time exceeds value. Default off")); 558 printf (" %s\n", _("Return warning if elapsed time exceeds value. Default off"));
539 printf (" -c, --critical=seconds\n"); 559 printf (" -c, --critical=seconds\n");
540 printf (" %s\n", _("Return critical if elapsed time exceeds value. Default off")); 560 printf (" %s\n", _("Return critical if elapsed time exceeds value. Default off"));
561 printf (" -L, --all\n");
562 printf (" %s\n", _("Return critical if the list of expected addresses does not match all addresses"));
563 printf (" %s\n", _("returned. Default off"));
541 564
542 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); 565 printf (UT_CONN_TIMEOUT, DEFAULT_SOCKET_TIMEOUT);
543 566
@@ -549,5 +572,5 @@ void
549print_usage (void) 572print_usage (void)
550{ 573{
551 printf ("%s\n", _("Usage:")); 574 printf ("%s\n", _("Usage:"));
552 printf ("%s -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit]\n", progname); 575 printf ("%s -H host [-s server] [-a expected-address] [-A] [-t timeout] [-w warn] [-c crit] [-L]\n", progname);
553} 576}