From 982f23a10738750326206ab80b8def700be0f585 Mon Sep 17 00:00:00 2001 From: Ton Voon Date: Wed, 21 Sep 2005 10:09:09 +0000 Subject: Moved into plugins-root/ git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@1234 f882894a-f735-0410-b71e-b25c423dba1c diff --git a/plugins/check_dhcp.c b/plugins/check_dhcp.c deleted file mode 100644 index a3e0c53..0000000 --- a/plugins/check_dhcp.c +++ /dev/null @@ -1,1261 +0,0 @@ -/****************************************************************************** -* -* CHECK_DHCP.C -* -* Program: DHCP plugin for Nagios -* License: GPL -* Copyright (c) 2001-2004 Ethan Galstad (nagios@nagios.org) -* -* License Information: -* -* This program is free software; you can redistribute it and/or modify -* it under the terms of the GNU General Public License as published by -* the Free Software Foundation; either version 2 of the License, or -* (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program; if not, write to the Free Software -* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -* -* $Id$ -* -*****************************************************************************/ - -const char *progname = "check_dhcp"; -const char *revision = "$Revision$"; -const char *copyright = "2001-2004"; -const char *email = "nagiosplug-devel@lists.sourceforge.net"; - -#include "common.h" -#include "netutils.h" -#include "utils.h" - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#if defined( __linux__ ) - -#include -#include - -#elif defined (__bsd__) - -#include -#include -#include - -#elif defined(__sun__) || defined(__solaris__) || defined(__hpux__) - -#define INSAP 22 -#define OUTSAP 24 - -#include -#include -#include -#include -#include - -#define bcopy(source, destination, length) memcpy(destination, source, length) - -#define AREA_SZ 5000 /* buffer length in bytes */ -static u_long ctl_area[AREA_SZ]; -static u_long dat_area[AREA_SZ]; -static struct strbuf ctl = {AREA_SZ, 0, (char *)ctl_area}; -static struct strbuf dat = {AREA_SZ, 0, (char *)dat_area}; - -#define GOT_CTRL 1 -#define GOT_DATA 2 -#define GOT_BOTH 3 -#define GOT_INTR 4 -#define GOT_ERR 128 - -#define u_int8_t uint8_t -#define u_int16_t uint16_t -#define u_int32_t uint32_t - -static int get_msg(int); -static int check_ctrl(int); -static int put_ctrl(int, int, int); -static int put_both(int, int, int, int); -static int dl_open(const char *, int, int *); -static int dl_bind(int, int, u_char *); -long mac_addr_dlpi( const char *, int, u_char *); - -#endif - -#define HAVE_GETOPT_H - - -/**** Common definitions ****/ - -#define STATE_OK 0 -#define STATE_WARNING 1 -#define STATE_CRITICAL 2 -#define STATE_UNKNOWN -1 - -#define OK 0 -#define ERROR -1 - -#define FALSE 0 -#define TRUE 1 - - -/**** DHCP definitions ****/ - -#define MAX_DHCP_CHADDR_LENGTH 16 -#define MAX_DHCP_SNAME_LENGTH 64 -#define MAX_DHCP_FILE_LENGTH 128 -#define MAX_DHCP_OPTIONS_LENGTH 312 - - -typedef struct dhcp_packet_struct{ - u_int8_t op; /* packet type */ - u_int8_t htype; /* type of hardware address for this machine (Ethernet, etc) */ - u_int8_t hlen; /* length of hardware address (of this machine) */ - u_int8_t hops; /* hops */ - u_int32_t xid; /* random transaction id number - chosen by this machine */ - u_int16_t secs; /* seconds used in timing */ - u_int16_t flags; /* flags */ - struct in_addr ciaddr; /* IP address of this machine (if we already have one) */ - struct in_addr yiaddr; /* IP address of this machine (offered by the DHCP server) */ - struct in_addr siaddr; /* IP address of DHCP server */ - struct in_addr giaddr; /* IP address of DHCP relay */ - unsigned char chaddr [MAX_DHCP_CHADDR_LENGTH]; /* hardware address of this machine */ - char sname [MAX_DHCP_SNAME_LENGTH]; /* name of DHCP server */ - char file [MAX_DHCP_FILE_LENGTH]; /* boot file name (used for diskless booting?) */ - char options[MAX_DHCP_OPTIONS_LENGTH]; /* options */ - }dhcp_packet; - - -typedef struct dhcp_offer_struct{ - struct in_addr server_address; /* address of DHCP server that sent this offer */ - struct in_addr offered_address; /* the IP address that was offered to us */ - u_int32_t lease_time; /* lease time in seconds */ - u_int32_t renewal_time; /* renewal time in seconds */ - u_int32_t rebinding_time; /* rebinding time in seconds */ - struct dhcp_offer_struct *next; - }dhcp_offer; - - -typedef struct requested_server_struct{ - struct in_addr server_address; - struct requested_server_struct *next; - }requested_server; - - -#define BOOTREQUEST 1 -#define BOOTREPLY 2 - -#define DHCPDISCOVER 1 -#define DHCPOFFER 2 -#define DHCPREQUEST 3 -#define DHCPDECLINE 4 -#define DHCPACK 5 -#define DHCPNACK 6 -#define DHCPRELEASE 7 - -#define DHCP_OPTION_MESSAGE_TYPE 53 -#define DHCP_OPTION_HOST_NAME 12 -#define DHCP_OPTION_BROADCAST_ADDRESS 28 -#define DHCP_OPTION_REQUESTED_ADDRESS 50 -#define DHCP_OPTION_LEASE_TIME 51 -#define DHCP_OPTION_RENEWAL_TIME 58 -#define DHCP_OPTION_REBINDING_TIME 59 - -#define DHCP_INFINITE_TIME 0xFFFFFFFF - -#define DHCP_BROADCAST_FLAG 32768 - -#define DHCP_SERVER_PORT 67 -#define DHCP_CLIENT_PORT 68 - -#define ETHERNET_HARDWARE_ADDRESS 1 /* used in htype field of dhcp packet */ -#define ETHERNET_HARDWARE_ADDRESS_LENGTH 6 /* length of Ethernet hardware addresses */ - -unsigned char client_hardware_address[MAX_DHCP_CHADDR_LENGTH]=""; - -char network_interface_name[8]="eth0"; - -u_int32_t packet_xid=0; - -u_int32_t dhcp_lease_time=0; -u_int32_t dhcp_renewal_time=0; -u_int32_t dhcp_rebinding_time=0; - -int dhcpoffer_timeout=2; - -dhcp_offer *dhcp_offer_list=NULL; -requested_server *requested_server_list=NULL; - -int valid_responses=0; /* number of valid DHCPOFFERs we received */ -int requested_servers=0; -int requested_responses=0; - -int request_specific_address=FALSE; -int received_requested_address=FALSE; -int verbose=0; -struct in_addr requested_address; - - -int process_arguments(int, char **); -int call_getopt(int, char **); -int validate_arguments(void); -void print_usage(void); -void print_help(void); - -int get_hardware_address(int,char *); - -int send_dhcp_discover(int); -int get_dhcp_offer(int); - -int get_results(void); - -int add_dhcp_offer(struct in_addr,dhcp_packet *); -int free_dhcp_offer_list(void); -int free_requested_server_list(void); - -int create_dhcp_socket(void); -int close_dhcp_socket(int); -int send_dhcp_packet(void *,int,int,struct sockaddr_in *); -int receive_dhcp_packet(void *,int,int,int,struct sockaddr_in *); - - - -int main(int argc, char **argv){ - int dhcp_socket; - int result; - - setlocale (LC_ALL, ""); - bindtextdomain (PACKAGE, LOCALEDIR); - textdomain (PACKAGE); - - if(process_arguments(argc,argv)!=OK){ - usage4 (_("Could not parse arguments")); - } - - /* create socket for DHCP communications */ - dhcp_socket=create_dhcp_socket(); - - /* get hardware address of client machine */ - get_hardware_address(dhcp_socket,network_interface_name); - - /* send DHCPDISCOVER packet */ - send_dhcp_discover(dhcp_socket); - - /* wait for a DHCPOFFER packet */ - get_dhcp_offer(dhcp_socket); - - /* close socket we created */ - close_dhcp_socket(dhcp_socket); - - /* determine state/plugin output to return */ - result=get_results(); - - /* free allocated memory */ - free_dhcp_offer_list(); - free_requested_server_list(); - - return result; - } - - - -/* determines hardware address on client machine */ -int get_hardware_address(int sock,char *interface_name){ - - int i; - -#if defined(__linux__) - struct ifreq ifr; - - strncpy((char *)&ifr.ifr_name,interface_name,sizeof(ifr.ifr_name)); - - /* try and grab hardware address of requested interface */ - if(ioctl(sock,SIOCGIFHWADDR,&ifr)<0){ - printf(_("Error: Could not get hardware address of interface '%s'\n"),interface_name); - exit(STATE_UNKNOWN); - } - - memcpy(&client_hardware_address[0],&ifr.ifr_hwaddr.sa_data,6); - -#elif defined(__bsd__) - /* King 2004 see ACKNOWLEDGEMENTS */ - - int mib[6], len; - char *buf; - unsigned char *ptr; - struct if_msghdr *ifm; - struct sockaddr_dl *sdl; - - mib[0] = CTL_NET; - mib[1] = AF_ROUTE; - mib[2] = 0; - mib[3] = AF_LINK; - mib[4] = NET_RT_IFLIST; - - if ((mib[5] = if_nametoindex(interface_name)) == 0) { - printf(_("Error: if_nametoindex error - %s.\n"), strerror(errno)); - exit(STATE_UNKNOWN); - } - - if (sysctl(mib, 6, NULL, &len, NULL, 0) < 0) { - printf(_("Error: Couldn't get hardware address from %s. sysctl 1 error - %s.\n"), interface_name, strerror(errno)); - exit(STATE_UNKNOWN); - } - - if ((buf = malloc(len)) == NULL) { - printf(_("Error: Couldn't get hardware address from interface %s. malloc error - %s.\n"), interface_name, strerror(errno)); - exit(4); - } - - if (sysctl(mib, 6, buf, &len, NULL, 0) < 0) { - printf(_("Error: Couldn't get hardware address from %s. sysctl 2 error - %s.\n"), interface_name, strerror(errno)); - exit(STATE_UNKNOWN); - } - - ifm = (struct if_msghdr *)buf; - sdl = (struct sockaddr_dl *)(ifm + 1); - ptr = (unsigned char *)LLADDR(sdl); - memcpy(&client_hardware_address[0], ptr, 6) ; - /* King 2004 */ - -#elif defined(__sun__) || defined(__solaris__) - - /* Kompf 2000-2003 see ACKNOWLEDGEMENTS */ - long stat; - char dev[20] = "/dev/"; - char *p; - int unit; - - for (p = interface_name; *p && isalpha(*p); p++) - /* no-op */ ; - if ( p != '\0' ) { - unit = atoi(p) ; - *p = '\0' ; - strncat(dev, interface_name, 6) ; - } else { - printf(_("Error: can't find unit number in interface_name (%s) - expecting TypeNumber eg lnc0.\n"), interface_name); - exit(STATE_UNKNOWN); - } - stat = mac_addr_dlpi(dev, unit, client_hardware_address); - if (stat != 0) { - printf(_("Error: can't read MAC address from DLPI streams interface for device %s unit %d.\n"), dev, unit); - exit(STATE_UNKNOWN); - } - -#elif defined(__hpux__) - - long stat; - char dev[20] = "/dev/dlpi" ; - int unit = 0; - - stat = mac_addr_dlpi(dev, unit, client_hardware_address); - if (stat != 0) { - printf(_("Error: can't read MAC address from DLPI streams interface for device %s unit %d.\n"), dev, unit); - exit(STATE_UNKNOWN); - } - /* Kompf 2000-2003 */ - -#else - printf(_("Error: can't get MAC address for this architecture.\n")); - exit(STATE_UNKNOWN); -#endif - - if (verbose) { - printf(_("Hardware address: ")); - for (i=0; i<6; ++i) - printf("%2.2x", client_hardware_address[i]); - printf( "\n"); - } - - return OK; - } - - -/* sends a DHCPDISCOVER broadcast message in an attempt to find DHCP servers */ -int send_dhcp_discover(int sock){ - dhcp_packet discover_packet; - struct sockaddr_in sockaddr_broadcast; - - - /* clear the packet data structure */ - bzero(&discover_packet,sizeof(discover_packet)); - - - /* boot request flag (backward compatible with BOOTP servers) */ - discover_packet.op=BOOTREQUEST; - - /* hardware address type */ - discover_packet.htype=ETHERNET_HARDWARE_ADDRESS; - - /* length of our hardware address */ - discover_packet.hlen=ETHERNET_HARDWARE_ADDRESS_LENGTH; - - discover_packet.hops=0; - - /* transaction id is supposed to be random */ - srand(time(NULL)); - packet_xid=random(); - discover_packet.xid=htonl(packet_xid); - - /**** WHAT THE HECK IS UP WITH THIS?!? IF I DON'T MAKE THIS CALL, ONLY ONE SERVER RESPONSE IS PROCESSED!!!! ****/ - /* downright bizzarre... */ - ntohl(discover_packet.xid); - - /*discover_packet.secs=htons(65535);*/ - discover_packet.secs=0xFF; - - /* tell server it should broadcast its response */ - discover_packet.flags=htons(DHCP_BROADCAST_FLAG); - - /* our hardware address */ - memcpy(discover_packet.chaddr,client_hardware_address,ETHERNET_HARDWARE_ADDRESS_LENGTH); - - /* first four bytes of options field is magic cookie (as per RFC 2132) */ - discover_packet.options[0]='\x63'; - discover_packet.options[1]='\x82'; - discover_packet.options[2]='\x53'; - discover_packet.options[3]='\x63'; - - /* DHCP message type is embedded in options field */ - discover_packet.options[4]=DHCP_OPTION_MESSAGE_TYPE; /* DHCP message type option identifier */ - discover_packet.options[5]='\x01'; /* DHCP message option length in bytes */ - discover_packet.options[6]=DHCPDISCOVER; - - /* the IP address we're requesting */ - if(request_specific_address==TRUE){ - discover_packet.options[7]=DHCP_OPTION_REQUESTED_ADDRESS; - discover_packet.options[8]='\x04'; - memcpy(&discover_packet.options[9],&requested_address,sizeof(requested_address)); - } - - /* send the DHCPDISCOVER packet to broadcast address */ - sockaddr_broadcast.sin_family=AF_INET; - sockaddr_broadcast.sin_port=htons(DHCP_SERVER_PORT); - sockaddr_broadcast.sin_addr.s_addr=INADDR_BROADCAST; - bzero(&sockaddr_broadcast.sin_zero,sizeof(sockaddr_broadcast.sin_zero)); - - - if (verbose) { - printf(_("DHCPDISCOVER to %s port %d\n"),inet_ntoa(sockaddr_broadcast.sin_addr),ntohs(sockaddr_broadcast.sin_port)); - printf("DHCPDISCOVER XID: %lu (0x%X)\n",ntohl(discover_packet.xid),ntohl(discover_packet.xid)); - printf("DHCDISCOVER ciaddr: %s\n",inet_ntoa(discover_packet.ciaddr)); - printf("DHCDISCOVER yiaddr: %s\n",inet_ntoa(discover_packet.yiaddr)); - printf("DHCDISCOVER siaddr: %s\n",inet_ntoa(discover_packet.siaddr)); - printf("DHCDISCOVER giaddr: %s\n",inet_ntoa(discover_packet.giaddr)); - } - - /* send the DHCPDISCOVER packet out */ - send_dhcp_packet(&discover_packet,sizeof(discover_packet),sock,&sockaddr_broadcast); - - if (verbose) - printf("\n\n"); - - return OK; - } - - - - -/* waits for a DHCPOFFER message from one or more DHCP servers */ -int get_dhcp_offer(int sock){ - dhcp_packet offer_packet; - struct sockaddr_in source; - int result=OK; - int timeout=1; - int responses=0; - int x; - time_t start_time; - time_t current_time; - - time(&start_time); - - /* receive as many responses as we can */ - for(responses=0,valid_responses=0;;){ - - time(¤t_time); - if((current_time-start_time)>=dhcpoffer_timeout) - break; - - if (verbose) - printf("\n\n"); - - bzero(&source,sizeof(source)); - bzero(&offer_packet,sizeof(offer_packet)); - - result=OK; - result=receive_dhcp_packet(&offer_packet,sizeof(offer_packet),sock,dhcpoffer_timeout,&source); - - if(result!=OK){ - if (verbose) - printf(_("Result=ERROR\n")); - - continue; - } - else{ - if (verbose) - printf(_("Result=OK\n")); - - responses++; - } - - if (verbose) { - printf(_("DHCPOFFER from IP address %s\n"),inet_ntoa(source.sin_addr)); - printf("DHCPOFFER XID: %lu (0x%X)\n",ntohl(offer_packet.xid),ntohl(offer_packet.xid)); - } - - /* check packet xid to see if its the same as the one we used in the discover packet */ - if(ntohl(offer_packet.xid)!=packet_xid){ - if (verbose) - printf(_("DHCPOFFER XID (%lu) did not match DHCPDISCOVER XID (%lu) - ignoring packet\n"),ntohl(offer_packet.xid),packet_xid); - - continue; - } - - /* check hardware address */ - result=OK; - if (verbose) - printf("DHCPOFFER chaddr: "); - - for(x=0;x %s\n",errno,strerror(errno)); - } - return ERROR; - } - else{ - if (verbose) { - printf(_("receive_dhcp_packet() result: %d\n"),recv_result); - printf(_("receive_dhcp_packet() source: %s\n"),inet_ntoa(source_address.sin_addr)); - } - - memcpy(address,&source_address,sizeof(source_address)); - return OK; - } - } - - return OK; - } - - -/* creates a socket for DHCP communication */ -int create_dhcp_socket(void){ - struct sockaddr_in myname; - struct ifreq interface; - int sock; - int flag=1; - - /* Set up the address we're going to bind to. */ - bzero(&myname,sizeof(myname)); - myname.sin_family=AF_INET; - myname.sin_port=htons(DHCP_CLIENT_PORT); - myname.sin_addr.s_addr=INADDR_ANY; /* listen on any address */ - bzero(&myname.sin_zero,sizeof(myname.sin_zero)); - - /* create a socket for DHCP communications */ - sock=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP); - if(sock<0){ - printf(_("Error: Could not create socket!\n")); - exit(STATE_UNKNOWN); - } - - if (verbose) - printf("DHCP socket: %d\n",sock); - - /* set the reuse address flag so we don't get errors when restarting */ - flag=1; - if(setsockopt(sock,SOL_SOCKET,SO_REUSEADDR,(char *)&flag,sizeof(flag))<0){ - printf(_("Error: Could not set reuse address option on DHCP socket!\n")); - exit(STATE_UNKNOWN); - } - - /* set the broadcast option - we need this to listen to DHCP broadcast messages */ - if(setsockopt(sock,SOL_SOCKET,SO_BROADCAST,(char *)&flag,sizeof flag)<0){ - printf(_("Error: Could not set broadcast option on DHCP socket!\n")); - exit(STATE_UNKNOWN); - } - - /* bind socket to interface */ -#if defined(__linux__) - strncpy(interface.ifr_ifrn.ifrn_name,network_interface_name,IFNAMSIZ); - if(setsockopt(sock,SOL_SOCKET,SO_BINDTODEVICE,(char *)&interface,sizeof(interface))<0){ - printf(_("Error: Could not bind socket to interface %s. Check your privileges...\n"),network_interface_name); - exit(STATE_UNKNOWN); - } - -#else - strncpy(interface.ifr_name,network_interface_name,IFNAMSIZ); -#endif - - /* bind the socket */ - if(bind(sock,(struct sockaddr *)&myname,sizeof(myname))<0){ - printf(_("Error: Could not bind to DHCP socket (port %d)! Check your privileges...\n"),DHCP_CLIENT_PORT); - exit(STATE_UNKNOWN); - } - - return sock; - } - - -/* closes DHCP socket */ -int close_dhcp_socket(int sock){ - - close(sock); - - return OK; - } - - -/* adds a requested server address to list in memory */ -int add_requested_server(struct in_addr server_address){ - requested_server *new_server; - - new_server=(requested_server *)malloc(sizeof(requested_server)); - if(new_server==NULL) - return ERROR; - - new_server->server_address=server_address; - - new_server->next=requested_server_list; - requested_server_list=new_server; - - requested_servers++; - - if (verbose) - printf(_("Requested server address: %s\n"),inet_ntoa(new_server->server_address)); - - return OK; - } - - - - -/* adds a DHCP OFFER to list in memory */ -int add_dhcp_offer(struct in_addr source,dhcp_packet *offer_packet){ - dhcp_offer *new_offer; - int x; - int y; - unsigned option_type; - unsigned option_length; - - if(offer_packet==NULL) - return ERROR; - - /* process all DHCP options present in the packet */ - for(x=4;xoptions[x]==-1 || (int)offer_packet->options[x]==0) - break; - - /* get option type */ - option_type=offer_packet->options[x++]; - - /* get option length */ - option_length=offer_packet->options[x++]; - - if (verbose) - printf("Option: %d (0x%02X)\n",option_type,option_length); - - /* get option data */ - if(option_type==DHCP_OPTION_LEASE_TIME) { - memcpy(&dhcp_lease_time, &offer_packet->options[x], - sizeof(dhcp_lease_time)); - dhcp_lease_time = ntohl(dhcp_lease_time); - } - if(option_type==DHCP_OPTION_RENEWAL_TIME) { - memcpy(&dhcp_renewal_time, &offer_packet->options[x], - sizeof(dhcp_renewal_time)); - dhcp_renewal_time = ntohl(dhcp_renewal_time); - } - if(option_type==DHCP_OPTION_REBINDING_TIME) { - memcpy(&dhcp_rebinding_time, &offer_packet->options[x], - sizeof(dhcp_rebinding_time)); - dhcp_rebinding_time = ntohl(dhcp_rebinding_time); - } - - /* skip option data we're ignoring */ - else - for(y=0;yserver_address=source; - new_offer->offered_address=offer_packet->yiaddr; - new_offer->lease_time=dhcp_lease_time; - new_offer->renewal_time=dhcp_renewal_time; - new_offer->rebinding_time=dhcp_rebinding_time; - - - if (verbose) { - printf(_("Added offer from server @ %s"),inet_ntoa(new_offer->server_address)); - printf(_(" of IP address %s\n"),inet_ntoa(new_offer->offered_address)); - } - - /* add new offer to head of list */ - new_offer->next=dhcp_offer_list; - dhcp_offer_list=new_offer; - - return OK; - } - - -/* frees memory allocated to DHCP OFFER list */ -int free_dhcp_offer_list(void){ - dhcp_offer *this_offer; - dhcp_offer *next_offer; - - for(this_offer=dhcp_offer_list;this_offer!=NULL;this_offer=next_offer){ - next_offer=this_offer->next; - free(this_offer); - } - - return OK; - } - - -/* frees memory allocated to requested server list */ -int free_requested_server_list(void){ - requested_server *this_server; - requested_server *next_server; - - for(this_server=requested_server_list;this_server!=NULL;this_server=next_server){ - next_server=this_server->next; - free(this_server); - } - - return OK; - } - - -/* gets state and plugin output to return */ -int get_results(void){ - dhcp_offer *temp_offer; - requested_server *temp_server; - int result; - u_int32_t max_lease_time=0; - - received_requested_address=FALSE; - - /* checks responses from requested servers */ - requested_responses=0; - if(requested_servers>0){ - - for(temp_server=requested_server_list;temp_server!=NULL;temp_server=temp_server->next){ - - for(temp_offer=dhcp_offer_list;temp_offer!=NULL;temp_offer=temp_offer->next){ - - /* get max lease time we were offered */ - if(temp_offer->lease_time>max_lease_time || temp_offer->lease_time==DHCP_INFINITE_TIME) - max_lease_time=temp_offer->lease_time; - - /* see if we got the address we requested */ - if(!memcmp(&requested_address,&temp_offer->offered_address,sizeof(requested_address))) - received_requested_address=TRUE; - - /* see if the servers we wanted a response from talked to us or not */ - if(!memcmp(&temp_offer->server_address,&temp_server->server_address,sizeof(temp_server->server_address))){ - if (verbose) { - printf(_("DHCP Server Match: Offerer=%s"),inet_ntoa(temp_offer->server_address)); - printf(_(" Requested=%s\n"),inet_ntoa(temp_server->server_address)); - } - requested_responses++; - } - } - } - - } - - /* else check and see if we got our requested address from any server */ - else{ - - for(temp_offer=dhcp_offer_list;temp_offer!=NULL;temp_offer=temp_offer->next){ - - /* get max lease time we were offered */ - if(temp_offer->lease_time>max_lease_time || temp_offer->lease_time==DHCP_INFINITE_TIME) - max_lease_time=temp_offer->lease_time; - - /* see if we got the address we requested */ - if(!memcmp(&requested_address,&temp_offer->offered_address,sizeof(requested_address))) - received_requested_address=TRUE; - } - } - - result=STATE_OK; - if(valid_responses==0) - result=STATE_CRITICAL; - else if(requested_servers>0 && requested_responses==0) - result=STATE_CRITICAL; - else if(requested_responses0) - printf(_(", %s%d of %d requested servers responded"),((requested_responses0)?"only ":"",requested_responses,requested_servers); - - if(request_specific_address==TRUE) - printf(_(", requested address (%s) was %soffered"),inet_ntoa(requested_address),(received_requested_address==TRUE)?"":_("not ")); - - printf(_(", max lease time = ")); - if(max_lease_time==DHCP_INFINITE_TIME) - printf(_("Infinity")); - else - printf("%lu sec",(unsigned long)max_lease_time); - - printf(".\n"); - - return result; - } - - -/* process command-line arguments */ -int process_arguments(int argc, char **argv){ - int c; - - if(argc<1) - return ERROR; - - c=0; - while((c+=(call_getopt(argc-c,&argv[c])))0) - dhcpoffer_timeout=atoi(optarg); - /* - else - usage("Time interval must be a nonnegative integer\n"); - */ - break; - - case 'i': /* interface name */ - - strncpy(network_interface_name,optarg,sizeof(network_interface_name)-1); - network_interface_name[sizeof(network_interface_name)-1]='\x0'; - - break; - - case 'V': /* version */ - print_revision(progname,revision); - exit(STATE_OK); - - case 'h': /* help */ - print_help(); - exit(STATE_OK); - - case 'v': /* verbose */ - verbose=1; - break; - - case '?': /* help */ - usage2 (_("Unknown argument"), optarg); - break; - - default: - break; - } - } - - return i; - } - - -int validate_arguments(void){ - - return OK; - } - -#if defined(__sun__) || defined(__solaris__) || defined(__hpux__) - - /* Kompf 2000-2003 see ACKNOWLEDGEMENTS */ - -/* get a message from a stream; return type of message */ -static int get_msg(int fd) -{ - int flags = 0; - int res, ret; - ctl_area[0] = 0; - dat_area[0] = 0; - ret = 0; - res = getmsg(fd, &ctl, &dat, &flags); - - if(res < 0) { - if(errno == EINTR) { - return(GOT_INTR); - } else { - printf("%s\n", "get_msg FAILED."); - return(GOT_ERR); - } - } - if(ctl.len > 0) { - ret |= GOT_CTRL; - } - if(dat.len > 0) { - ret |= GOT_DATA; - } - return(ret); -} - -/* verify that dl_primitive in ctl_area = prim */ -static int check_ctrl(int prim) -{ - dl_error_ack_t *err_ack = (dl_error_ack_t *)ctl_area; - if(err_ack->dl_primitive != prim) { - printf(_("Error: DLPI stream API failed to get MAC in check_ctrl: %s.\n"), strerror(errno)); - exit(STATE_UNKNOWN); - } - return 0; -} - -/* put a control message on a stream */ -static int put_ctrl(int fd, int len, int pri) -{ - ctl.len = len; - if(putmsg(fd, &ctl, 0, pri) < 0) { - printf(_("Error: DLPI stream API failed to get MAC in put_ctrl/putmsg(): %s.\n"), strerror(errno)); - exit(STATE_UNKNOWN); - } - return 0; -} - -/* put a control + data message on a stream */ -static int put_both(int fd, int clen, int dlen, int pri) -{ - ctl.len = clen; - dat.len = dlen; - if(putmsg(fd, &ctl, &dat, pri) < 0) { - printf(_("Error: DLPI stream API failed to get MAC in put_both/putmsg().\n"), strerror(errno)); - exit(STATE_UNKNOWN); - } - return 0; -} - -/* open file descriptor and attach */ -static int dl_open(const char *dev, int unit, int *fd) -{ - dl_attach_req_t *attach_req = (dl_attach_req_t *)ctl_area; - if((*fd = open(dev, O_RDWR)) == -1) { - printf(_("Error: DLPI stream API failed to get MAC in dl_attach_req/open(%s..): %s.\n"), dev, strerror(errno)); - exit(STATE_UNKNOWN); - } - attach_req->dl_primitive = DL_ATTACH_REQ; - attach_req->dl_ppa = unit; - put_ctrl(*fd, sizeof(dl_attach_req_t), 0); - get_msg(*fd); - return check_ctrl(DL_OK_ACK); -} - -/* send DL_BIND_REQ */ -static int dl_bind(int fd, int sap, u_char *addr) -{ - dl_bind_req_t *bind_req = (dl_bind_req_t *)ctl_area; - dl_bind_ack_t *bind_ack = (dl_bind_ack_t *)ctl_area; - bind_req->dl_primitive = DL_BIND_REQ; - bind_req->dl_sap = sap; - bind_req->dl_max_conind = 1; - bind_req->dl_service_mode = DL_CLDLS; - bind_req->dl_conn_mgmt = 0; - bind_req->dl_xidtest_flg = 0; - put_ctrl(fd, sizeof(dl_bind_req_t), 0); - get_msg(fd); - if (GOT_ERR == check_ctrl(DL_BIND_ACK)) { - printf(_("Error: DLPI stream API failed to get MAC in dl_bind/check_ctrl(): %s.\n"), strerror(errno)); - exit(STATE_UNKNOWN); - } - bcopy((u_char *)bind_ack + bind_ack->dl_addr_offset, addr, - bind_ack->dl_addr_length); - return 0; -} - -/*********************************************************************** - * interface: - * function mac_addr_dlpi - get the mac address of the interface with - * type dev (eg lnc, hme) and unit (0, 1 ..) - * - * parameter: addr: an array of six bytes, has to be allocated by the caller - * - * return: 0 if OK, -1 if the address could not be determined - * - * - ***********************************************************************/ - -long mac_addr_dlpi( const char *dev, int unit, u_char *addr) { - - int fd; - u_char mac_addr[25]; - - if (GOT_ERR != dl_open(dev, unit, &fd)) { - if (GOT_ERR != dl_bind(fd, INSAP, mac_addr)) { - bcopy( mac_addr, addr, 6); - return 0; - } - } - close(fd); - return -1; -} - - /* Kompf 2000-2003 */ - -#endif - - -/* print usage help */ -void print_help(void){ - - print_revision(progname,revision); - - printf("Copyright (c) 2001-2004 Ethan Galstad (nagios@nagios.org)\n\n"); - printf (COPYRIGHT, copyright, email); - - printf(_("This plugin tests the availability of DHCP servers on a network.\n\n")); - - print_usage(); - - printf(_("\ - -s, --serverip=IPADDRESS\n\ - IP address of DHCP server that we must hear from\n\ - -r, --requestedip=IPADDRESS\n\ - IP address that should be offered by at least one DHCP server\n\ - -t, --timeout=INTEGER\n\ - Seconds to wait for DHCPOFFER before timeout occurs\n\ - -i, --interface=STRING\n\ - Interface to to use for listening (i.e. eth0)\n\ - -v, --verbose\n\ - Print extra information (command-line use only)\n\ - -h, --help\n\ - Print detailed help screen\n\ - -V, --version\n\ - Print version information\n")); -} - - -void print_usage(void) -{ - printf("\ -Usage: %s [-s serverip] [-r requestedip] [-t timeout] [-i interface]\n\ - [-v]",progname); -} - - - diff --git a/plugins/check_icmp.c b/plugins/check_icmp.c deleted file mode 100644 index 2f03552..0000000 --- a/plugins/check_icmp.c +++ /dev/null @@ -1,1199 +0,0 @@ -/* - * $Id$ - * - * Author: Andreas Ericsson - * - * License: GNU GPL 2.0 or any later version. - * - * Relevant RFC's: 792 (ICMP), 791 (IP) - * - * This program was modeled somewhat after the check_icmp program, - * which was in turn a hack of fping (www.fping.org) but has been - * completely rewritten since to generate higher precision rta values, - * and support several different modes as well as setting ttl to control. - * redundant routes. The only remainders of fping is currently a few - * function names. - * - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -/** sometimes undefined system macros (quite a few, actually) **/ -#ifndef MAXTTL -# define MAXTTL 255 -#endif -#ifndef INADDR_NONE -# define INADDR_NONE 0xffffffU -#endif - -#ifndef SOL_IP -#define SOL_IP 0 -#endif - -/* we bundle these in one #ifndef, since they're all from BSD - * Put individual #ifndef's around those that bother you */ -#ifndef ICMP_UNREACH_NET_UNKNOWN -# define ICMP_UNREACH_NET_UNKNOWN 6 -# define ICMP_UNREACH_HOST_UNKNOWN 7 -# define ICMP_UNREACH_ISOLATED 8 -# define ICMP_UNREACH_NET_PROHIB 9 -# define ICMP_UNREACH_HOST_PROHIB 10 -# define ICMP_UNREACH_TOSNET 11 -# define ICMP_UNREACH_TOSHOST 12 -#endif -/* tru64 has the ones above, but not these */ -#ifndef ICMP_UNREACH_FILTER_PROHIB -# define ICMP_UNREACH_FILTER_PROHIB 13 -# define ICMP_UNREACH_HOST_PRECEDENCE 14 -# define ICMP_UNREACH_PRECEDENCE_CUTOFF 15 -#endif - - -/** typedefs and such **/ -enum states { - STATE_OK = 0, - STATE_WARNING, - STATE_CRITICAL, - STATE_UNKNOWN, - STATE_DEPENDENT, - STATE_OOB -}; - -typedef unsigned short range_t; /* type for get_range() -- unimplemented */ - -typedef struct rta_host { - unsigned short id; /* id in **table, and icmp pkts */ - char *name; /* arg used for adding this host */ - char *msg; /* icmp error message, if any */ - struct sockaddr_in saddr_in; /* the address of this host */ - struct in_addr error_addr; /* stores address of error replies */ - unsigned long long time_waited; /* total time waited, in usecs */ - unsigned int icmp_sent, icmp_recv, icmp_lost; /* counters */ - unsigned char icmp_type, icmp_code; /* type and code from errors */ - unsigned short flags; /* control/status flags */ - double rta; /* measured RTA */ - unsigned char pl; /* measured packet loss */ - struct rta_host *next; /* linked list */ -} rta_host; - -#define FLAG_LOST_CAUSE 0x01 /* decidedly dead target. */ - -/* threshold structure. all values are maximum allowed, exclusive */ -typedef struct threshold { - unsigned char pl; /* max allowed packet loss in percent */ - unsigned int rta; /* roundtrip time average, microseconds */ -} threshold; - -/* the data structure */ -typedef struct icmp_ping_data { - struct timeval stime; /* timestamp (saved in protocol struct as well) */ - unsigned short ping_id; -} icmp_ping_data; - -/* the different modes of this program are as follows: - * MODE_RTA: send all packets no matter what (mimic check_icmp and check_ping) - * MODE_HOSTCHECK: Return immediately upon any sign of life - * In addition, sends packets to ALL addresses assigned - * to this host (as returned by gethostbyname() or - * gethostbyaddr() and expects one host only to be checked at - * a time. Therefore, any packet response what so ever will - * count as a sign of life, even when received outside - * crit.rta limit. Do not misspell any additional IP's. - * MODE_ALL: Requires packets from ALL requested IP to return OK (default). - * MODE_ICMP: implement something similar to check_icmp (MODE_RTA without - * tcp and udp args does this) - */ -#define MODE_RTA 0 -#define MODE_HOSTCHECK 1 -#define MODE_ALL 2 -#define MODE_ICMP 3 - -/* the different ping types we can do - * TODO: investigate ARP ping as well */ -#define HAVE_ICMP 1 -#define HAVE_UDP 2 -#define HAVE_TCP 4 -#define HAVE_ARP 8 - -#define MIN_PING_DATA_SIZE sizeof(struct icmp_ping_data) -#define MAX_IP_PKT_SIZE 65536 /* (theoretical) max IP packet size */ -#define IP_HDR_SIZE 20 -#define MAX_PING_DATA (MAX_IP_PKT_SIZE - IP_HDR_SIZE - ICMP_MINLEN) -#define DEFAULT_PING_DATA_SIZE (MIN_PING_DATA_SIZE + 44) - -/* various target states */ -#define TSTATE_INACTIVE 0x01 /* don't ping this host anymore */ -#define TSTATE_WAITING 0x02 /* unanswered packets on the wire */ -#define TSTATE_ALIVE 0x04 /* target is alive (has answered something) */ -#define TSTATE_UNREACH 0x08 - -/** prototypes **/ -static void usage(unsigned char, char *); -static u_int get_timevar(const char *); -static u_int get_timevaldiff(struct timeval *, struct timeval *); -static int wait_for_reply(int, u_int); -static int recvfrom_wto(int, char *, unsigned int, struct sockaddr *, u_int *); -static int send_icmp_ping(int, struct rta_host *); -static int get_threshold(char *str, threshold *th); -static void run_checks(void); -static int add_target(char *); -static int add_target_ip(char *, struct in_addr *); -static int handle_random_icmp(struct icmp *, struct sockaddr_in *); -static unsigned short icmp_checksum(unsigned short *, int); -static void finish(int); -static void crash(const char *, ...); - -/** external **/ -extern int optind, opterr, optopt; -extern char *optarg; -extern char **environ; - -/** global variables **/ -static char *progname; -static struct rta_host **table, *cursor, *list; -static threshold crit = {80, 500000}, warn = {40, 200000}; -static int mode, protocols, sockets, debug = 0, timeout = 10; -static unsigned short icmp_pkt_size, icmp_data_size = DEFAULT_PING_DATA_SIZE; -static unsigned int icmp_sent = 0, icmp_recv = 0, icmp_lost = 0; -#define icmp_pkts_en_route (icmp_sent - (icmp_recv + icmp_lost)) -static unsigned short targets_down = 0, targets = 0, packets = 0; -#define targets_alive (targets - targets_down) -static unsigned int retry_interval, pkt_interval, target_interval; -static int icmp_sock, tcp_sock, udp_sock, status = STATE_OK; -static pid_t pid; -static struct timezone tz; -static struct timeval prog_start; -static unsigned long long max_completion_time = 0; -static unsigned char ttl = 0; /* outgoing ttl */ -static unsigned int warn_down = 1, crit_down = 1; /* host down threshold values */ -float pkt_backoff_factor = 1.5; -float target_backoff_factor = 1.5; - -/** code start **/ -static void -crash(const char *fmt, ...) -{ - va_list ap; - - printf("%s: ", progname); - - va_start(ap, fmt); - vprintf(fmt, ap); - va_end(ap); - - if(errno) printf(": %s", strerror(errno)); - puts(""); - - exit(3); -} - - -static char * -get_icmp_error_msg(unsigned char icmp_type, unsigned char icmp_code) -{ - char *msg = "unreachable"; - - if(debug > 1) printf("get_icmp_error_msg(%u, %u)\n", icmp_type, icmp_code); - switch(icmp_type) { - case ICMP_UNREACH: - switch(icmp_code) { - case ICMP_UNREACH_NET: msg = "Net unreachable"; break; - case ICMP_UNREACH_HOST: msg = "Host unreachable"; break; - case ICMP_UNREACH_PROTOCOL: msg = "Protocol unreachable (firewall?)"; break; - case ICMP_UNREACH_PORT: msg = "Port unreachable (firewall?)"; break; - case ICMP_UNREACH_NEEDFRAG: msg = "Fragmentation needed"; break; - case ICMP_UNREACH_SRCFAIL: msg = "Source route failed"; break; - case ICMP_UNREACH_ISOLATED: msg = "Source host isolated"; break; - case ICMP_UNREACH_NET_UNKNOWN: msg = "Unknown network"; break; - case ICMP_UNREACH_HOST_UNKNOWN: msg = "Unknown host"; break; - case ICMP_UNREACH_NET_PROHIB: msg = "Network denied (firewall?)"; break; - case ICMP_UNREACH_HOST_PROHIB: msg = "Host denied (firewall?)"; break; - case ICMP_UNREACH_TOSNET: msg = "Bad TOS for network (firewall?)"; break; - case ICMP_UNREACH_TOSHOST: msg = "Bad TOS for host (firewall?)"; break; - case ICMP_UNREACH_FILTER_PROHIB: msg = "Prohibited by filter (firewall)"; break; - case ICMP_UNREACH_HOST_PRECEDENCE: msg = "Host precedence violation"; break; - case ICMP_UNREACH_PRECEDENCE_CUTOFF: msg = "Precedence cutoff"; break; - default: msg = "Invalid code"; break; - } - break; - - case ICMP_TIMXCEED: - /* really 'out of reach', or non-existant host behind a router serving - * two different subnets */ - switch(icmp_code) { - case ICMP_TIMXCEED_INTRANS: msg = "Time to live exceeded in transit"; break; - case ICMP_TIMXCEED_REASS: msg = "Fragment reassembly time exceeded"; break; - default: msg = "Invalid code"; break; - } - break; - - case ICMP_SOURCEQUENCH: msg = "Transmitting too fast"; break; - case ICMP_REDIRECT: msg = "Redirect (change route)"; break; - case ICMP_PARAMPROB: msg = "Bad IP header (required option absent)"; break; - - /* the following aren't error messages, so ignore */ - case ICMP_TSTAMP: - case ICMP_TSTAMPREPLY: - case ICMP_IREQ: - case ICMP_IREQREPLY: - case ICMP_MASKREQ: - case ICMP_MASKREPLY: - default: msg = ""; break; - } - - return msg; -} - -static int -handle_random_icmp(struct icmp *p, struct sockaddr_in *addr) -{ - struct icmp *sent_icmp = NULL; - struct rta_host *host = NULL; - unsigned char *ptr; - - if(p->icmp_type == ICMP_ECHO && p->icmp_id == pid) { - /* echo request from us to us (pinging localhost) */ - return 0; - } - - ptr = (unsigned char *)p; - if(debug) printf("handle_random_icmp(%p, %p)\n", (void *)p, (void *)addr); - - /* only handle a few types, since others can't possibly be replies to - * us in a sane network (if it is anyway, it will be counted as lost - * at summary time, but not as quickly as a proper response */ - /* TIMXCEED can be an unreach from a router with multiple IP's which - * serves two different subnets on the same interface and a dead host - * on one net is pinged from the other. The router will respond to - * itself and thus set TTL=0 so as to not loop forever. Even when - * TIMXCEED actually sends a proper icmp response we will have passed - * too many hops to have a hope of reaching it later, in which case it - * indicates overconfidence in the network, poor routing or both. */ - if(p->icmp_type != ICMP_UNREACH && p->icmp_type != ICMP_TIMXCEED && - p->icmp_type != ICMP_SOURCEQUENCH && p->icmp_type != ICMP_PARAMPROB) - { - return 0; - } - - /* might be for us. At least it holds the original package (according - * to RFC 792). If it isn't, just ignore it */ - sent_icmp = (struct icmp *)(ptr + 28); - if(sent_icmp->icmp_type != ICMP_ECHO || sent_icmp->icmp_id != pid || - sent_icmp->icmp_seq >= targets) - { - if(debug) printf("Packet is no response to a packet we sent\n"); - return 0; - } - - /* it is indeed a response for us */ - host = table[sent_icmp->icmp_seq]; - if(debug) { - printf("Received \"%s\" from %s for ICMP ECHO sent to %s.\n", - get_icmp_error_msg(p->icmp_type, p->icmp_code), - inet_ntoa(addr->sin_addr), host->name); - } - - icmp_lost++; - host->icmp_lost++; - /* don't spend time on lost hosts any more */ - if(host->flags & FLAG_LOST_CAUSE) return 0; - - /* source quench means we're sending too fast, so increase the - * interval and mark this packet lost */ - if(p->icmp_type == ICMP_SOURCEQUENCH) { - pkt_interval *= pkt_backoff_factor; - target_interval *= target_backoff_factor; - } - else { - targets_down++; - host->flags |= FLAG_LOST_CAUSE; - } - host->icmp_type = p->icmp_type; - host->icmp_code = p->icmp_code; - host->error_addr.s_addr = addr->sin_addr.s_addr; - - return 0; -} - -int -main(int argc, char **argv) -{ - int i; - char *ptr; - long int arg; - int icmp_sockerrno, udp_sockerrno, tcp_sockerrno; - int result; - struct rta_host *host; - - /* we only need to be setsuid when we get the sockets, so do - * that before pointer magic (esp. on network data) */ - icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0; - - if((icmp_sock = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1) - sockets |= HAVE_ICMP; - else icmp_sockerrno = errno; - - /* if((udp_sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) != -1) */ - /* sockets |= HAVE_UDP; */ - /* else udp_sockerrno = errno; */ - - /* if((tcp_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1) */ - /* sockets |= HAVE_TCP; */ - /* else tcp_sockerrno = errno; */ - - /* now drop privileges (no effect if not setsuid or geteuid() == 0) */ - setuid(getuid()); - - /* POSIXLY_CORRECT might break things, so unset it (the portable way) */ - environ = NULL; - - /* use the pid to mark packets as ours */ - pid = getpid(); - /* printf("pid = %u\n", pid); */ - - /* get calling name the old-fashioned way for portability instead - * of relying on the glibc-ism __progname */ - ptr = strrchr(argv[0], '/'); - if(ptr) progname = &ptr[1]; - else progname = argv[0]; - - /* now set defaults. Use progname to set them initially (allows for - * superfast check_host program when target host is up */ - cursor = list = NULL; - table = NULL; - - mode = MODE_RTA; - crit.rta = 500000; - crit.pl = 80; - warn.rta = 200000; - warn.pl = 40; - protocols = HAVE_ICMP | HAVE_UDP | HAVE_TCP; - pkt_interval = 80000; /* 80 msec packet interval by default */ - packets = 5; - - if(!strcmp(progname, "check_icmp") || !strcmp(progname, "check_ping")) { - mode = MODE_ICMP; - protocols = HAVE_ICMP; - } - else if(!strcmp(progname, "check_host")) { - mode = MODE_HOSTCHECK; - pkt_interval = 1000000; - packets = 5; - crit.rta = warn.rta = 1000000; - crit.pl = warn.pl = 100; - } - else if(!strcmp(progname, "check_rta_multi")) { - mode = MODE_ALL; - target_interval = 0; - pkt_interval = 50000; - packets = 5; - } - - /* parse the arguments */ - for(i = 1; i < argc; i++) { - while((arg = getopt(argc, argv, "vhVw:c:n:p:t:H:i:b:I:l:")) != EOF) { - switch(arg) { - case 'v': - debug++; - break; - case 'b': - /* silently ignored for now */ - break; - case 'i': - pkt_interval = get_timevar(optarg); - break; - case 'I': - target_interval = get_timevar(optarg); - break; - case 'w': - get_threshold(optarg, &warn); - break; - case 'c': - get_threshold(optarg, &crit); - break; - case 'n': - case 'p': - packets = strtoul(optarg, NULL, 0); - break; - case 't': - timeout = strtoul(optarg, NULL, 0); - if(!timeout) timeout = 10; - break; - case 'H': - add_target(optarg); - break; - case 'l': - ttl = (unsigned char)strtoul(optarg, NULL, 0); - break; - case 'd': /* implement later, for cluster checks */ - warn_down = (unsigned char)strtoul(optarg, &ptr, 0); - if(ptr) { - crit_down = (unsigned char)strtoul(ptr + 1, NULL, 0); - } - break; - case 'h': case 'V': default: - usage(arg, NULL); - break; - } - } - } - - argv = &argv[optind]; - while(*argv) { - add_target(*argv); - argv++; - } - if(!targets) { - errno = 0; - crash("No hosts to check"); - exit(3); - } - - if(!sockets) { - if(icmp_sock == -1) { - errno = icmp_sockerrno; - crash("Failed to obtain ICMP socket"); - return -1; - } - /* if(udp_sock == -1) { */ - /* errno = icmp_sockerrno; */ - /* crash("Failed to obtain UDP socket"); */ - /* return -1; */ - /* } */ - /* if(tcp_sock == -1) { */ - /* errno = icmp_sockerrno; */ - /* crash("Failed to obtain TCP socker"); */ - /* return -1; */ - /* } */ - } - if(!ttl) ttl = 64; - - if(icmp_sock) { - result = setsockopt(icmp_sock, SOL_IP, IP_TTL, &ttl, sizeof(ttl)); - if(debug) { - if(result == -1) printf("setsockopt failed\n"); - else printf("ttl set to %u\n", ttl); - } - } - - /* stupid users should be able to give whatever thresholds they want - * (nothing will break if they do), but some anal plugin maintainer - * will probably add some printf() thing here later, so it might be - * best to at least show them where to do it. ;) */ - if(warn.pl > crit.pl) warn.pl = crit.pl; - if(warn.rta > crit.rta) warn.rta = crit.rta; - if(warn_down > crit_down) crit_down = warn_down; - - signal(SIGINT, finish); - signal(SIGHUP, finish); - signal(SIGTERM, finish); - signal(SIGALRM, finish); - if(debug) printf("Setting alarm timeout to %u seconds\n", timeout); - alarm(timeout); - - /* make sure we don't wait any longer than necessary */ - gettimeofday(&prog_start, &tz); - max_completion_time = - ((targets * packets * pkt_interval) + (targets * target_interval)) + - (targets * packets * crit.rta) + crit.rta; - - if(debug) { - printf("packets: %u, targets: %u\n" - "target_interval: %0.3f, pkt_interval %0.3f\n" - "crit.rta: %0.3f\n" - "max_completion_time: %0.3f\n", - packets, targets, - (float)target_interval / 1000, (float)pkt_interval / 1000, - (float)crit.rta / 1000, - (float)max_completion_time / 1000); - } - - if(debug) { - if(max_completion_time > (u_int)timeout * 1000000) { - printf("max_completion_time: %llu timeout: %u\n", - max_completion_time, timeout); - printf("Timout must be at lest %llu\n", - max_completion_time / 1000000 + 1); - } - } - - icmp_pkt_size = icmp_data_size + ICMP_MINLEN; - if(debug > 2) printf("icmp_pkt_size = %u\n", icmp_pkt_size); - if(icmp_pkt_size < sizeof(struct icmp) + sizeof(struct icmp_ping_data)) { - icmp_pkt_size = sizeof(struct icmp) + sizeof(struct icmp_ping_data); - } - if(debug > 2) printf("icmp_pkt_size = %u\n", icmp_pkt_size); - - if(debug) { - printf("crit = {%u, %u%%}, warn = {%u, %u%%}\n", - crit.rta, crit.pl, warn.rta, warn.pl); - printf("pkt_interval: %u target_interval: %u retry_interval: %u\n", - pkt_interval, target_interval, retry_interval); - printf("icmp_pkt_size: %u timeout: %u\n", - icmp_pkt_size, timeout); - } - - if(packets > 20) { - errno = 0; - crash("packets is > 20 (%d)", packets); - } - - host = list; - table = malloc(sizeof(struct rta_host **) * (argc - 1)); - i = 0; - while(host) { - host->id = i; - table[i] = host; - host = host->next; - i++; - } - - run_checks(); - - errno = 0; - finish(0); - - return(0); -} - -static void -run_checks() -{ - u_int i, t, result; - u_int final_wait, time_passed; - - /* this loop might actually violate the pkt_interval or target_interval - * settings, but only if there aren't any packets on the wire which - * indicates that the target can handle an increased packet rate */ - for(i = 0; i < packets; i++) { - for(t = 0; t < targets; t++) { - /* don't send useless packets */ - if(!targets_alive) finish(0); - if(table[t]->flags & FLAG_LOST_CAUSE) { - if(debug) printf("%s is a lost cause. not sending any more\n", - table[t]->name); - continue; - } - - /* we're still in the game, so send next packet */ - (void)send_icmp_ping(icmp_sock, table[t]); - result = wait_for_reply(icmp_sock, target_interval); - } - result = wait_for_reply(icmp_sock, pkt_interval * targets); - } - - if(icmp_pkts_en_route && targets_alive) { - time_passed = get_timevaldiff(NULL, NULL); - final_wait = max_completion_time - time_passed; - - if(debug) { - printf("time_passed: %u final_wait: %u max_completion_time: %llu\n", - time_passed, final_wait, max_completion_time); - } - if(time_passed > max_completion_time) { - if(debug) printf("Time passed. Finishing up\n"); - finish(0); - } - - /* catch the packets that might come in within the timeframe, but - * haven't yet */ - if(debug) printf("Waiting for %u micro-seconds (%0.3f msecs)\n", - final_wait, (float)final_wait / 1000); - result = wait_for_reply(icmp_sock, final_wait); - } -} - -/* response structure: - * ip header : 20 bytes - * icmp header : 28 bytes - * icmp echo reply : the rest - */ -static int -wait_for_reply(int sock, u_int t) -{ - int n, hlen; - static char buf[4096]; - struct sockaddr_in resp_addr; - struct ip *ip; - struct icmp *icp, *sent_icmp; - struct rta_host *host; - struct icmp_ping_data *data; - struct timeval wait_start, now; - u_int tdiff, i, per_pkt_wait; - - /* if we can't listen or don't have anything to listen to, just return */ - if(!t || !icmp_pkts_en_route) return 0; - - gettimeofday(&wait_start, &tz); - - i = t; - per_pkt_wait = t / icmp_pkts_en_route; - while(icmp_pkts_en_route && get_timevaldiff(&wait_start, NULL) < i) { - t = per_pkt_wait; - - /* wrap up if all targets are declared dead */ - if(!targets_alive || - get_timevaldiff(&prog_start, NULL) >= max_completion_time || - (mode == MODE_HOSTCHECK && targets_down)) - { - finish(0); - } - - /* reap responses until we hit a timeout */ - n = recvfrom_wto(sock, buf, sizeof(buf), - (struct sockaddr *)&resp_addr, &t); - if(!n) { - if(debug > 1) { - printf("recvfrom_wto() timed out during a %u usecs wait\n", - per_pkt_wait); - } - continue; /* timeout for this one, so keep trying */ - } - if(n < 0) { - if(debug) printf("recvfrom_wto() returned errors\n"); - return n; - } - - ip = (struct ip *)buf; - if(debug > 1) printf("received %u bytes from %s\n", - ntohs(ip->ip_len), inet_ntoa(resp_addr.sin_addr)); - -/* obsolete. alpha on tru64 provides the necessary defines, but isn't broken */ -/* #if defined( __alpha__ ) && __STDC__ && !defined( __GLIBC__ ) */ - /* alpha headers are decidedly broken. Using an ansi compiler, - * they provide ip_vhl instead of ip_hl and ip_v, so we mask - * off the bottom 4 bits */ -/* hlen = (ip->ip_vhl & 0x0f) << 2; */ -/* #else */ - hlen = ip->ip_hl << 2; -/* #endif */ - - if(n < (hlen + ICMP_MINLEN)) { - crash("received packet too short for ICMP (%d bytes, expected %d) from %s\n", - n, hlen + icmp_pkt_size, inet_ntoa(resp_addr.sin_addr)); - } - /* else if(debug) { */ - /* printf("ip header size: %u, packet size: %u (expected %u, %u)\n", */ - /* hlen, ntohs(ip->ip_len) - hlen, */ - /* sizeof(struct ip), icmp_pkt_size); */ - /* } */ - - /* check the response */ - icp = (struct icmp *)(buf + hlen); - sent_icmp = (struct icmp *)(buf + hlen + ICMP_MINLEN); - /* printf("buf: %p, icp: %p, distance: %u (expected %u)\n", */ - /* buf, icp, */ - /* (u_int)icp - (u_int)buf, hlen); */ - /* printf("buf: %p, sent_icmp: %p, distance: %u (expected %u)\n", */ - /* buf, sent_icmp, */ - /* (u_int)sent_icmp - (u_int)buf, hlen + ICMP_MINLEN); */ - - if(icp->icmp_id != pid) { - handle_random_icmp(icp, &resp_addr); - continue; - } - - if(icp->icmp_type != ICMP_ECHOREPLY || icp->icmp_seq >= targets) { - if(debug > 2) printf("not a proper ICMP_ECHOREPLY\n"); - handle_random_icmp(icp, &resp_addr); - continue; - } - - /* this is indeed a valid response */ - data = (struct icmp_ping_data *)(icp->icmp_data); - - host = table[icp->icmp_seq]; - gettimeofday(&now, &tz); - tdiff = get_timevaldiff(&data->stime, &now); - - host->time_waited += tdiff; - host->icmp_recv++; - icmp_recv++; - - if(debug) { - printf("%0.3f ms rtt from %s, outgoing ttl: %u, incoming ttl: %u\n", - (float)tdiff / 1000, inet_ntoa(resp_addr.sin_addr), - ttl, ip->ip_ttl); - } - - /* if we're in hostcheck mode, exit with limited printouts */ - if(mode == MODE_HOSTCHECK) { - printf("OK - %s responds to ICMP. Packet %u, rta %0.3fms|" - "pkt=%u;;0;%u rta=%0.3f;%0.3f;%0.3f;;\n", - host->name, icmp_recv, (float)tdiff / 1000, - icmp_recv, packets, (float)tdiff / 1000, - (float)warn.rta / 1000, (float)crit.rta / 1000); - exit(STATE_OK); - } - } - - return 0; -} - -/* the ping functions */ -static int -send_icmp_ping(int sock, struct rta_host *host) -{ - static char *buf = NULL; /* re-use so we prevent leaks */ - long int len; - struct icmp *icp; - struct icmp_ping_data *data; - struct timeval tv; - struct sockaddr *addr; - - - if(sock == -1) { - errno = 0; - crash("Attempt to send on bogus socket"); - return -1; - } - addr = (struct sockaddr *)&host->saddr_in; - - if(!buf) { - buf = (char *)malloc(icmp_pkt_size + sizeof(struct ip)); - if(!buf) { - crash("send_icmp_ping(): failed to malloc %d bytes for send buffer", - icmp_pkt_size); - return -1; /* might be reached if we're in debug mode */ - } - } - memset(buf, 0, icmp_pkt_size + sizeof(struct ip)); - - if((gettimeofday(&tv, &tz)) == -1) return -1; - - icp = (struct icmp *)buf; - icp->icmp_type = ICMP_ECHO; - icp->icmp_code = 0; - icp->icmp_cksum = 0; - icp->icmp_id = pid; - icp->icmp_seq = host->id; - data = (struct icmp_ping_data *)icp->icmp_data; - data->ping_id = 10; /* host->icmp.icmp_sent; */ - memcpy(&data->stime, &tv, sizeof(struct timeval)); - icp->icmp_cksum = icmp_checksum((u_short *)icp, icmp_pkt_size); - - len = sendto(sock, buf, icmp_pkt_size, 0, (struct sockaddr *)addr, - sizeof(struct sockaddr)); - - if(len < 0 || (unsigned int)len != icmp_pkt_size) { - if(debug) printf("Failed to send ping to %s\n", - inet_ntoa(host->saddr_in.sin_addr)); - return -1; - } - - icmp_sent++; - host->icmp_sent++; - - return 0; -} - -static int -recvfrom_wto(int sock, char *buf, unsigned int len, struct sockaddr *saddr, - u_int *timo) -{ - u_int slen; - int n; - struct timeval to, then, now; - fd_set rd, wr; - - if(!*timo) { - if(debug) printf("*timo is not\n"); - return 0; - } - - to.tv_sec = *timo / 1000000; - to.tv_usec = (*timo - (to.tv_sec * 1000000)); - - FD_ZERO(&rd); - FD_ZERO(&wr); - FD_SET(sock, &rd); - errno = 0; - gettimeofday(&then, &tz); - n = select(sock + 1, &rd, &wr, NULL, &to); - if(n < 0) crash("select() in recvfrom_wto"); - gettimeofday(&now, &tz); - *timo = get_timevaldiff(&then, &now); - - if(!n) return 0; /* timeout */ - - slen = sizeof(struct sockaddr); - - return recvfrom(sock, buf, len, 0, saddr, &slen); -} - -static void -finish(int sig) -{ - u_int i = 0; - unsigned char pl; - double rta; - struct rta_host *host; - char *status_string[] = - {"OK", "WARNING", "CRITICAL", "UNKNOWN", "DEPENDENT"}; - - alarm(0); - if(debug > 1) printf("finish(%d) called\n", sig); - - if(icmp_sock != -1) close(icmp_sock); - if(udp_sock != -1) close(udp_sock); - if(tcp_sock != -1) close(tcp_sock); - - if(debug) { - printf("icmp_sent: %u icmp_recv: %u icmp_lost: %u\n", - icmp_sent, icmp_recv, icmp_lost); - printf("targets: %u targets_alive: %u\n", targets, targets_alive); - } - - /* iterate thrice to calculate values, give output, and print perfparse */ - host = list; - while(host) { - if(!host->icmp_recv) { - /* rta 0 is ofcourse not entirely correct, but will still show up - * conspicuosly as missing entries in perfparse and cacti */ - pl = 100; - rta = 0; - status = STATE_CRITICAL; - /* up the down counter if not already counted */ - if(!(host->flags & FLAG_LOST_CAUSE) && targets_alive) targets_down++; - } - else { - pl = ((host->icmp_sent - host->icmp_recv) * 100) / host->icmp_sent; - rta = (double)host->time_waited / host->icmp_recv; - } - host->pl = pl; - host->rta = rta; - if(!status && (pl >= warn.pl || rta >= warn.rta)) status = STATE_WARNING; - if(pl >= crit.pl || rta >= crit.rta) status = STATE_CRITICAL; - - host = host->next; - } - /* this is inevitable */ - if(!targets_alive) status = STATE_CRITICAL; - printf("%s - ", status_string[status]); - - host = list; - while(host) { - if(debug) puts(""); - if(i) { - if(i < targets) printf(" :: "); - else printf("\n"); - } - i++; - if(!host->icmp_recv) { - status = STATE_CRITICAL; - if(host->flags & FLAG_LOST_CAUSE) { - printf("%s: %s @ %s. rta nan, lost %d%%", - host->name, - get_icmp_error_msg(host->icmp_type, host->icmp_code), - inet_ntoa(host->error_addr), - 100); - } - else { /* not marked as lost cause, so we have no flags for it */ - printf("%s: rta nan, lost 100%%", host->name); - } - } - else { /* !icmp_recv */ - printf("%s: rta %0.3fms, lost %u%%", - host->name, host->rta / 1000, host->pl); - } - - host = host->next; - } - - /* iterate once more for pretty perfparse output */ - printf("|"); - i = 0; - host = list; - while(host) { - if(debug) puts(""); - printf("%srta=%0.3fms;%0.3f;%0.3f;0; %spl=%u%%;%u;%u;; ", - (targets > 1) ? host->name : "", - host->rta / 1000, (float)warn.rta / 1000, (float)crit.rta / 1000, - (targets > 1) ? host->name : "", - host->pl, warn.pl, crit.pl); - - host = host->next; - } - - /* finish with an empty line */ - puts(""); - if(debug) printf("targets: %u, targets_alive: %u\n", - targets, targets_alive); - - exit(status); -} - -static u_int -get_timevaldiff(struct timeval *early, struct timeval *later) -{ - u_int ret; - struct timeval now; - - if(!later) { - gettimeofday(&now, &tz); - later = &now; - } - if(!early) early = &prog_start; - - /* if early > later we return 0 so as to indicate a timeout */ - if(early->tv_sec > early->tv_sec || - (early->tv_sec == later->tv_sec && early->tv_usec > later->tv_usec)) - { - return 0; - } - - ret = (later->tv_sec - early->tv_sec) * 1000000; - ret += later->tv_usec - early->tv_usec; - - return ret; -} - -static int -add_target_ip(char *arg, struct in_addr *in) -{ - struct rta_host *host; - - /* disregard obviously stupid addresses */ - if(in->s_addr == INADDR_NONE || in->s_addr == INADDR_ANY) - return -1; - - /* no point in adding two identical IP's, so don't. ;) */ - host = list; - while(host) { - if(host->saddr_in.sin_addr.s_addr == in->s_addr) { - if(debug) printf("Identical IP already exists. Not adding %s\n", arg); - return -1; - } - host = host->next; - } - - /* add the fresh ip */ - host = malloc(sizeof(struct rta_host)); - if(!host) { - crash("add_target_ip(%s, %s): malloc(%d) failed", - arg, inet_ntoa(*in), sizeof(struct rta_host)); - } - memset(host, 0, sizeof(struct rta_host)); - - /* set the values. use calling name for output */ - host->name = strdup(arg); - - /* fill out the sockaddr_in struct */ - host->saddr_in.sin_family = AF_INET; - host->saddr_in.sin_addr.s_addr = in->s_addr; - - if(!list) list = cursor = host; - else cursor->next = host; - - cursor = host; - targets++; - - return 0; -} - -/* wrapper for add_target_ip */ -static int -add_target(char *arg) -{ - int i; - struct hostent *he; - struct in_addr *in, ip; - - /* don't resolve if we don't have to */ - if((ip.s_addr = inet_addr(arg)) != INADDR_NONE) { - /* don't add all ip's if we were given a specific one */ - return add_target_ip(arg, &ip); - /* he = gethostbyaddr((char *)in, sizeof(struct in_addr), AF_INET); */ - /* if(!he) return add_target_ip(arg, in); */ - } - else { - errno = 0; - he = gethostbyname(arg); - if(!he) { - errno = 0; - crash("Failed to resolve %s", arg); - return -1; - } - } - - /* possibly add all the IP's as targets */ - for(i = 0; he->h_addr_list[i]; i++) { - in = (struct in_addr *)he->h_addr_list[i]; - add_target_ip(arg, in); - - /* this is silly, but it works */ - if(mode == MODE_HOSTCHECK || mode == MODE_ALL) { - printf("mode: %d\n", mode); - continue; - } - break; - } - - return 0; -} -/* - * u = micro - * m = milli - * s = seconds - * return value is in microseconds - */ -static u_int -get_timevar(const char *str) -{ - char p, u, *ptr; - unsigned int len; - u_int i, d; /* integer and decimal, respectively */ - u_int factor = 1000; /* default to milliseconds */ - - if(!str) return 0; - len = strlen(str); - if(!len) return 0; - - /* unit might be given as ms|m (millisec), - * us|u (microsec) or just plain s, for seconds */ - u = p = '\0'; - u = str[len - 1]; - if(len >= 2 && !isdigit((int)str[len - 2])) p = str[len - 2]; - if(p && u == 's') u = p; - else if(!p) p = u; - if(debug > 2) printf("evaluating %s, u: %c, p: %c\n", str, u, p); - - if(u == 'u') factor = 1; /* microseconds */ - else if(u == 'm') factor = 1000; /* milliseconds */ - else if(u == 's') factor = 1000000; /* seconds */ - if(debug > 2) printf("factor is %u\n", factor); - - i = strtoul(str, &ptr, 0); - if(!ptr || *ptr != '.' || strlen(ptr) < 2 || factor == 1) - return i * factor; - - /* time specified in usecs can't have decimal points, so ignore them */ - if(factor == 1) return i; - - d = strtoul(ptr + 1, NULL, 0); - - /* d is decimal, so get rid of excess digits */ - while(d >= factor) d /= 10; - - /* the last parenthesis avoids floating point exceptions. */ - return ((i * factor) + (d * (factor / 10))); -} - -/* not too good at checking errors, but it'll do (main() should barfe on -1) */ -static int -get_threshold(char *str, threshold *th) -{ - char *p = NULL, i = 0; - - if(!str || !strlen(str) || !th) return -1; - - /* pointer magic slims code by 10 lines. i is bof-stop on stupid libc's */ - p = &str[strlen(str) - 1]; - while(p != &str[1]) { - if(*p == '%') *p = '\0'; - else if(*p == ',' && i) { - *p = '\0'; /* reset it so get_timevar(str) works nicely later */ - th->pl = (unsigned char)strtoul(p+1, NULL, 0); - break; - } - i = 1; - p--; - } - th->rta = get_timevar(str); - - if(!th->rta) return -1; - - if(th->rta > MAXTTL * 1000000) th->rta = MAXTTL * 1000000; - if(th->pl > 100) th->pl = 100; - - return 0; -} - -unsigned short -icmp_checksum(unsigned short *p, int n) -{ - register unsigned short cksum; - register long sum = 0; - - while(n > 1) { - sum += *p++; - n -= 2; - } - - /* mop up the occasional odd byte */ - if(n == 1) sum += (unsigned char)*p; - - sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ - sum += (sum >> 16); /* add carry */ - cksum = ~sum; /* ones-complement, trunc to 16 bits */ - - return cksum; -} - -/* make core plugin developers happy (silly, really) */ -static void -usage(unsigned char arg, char *msg) -{ - if(msg) printf("%s: %s\n", progname, msg); - - if(arg == 'V') { - printf("$Id$\n"); - exit(STATE_UNKNOWN); - } - - printf("Usage: %s [options] [-H] host1 host2 hostn\n\n", progname); - - if(arg != 'h') exit(3); - - printf("Where options are any combination of:\n" - " * -H | --host specify a target\n" - " * -w | --warn warning threshold (currently %0.3fms,%u%%)\n" - " * -c | --crit critical threshold (currently %0.3fms,%u%%)\n" - " * -n | --packets number of packets to send (currently %u)\n" - " * -i | --interval max packet interval (currently %0.3fms)\n" - " * -I | --hostint max target interval (currently %0.3fms)\n" - " * -l | --ttl TTL on outgoing packets (currently %u)\n" - " * -t | --timeout timeout value (seconds, currently %u)\n" - " * -b | --bytes icmp packet size (currenly ignored)\n" - " -v | --verbose verbosity++\n" - " -h | --help this cruft\n", - (float)warn.rta / 1000, warn.pl, (float)crit.rta / 1000, crit.pl, - packets, - (float)pkt_interval / 1000, (float)target_interval / 1000, - ttl, timeout); - - puts("\nThe -H switch is optional. Naming a host (or several) to check is not.\n\n" - "Threshold format for -w and -c is 200.25,60% for 200.25 msec RTA and 60%\n" - "packet loss. The default values should work well for most users.\n" - "You can specify different RTA factors using the standardized abbreviations\n" - "us (microseconds), ms (milliseconds, default) or just plain s for seconds.\n\n" - "Threshold format for -d is warn,crit. 12,14 means WARNING if >= 12 hops\n" - "are spent and CRITICAL if >= 14 hops are spent.\n" - "NOTE: Some systems decrease TTL when forming ICMP_ECHOREPLY, others do not.\n\n" - "The -v switch can be specified several times for increased verbosity.\n\n" - "Long options are currently unsupported.\n\n" - "Options marked with * require an argument\n"); - - puts("The latest version of this plugin can be found at http://oss.op5.se/nagios\n" - "or https://devel.op5.se/oss until the day it is included in the official\n" - "plugin distribution.\n"); - - exit(3); -} -- cgit v0.10-9-g596f