1
0
mirror of https://github.com/opinkerfi/nagios-plugins.git synced 2024-12-22 00:53:50 +01:00

Initial commit of check_firewall_active (#28)

* Initial commit of check_firewall_active
* Fixing things found in the review.  Started work on rpm spec file
* Fixing spec a bit
* Fixing url
This commit is contained in:
Richard Allen 2016-12-21 12:40:29 +00:00 committed by Samúel Jón Gunnarsson
parent 6726f614ad
commit 3501677f20
4 changed files with 78 additions and 0 deletions

View File

@ -0,0 +1,23 @@
#!/bin/bash
EXIT_OK=0
EXIT_WARN=1
EXIT_CRIT=2
PATH=/sbin:/usr/sbin:$PATH
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root" 1>&2
exit $EXIT_CRIT
fi
blocks=$(iptables -L -v -n | egrep 'REJECT|DROP' | wc -l)
if [ $blocks -eq 0 ]; then
echo "CRITICAL: No firewall detected"
exit $EXIT_CRIT
fi
echo "OK: Firewall is active"
exit $EXIT_OK

View File

@ -0,0 +1,50 @@
%define debug_package %{nil}
Summary: A Nagios plugin to check if iptables are actually enforcing rules
Name: nagios-okplugin-check_firewall_active
Version: 1.0.0
Release: 1%{?dist}
License: GPLv2+
Group: Applications/System
URL: https://github.com/opinkerfi/nagios-plugins/issues
Source0: http://opensource.ok.is/trac/browser/nagios-plugins/check_firewall_active/releases/nagios-okplugin-check_firewall_active-%{version}.tar.gz
Requires: nagios-nrpe
Requires: iptables
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Packager: Richard Allen <ra@ok.is>
%description
A Nagios plugin to check if iptables are actually enforcing rules
%prep
%setup -q
#perl -pi -e "s|/usr/lib64|%{_libdir}|g" nrpe.d/check_firewall_active.cfg
%build
%install
rm -rf %{buildroot}
install -D -p -m 0755 check_firewall_active.sh %{buildroot}%{_libdir}/nagios/plugins/check_firewall_active.sh
install -D -p -m 0755 nrpe.d/check_firewall_active.cfg %{buildroot}/etc/nrpe.d/check_firewall_active.cfg
install -D -p -m 0644 sudoers.d/check_firewall_active %{buildroot}/etc/sudoers.d/check_firewall_active
%clean
rm -rf %{buildroot}
%files
%defattr(-,root,root,-)
#%doc README LICENSE
%{_libdir}/nagios/plugins/*
/etc/nrpe.d/check_firewall_active.cfg
/etc/sudoers.d/check_firewall_active
%post
restorecon -v %{_libdir}/nagios/plugins/check_firewall_active.sh /etc/nrpe.d/check_firewall_active.cfg /etc/sudoers.d/check_firewall_active
%changelog
* Thu Dec 20 2016 Richard Allen <ra@ok.is> 0.1-1
- Initial packaging

View File

@ -0,0 +1,3 @@
command[check_firewall_active]=sudo /usr/lib64/nagios/plugins/check_firewall_active.sh

View File

@ -0,0 +1,2 @@
Defaults:nrpe !requiretty
nrpe ALL = (root) NOPASSWD: /usr/lib64/nagios/plugins/check_firewall_active.sh