mirror of
https://github.com/opinkerfi/nagios-plugins.git
synced 2024-12-22 00:53:50 +01:00
Initial commit of check_firewall_active (#28)
* Initial commit of check_firewall_active * Fixing things found in the review. Started work on rpm spec file * Fixing spec a bit * Fixing url
This commit is contained in:
parent
6726f614ad
commit
3501677f20
23
check_firewall_active/check_firewall_active.sh
Executable file
23
check_firewall_active/check_firewall_active.sh
Executable file
@ -0,0 +1,23 @@
|
||||
#!/bin/bash
|
||||
|
||||
EXIT_OK=0
|
||||
EXIT_WARN=1
|
||||
EXIT_CRIT=2
|
||||
|
||||
PATH=/sbin:/usr/sbin:$PATH
|
||||
|
||||
if [ "$(id -u)" != "0" ]; then
|
||||
echo "This script must be run as root" 1>&2
|
||||
exit $EXIT_CRIT
|
||||
fi
|
||||
|
||||
blocks=$(iptables -L -v -n | egrep 'REJECT|DROP' | wc -l)
|
||||
|
||||
if [ $blocks -eq 0 ]; then
|
||||
echo "CRITICAL: No firewall detected"
|
||||
exit $EXIT_CRIT
|
||||
fi
|
||||
|
||||
echo "OK: Firewall is active"
|
||||
exit $EXIT_OK
|
||||
|
@ -0,0 +1,50 @@
|
||||
%define debug_package %{nil}
|
||||
|
||||
Summary: A Nagios plugin to check if iptables are actually enforcing rules
|
||||
Name: nagios-okplugin-check_firewall_active
|
||||
Version: 1.0.0
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2+
|
||||
Group: Applications/System
|
||||
URL: https://github.com/opinkerfi/nagios-plugins/issues
|
||||
Source0: http://opensource.ok.is/trac/browser/nagios-plugins/check_firewall_active/releases/nagios-okplugin-check_firewall_active-%{version}.tar.gz
|
||||
Requires: nagios-nrpe
|
||||
Requires: iptables
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
Packager: Richard Allen <ra@ok.is>
|
||||
|
||||
|
||||
|
||||
%description
|
||||
A Nagios plugin to check if iptables are actually enforcing rules
|
||||
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
#perl -pi -e "s|/usr/lib64|%{_libdir}|g" nrpe.d/check_firewall_active.cfg
|
||||
|
||||
%build
|
||||
|
||||
|
||||
%install
|
||||
rm -rf %{buildroot}
|
||||
install -D -p -m 0755 check_firewall_active.sh %{buildroot}%{_libdir}/nagios/plugins/check_firewall_active.sh
|
||||
install -D -p -m 0755 nrpe.d/check_firewall_active.cfg %{buildroot}/etc/nrpe.d/check_firewall_active.cfg
|
||||
install -D -p -m 0644 sudoers.d/check_firewall_active %{buildroot}/etc/sudoers.d/check_firewall_active
|
||||
|
||||
%clean
|
||||
rm -rf %{buildroot}
|
||||
|
||||
%files
|
||||
%defattr(-,root,root,-)
|
||||
#%doc README LICENSE
|
||||
%{_libdir}/nagios/plugins/*
|
||||
/etc/nrpe.d/check_firewall_active.cfg
|
||||
/etc/sudoers.d/check_firewall_active
|
||||
|
||||
%post
|
||||
restorecon -v %{_libdir}/nagios/plugins/check_firewall_active.sh /etc/nrpe.d/check_firewall_active.cfg /etc/sudoers.d/check_firewall_active
|
||||
|
||||
%changelog
|
||||
* Thu Dec 20 2016 Richard Allen <ra@ok.is> 0.1-1
|
||||
- Initial packaging
|
3
check_firewall_active/nrpe.d/check_firewall_active.cfg
Normal file
3
check_firewall_active/nrpe.d/check_firewall_active.cfg
Normal file
@ -0,0 +1,3 @@
|
||||
|
||||
|
||||
command[check_firewall_active]=sudo /usr/lib64/nagios/plugins/check_firewall_active.sh
|
2
check_firewall_active/sudoers.d/check_firewall_active
Normal file
2
check_firewall_active/sudoers.d/check_firewall_active
Normal file
@ -0,0 +1,2 @@
|
||||
Defaults:nrpe !requiretty
|
||||
nrpe ALL = (root) NOPASSWD: /usr/lib64/nagios/plugins/check_firewall_active.sh
|
Loading…
Reference in New Issue
Block a user