Initial commit of check_firewall_active

check_firewall_active/check_firewall_active.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+
+EXIT_OK=0
+EXIT_WARN=1
+EXIT_CRIT=2
+
+PATH=/sbin:/usr/sbin:$PATH
+
+if [ "$(id -u)" != "0" ]; then
+	echo "This script must be run as root" 1>&2
+	exit $EXIT_CRIT
+fi
+
+blocks=$(iptables -L -v -n | egrep 'REJECT|DROP' | wc -l)
+
+if [ $blocks -eq 0 ]; then
+	echo "CRITICAL: No firewall detected"
+	exit $EXIT_CRIT
+fi
+
+echo "OK: Firewall is active"
+exit $EXIT_OK
+

check_firewall_active/nrpe.d/check_firewall_active.cfg

@@ -0,0 +1,3 @@
+
+
+command[check_firewall_active]=sudo /usr/lib/nagios/plugins/check_firewall_active.sh

check_firewall_active/sudoers.d/check_firewall_active

@@ -0,0 +1,2 @@
+Defaults:nrpe	!requiretty
+nrpe		ALL = (root) NOPASSWD: /usr/lib/nagios/plugins/check_firewall_active.sh