|
|
|
|
@ -5,9 +5,6 @@
|
|
|
|
|
# Author : Patrick Proy (patrick at proy.org)
|
|
|
|
|
# Help : http://nagios.manubulon.com
|
|
|
|
|
# Licence : GPL - http://www.fsf.org/licenses/gpl.txt
|
|
|
|
|
# Patch 1.2.1c
|
|
|
|
|
# Author : monitoreo.osi@uchile.cl
|
|
|
|
|
# Desc: warn/crit threshold to conns/seg check
|
|
|
|
|
# TODO :
|
|
|
|
|
# - check sync method
|
|
|
|
|
#################################################################
|
|
|
|
|
@ -22,7 +19,6 @@ use Getopt::Long;
|
|
|
|
|
# Nagios specific
|
|
|
|
|
|
|
|
|
|
use lib "/usr/local/nagios/libexec";
|
|
|
|
|
#use lib "/usr/lib/nagios/plugins"; # use in ubugtu
|
|
|
|
|
use utils qw(%ERRORS $TIMEOUT);
|
|
|
|
|
#my $TIMEOUT = 15;
|
|
|
|
|
#my %ERRORS=('OK'=>0,'WARNING'=>1,'CRITICAL'=>2,'UNKNOWN'=>3,'DEPENDENT'=>4);
|
|
|
|
|
@ -30,90 +26,87 @@ use utils qw(%ERRORS $TIMEOUT);
|
|
|
|
|
########### SNMP Datas ###########
|
|
|
|
|
|
|
|
|
|
###### FW data
|
|
|
|
|
my $policy_state = "1.3.6.1.4.1.2620.1.1.1.0"; # Installed
|
|
|
|
|
my $policy_name = "1.3.6.1.4.1.2620.1.1.2.0"; # Installed policy name
|
|
|
|
|
my $connections = "1.3.6.1.4.1.2620.1.1.25.3.0"; # Number of connections
|
|
|
|
|
my $connectionsSR = "1.3.6.1.4.1.2620.1.1.26.11.6.0" ; # FwConnectionsStatConnectionRate aka connx/seg
|
|
|
|
|
my $connectionsPeak = "1.3.6.1.4.1.2620.1.1.25.4.0"; # Peak number of connections
|
|
|
|
|
my @fw_checks = ($policy_state,$policy_name,$connections,$connectionsSR,$connectionsPeak);
|
|
|
|
|
my $policy_state = "1.3.6.1.4.1.2620.1.1.1.0"; # "Installed"
|
|
|
|
|
my $policy_name = "1.3.6.1.4.1.2620.1.1.2.0"; # Installed policy name
|
|
|
|
|
my $connections = "1.3.6.1.4.1.2620.1.1.25.3.0"; # number of connections
|
|
|
|
|
#my $connections_peak = "1.3.6.1.4.1.2620.1.1.25.4.0"; # peak number of connections
|
|
|
|
|
my @fw_checks = ($policy_state,$policy_name,$connections);
|
|
|
|
|
|
|
|
|
|
###### SVN data
|
|
|
|
|
my $svn_status = "1.3.6.1.4.1.2620.1.6.102.0"; # "OK" svn status
|
|
|
|
|
my %svn_checks = ($svn_status,"OK");
|
|
|
|
|
my %svn_checks_n = ($svn_status,"SVN status");
|
|
|
|
|
my @svn_checks_oid = ($svn_status);
|
|
|
|
|
my $svn_status = "1.3.6.1.4.1.2620.1.6.102.0"; # "OK" svn status
|
|
|
|
|
my %svn_checks = ($svn_status,"OK");
|
|
|
|
|
my %svn_checks_n = ($svn_status,"SVN status");
|
|
|
|
|
my @svn_checks_oid = ($svn_status);
|
|
|
|
|
|
|
|
|
|
###### HA data
|
|
|
|
|
|
|
|
|
|
my $ha_active = "1.3.6.1.4.1.2620.1.5.5.0"; # "yes"
|
|
|
|
|
my $ha_state = "1.3.6.1.4.1.2620.1.5.6.0"; # "active" / "standby"
|
|
|
|
|
my $ha_status = "1.3.6.1.4.1.2620.1.5.102.0"; # "OK" : ha status
|
|
|
|
|
my $ha_block_state = "1.3.6.1.4.1.2620.1.5.7.0"; # "OK" : ha blocking state
|
|
|
|
|
my $ha_active = "1.3.6.1.4.1.2620.1.5.5.0"; # "yes"
|
|
|
|
|
my $ha_state = "1.3.6.1.4.1.2620.1.5.6.0"; # "active" / "standby"
|
|
|
|
|
my $ha_block_state = "1.3.6.1.4.1.2620.1.5.7.0"; #"OK" : ha blocking state
|
|
|
|
|
my $ha_status = "1.3.6.1.4.1.2620.1.5.102.0"; # "OK" : ha status
|
|
|
|
|
|
|
|
|
|
my %ha_checks =( $ha_active,"yes",$ha_state,"active",$ha_block_state,"OK",$ha_status,"OK");
|
|
|
|
|
my %ha_checks_stand =( $ha_active,"yes",$ha_state,"standby",$ha_block_state,"OK",$ha_status,"OK");
|
|
|
|
|
my %ha_checks_n =( $ha_active,"HA active",$ha_state,"HA state",$ha_block_state,"HA block state",$ha_status,"ha_status");
|
|
|
|
|
my @ha_checks_oid =( $ha_active,$ha_state,$ha_block_state,$ha_status);
|
|
|
|
|
my %ha_checks =( $ha_active,"yes",$ha_state,"active",$ha_block_state,"OK",$ha_status,"OK");
|
|
|
|
|
my %ha_checks_stand =( $ha_active,"yes",$ha_state,"standby",$ha_block_state,"OK",$ha_status,"OK");
|
|
|
|
|
my %ha_checks_n =( $ha_active,"HA active",$ha_state,"HA state",$ha_block_state,"HA block state",$ha_status,"ha_status");
|
|
|
|
|
my @ha_checks_oid =( $ha_active,$ha_state,$ha_block_state,$ha_status);
|
|
|
|
|
|
|
|
|
|
my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only"/"High Availability (Active Up)" : ha Working mode
|
|
|
|
|
my $ha_tables = "1.3.6.1.4.1.2620.1.5.13.1"; # ha status table
|
|
|
|
|
my $ha_tables_index = ".1";
|
|
|
|
|
my $ha_tables_name = ".2";
|
|
|
|
|
my $ha_tables_state = ".3"; # "OK"
|
|
|
|
|
my $ha_tables_prbdesc = ".6"; # Description if state is != "OK"
|
|
|
|
|
my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only"/"High Availability (Active Up)" : ha Working mode
|
|
|
|
|
|
|
|
|
|
#my @ha_table_check = ("Synchronization","Filter","cphad","fwd"); # process to check
|
|
|
|
|
my $ha_tables = "1.3.6.1.4.1.2620.1.5.13.1"; # ha status table
|
|
|
|
|
my $ha_tables_index = ".1";
|
|
|
|
|
my $ha_tables_name = ".2";
|
|
|
|
|
my $ha_tables_state = ".3"; # "OK"
|
|
|
|
|
my $ha_tables_prbdesc = ".6"; # Description if state is != "OK"
|
|
|
|
|
|
|
|
|
|
#my @ha_table_check = ("Synchronization","Filter","cphad","fwd"); # process to check
|
|
|
|
|
|
|
|
|
|
####### MGMT data
|
|
|
|
|
|
|
|
|
|
my $mgmt_status = "1.3.6.1.4.1.2620.1.7.5.0"; # "active" : management status
|
|
|
|
|
my $mgmt_alive = "1.3.6.1.4.1.2620.1.7.6.0"; # 1 : management is alive if 1
|
|
|
|
|
my $mgmt_stat_desc = "1.3.6.1.4.1.2620.1.7.102.0"; # Management status description
|
|
|
|
|
my $mgmt_stats_desc_l = "1.3.6.1.4.1.2620.1.7.103.0"; # Management status long description
|
|
|
|
|
my $mgmt_status = "1.3.6.1.4.1.2620.1.7.5.0"; # "active" : management status
|
|
|
|
|
my $mgmt_alive = "1.3.6.1.4.1.2620.1.7.6.0"; # 1 : management is alive if 1
|
|
|
|
|
my $mgmt_stat_desc = "1.3.6.1.4.1.2620.1.7.102.0"; # Management status description
|
|
|
|
|
my $mgmt_stats_desc_l = "1.3.6.1.4.1.2620.1.7.103.0"; # Management status long description
|
|
|
|
|
|
|
|
|
|
my %mgmt_checks = ($mgmt_status,"active",$mgmt_alive,"1");
|
|
|
|
|
my %mgmt_checks_n = ($mgmt_status,"Mgmt status",$mgmt_alive,"Mgmt alive");
|
|
|
|
|
my @mgmt_checks_oid = ($mgmt_status,$mgmt_alive);
|
|
|
|
|
my %mgmt_checks = ($mgmt_status,"active",$mgmt_alive,"1");
|
|
|
|
|
my %mgmt_checks_n = ($mgmt_status,"Mgmt status",$mgmt_alive,"Mgmt alive");
|
|
|
|
|
my @mgmt_checks_oid = ($mgmt_status,$mgmt_alive);
|
|
|
|
|
|
|
|
|
|
#################################### Globals ##############################""
|
|
|
|
|
|
|
|
|
|
my $Version='1.2.1b';
|
|
|
|
|
my $Version='1.2.1';
|
|
|
|
|
|
|
|
|
|
my $o_host = undef; # hostname
|
|
|
|
|
my $o_community = undef; # community
|
|
|
|
|
my $o_version2 = undef; # Version 2
|
|
|
|
|
my $o_port = 161; # port
|
|
|
|
|
my $o_help= undef; # wan't some help ?
|
|
|
|
|
my $o_verb= undef; # verbose mode
|
|
|
|
|
my $o_version= undef; # print version
|
|
|
|
|
my $o_timeout= 5; # Default 5s Timeout
|
|
|
|
|
my $o_warn= undef; # Warning for connections
|
|
|
|
|
my $o_crit= undef; # Crit for connections
|
|
|
|
|
my $o_warnSR= undef; # Warning for connectionsSR
|
|
|
|
|
my $o_critSR= undef; # Crit for connectionsSR
|
|
|
|
|
my $o_svn= undef; # Check for SVN status
|
|
|
|
|
my $o_fw= undef; # Check for FW status
|
|
|
|
|
my $o_ha= undef; # Check for HA status
|
|
|
|
|
my $o_mgmt= undef; # Check for management status
|
|
|
|
|
my $o_policy= undef; # Check for policy name
|
|
|
|
|
my $o_conn= undef; # Check for connexions
|
|
|
|
|
my $o_connSR= undef; # Check for connexionsSR
|
|
|
|
|
my $o_perf= undef; # Performance data output
|
|
|
|
|
my $o_host = undef; # hostname
|
|
|
|
|
my $o_community = undef; # community
|
|
|
|
|
my $o_version2 =undef; # Version 2
|
|
|
|
|
my $o_port = 161; # port
|
|
|
|
|
my $o_help= undef; # wan't some help ?
|
|
|
|
|
my $o_verb= undef; # verbose mode
|
|
|
|
|
my $o_version= undef; # print version
|
|
|
|
|
my $o_timeout= 5; # Default 5s Timeout
|
|
|
|
|
my $o_warn= undef; # Warning for connections
|
|
|
|
|
my $o_crit= undef; # Crit for connections
|
|
|
|
|
my $o_svn= undef; # Check for SVN status
|
|
|
|
|
my $o_fw= undef; # Check for FW status
|
|
|
|
|
my $o_ha= undef; # Check for HA status
|
|
|
|
|
my $o_mgmt= undef; # Check for management status
|
|
|
|
|
my $o_policy= undef; # Check for policy name
|
|
|
|
|
my $o_conn= undef; # Check for connexions
|
|
|
|
|
my $o_perf= undef; # Performance data output
|
|
|
|
|
|
|
|
|
|
# SNMPv3 specific
|
|
|
|
|
my $o_login= undef; # Login for snmpv3
|
|
|
|
|
my $o_passwd= undef; # Pass for snmpv3
|
|
|
|
|
my $v3protocols=undef; # V3 protocol list.
|
|
|
|
|
my $o_authproto='md5'; # Auth protocol
|
|
|
|
|
my $o_privproto='des'; # Priv protocol
|
|
|
|
|
my $o_privpass= undef; # priv password
|
|
|
|
|
my $o_login= undef; # Login for snmpv3
|
|
|
|
|
my $o_passwd= undef; # Pass for snmpv3
|
|
|
|
|
my $v3protocols=undef; # V3 protocol list.
|
|
|
|
|
my $o_authproto='md5'; # Auth protocol
|
|
|
|
|
my $o_privproto='des'; # Priv protocol
|
|
|
|
|
my $o_privpass= undef; # priv password
|
|
|
|
|
|
|
|
|
|
# functions
|
|
|
|
|
|
|
|
|
|
sub p_version { print "check_snmp_cpfw version : $Version\n"; }
|
|
|
|
|
|
|
|
|
|
sub print_usage {
|
|
|
|
|
print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-r=warn,crit]] [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n";
|
|
|
|
|
print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n";
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sub isnnum { # Return true if arg is not a number
|
|
|
|
|
@ -124,7 +117,7 @@ sub isnnum { # Return true if arg is not a number
|
|
|
|
|
|
|
|
|
|
sub help {
|
|
|
|
|
print "\nSNMP Checkpoint FW-1 Monitor for Nagios version ",$Version,"\n";
|
|
|
|
|
print "GPL Licence, (c)2004-2020 - Patrick Proy\n\n";
|
|
|
|
|
print "GPL Licence, (c)2004-2007 - Patrick Proy\n\n";
|
|
|
|
|
print_usage();
|
|
|
|
|
print <<EOT;
|
|
|
|
|
-v, --verbose
|
|
|
|
|
@ -164,8 +157,6 @@ sub help {
|
|
|
|
|
SNMP port (Default 161)
|
|
|
|
|
-t, --timeout=INTEGER
|
|
|
|
|
timeout for SNMP (Default: Nagios default)
|
|
|
|
|
-r, --connexionsSR=WARN,CRIT
|
|
|
|
|
check warn and critical number of connexionsSR (must have -w)
|
|
|
|
|
-V, --version
|
|
|
|
|
prints version number
|
|
|
|
|
EOT
|
|
|
|
|
@ -177,81 +168,69 @@ sub verb { my $t=shift; print $t,"\n" if defined($o_verb) ; }
|
|
|
|
|
sub check_options {
|
|
|
|
|
Getopt::Long::Configure ("bundling");
|
|
|
|
|
GetOptions(
|
|
|
|
|
'v' => \$o_verb, 'verbose' => \$o_verb,
|
|
|
|
|
'h' => \$o_help, 'help' => \$o_help,
|
|
|
|
|
'H:s' => \$o_host, 'hostname:s' => \$o_host,
|
|
|
|
|
'P:i' => \$o_port, 'port:i' => \$o_port,
|
|
|
|
|
'C:s' => \$o_community, 'community:s' => \$o_community,
|
|
|
|
|
'2' => \$o_version2, 'v2c' => \$o_version2,
|
|
|
|
|
'l:s' => \$o_login, 'login:s' => \$o_login,
|
|
|
|
|
'x:s' => \$o_passwd, 'passwd:s' => \$o_passwd,
|
|
|
|
|
'X:s' => \$o_privpass, 'privpass:s' => \$o_privpass,
|
|
|
|
|
'L:s' => \$v3protocols, 'protocols:s' => \$v3protocols,
|
|
|
|
|
't:i' => \$o_timeout, 'timeout:i' => \$o_timeout,
|
|
|
|
|
'V' => \$o_version, 'version' => \$o_version,
|
|
|
|
|
's' => \$o_svn, 'svn' => \$o_svn,
|
|
|
|
|
'w' => \$o_fw, 'fw' => \$o_fw,
|
|
|
|
|
'a:s' => \$o_ha, 'ha:s' => \$o_ha,
|
|
|
|
|
'm' => \$o_mgmt, 'mgmt' => \$o_mgmt,
|
|
|
|
|
'p:s' => \$o_policy, 'policy:s' => \$o_policy,
|
|
|
|
|
'c:s' => \$o_conn, 'connexions:s' => \$o_conn,
|
|
|
|
|
'r:s' => \$o_connSR, 'rate:s' => \$o_connSR,
|
|
|
|
|
'f' => \$o_perf, 'perfparse' => \$o_perf
|
|
|
|
|
);
|
|
|
|
|
'v' => \$o_verb, 'verbose' => \$o_verb,
|
|
|
|
|
'h' => \$o_help, 'help' => \$o_help,
|
|
|
|
|
'H:s' => \$o_host, 'hostname:s' => \$o_host,
|
|
|
|
|
'P:i' => \$o_port, 'port:i' => \$o_port,
|
|
|
|
|
'C:s' => \$o_community, 'community:s' => \$o_community,
|
|
|
|
|
'2' => \$o_version2, 'v2c' => \$o_version2,
|
|
|
|
|
'l:s' => \$o_login, 'login:s' => \$o_login,
|
|
|
|
|
'x:s' => \$o_passwd, 'passwd:s' => \$o_passwd,
|
|
|
|
|
'X:s' => \$o_privpass, 'privpass:s' => \$o_privpass,
|
|
|
|
|
'L:s' => \$v3protocols, 'protocols:s' => \$v3protocols,
|
|
|
|
|
't:i' => \$o_timeout, 'timeout:i' => \$o_timeout,
|
|
|
|
|
'V' => \$o_version, 'version' => \$o_version,
|
|
|
|
|
's' => \$o_svn, 'svn' => \$o_svn,
|
|
|
|
|
'w' => \$o_fw, 'fw' => \$o_fw,
|
|
|
|
|
'a:s' => \$o_ha, 'ha:s' => \$o_ha,
|
|
|
|
|
'm' => \$o_mgmt, 'mgmt' => \$o_mgmt,
|
|
|
|
|
'p:s' => \$o_policy, 'policy:s' => \$o_policy,
|
|
|
|
|
'c:s' => \$o_conn, 'connexions:s' => \$o_conn,
|
|
|
|
|
'f' => \$o_perf, 'perfparse' => \$o_perf
|
|
|
|
|
);
|
|
|
|
|
if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
|
|
|
|
|
if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
|
|
|
|
|
if ( ! defined($o_host) ) # check host and filter
|
|
|
|
|
{ print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
{ print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
# check snmp information
|
|
|
|
|
if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
|
|
|
|
|
{ print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
|
|
|
|
|
{ print "Can't mix snmp v1,2c,3 protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if (defined ($v3protocols)) {
|
|
|
|
|
if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
my @v3proto=split(/,/,$v3protocols);
|
|
|
|
|
if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0]; } # Auth protocol
|
|
|
|
|
if (defined ($v3proto[1])) {$o_privproto=$v3proto[1]; } # Priv protocol
|
|
|
|
|
if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
|
|
|
|
|
print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
}
|
|
|
|
|
{ print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
|
|
|
|
|
{ print "Can't mix snmp v1,2c,3 protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if (defined ($v3protocols)) {
|
|
|
|
|
if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
my @v3proto=split(/,/,$v3protocols);
|
|
|
|
|
if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0]; } # Auth protocol
|
|
|
|
|
if (defined ($v3proto[1])) {$o_privproto=$v3proto[1]; } # Priv protocol
|
|
|
|
|
if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
|
|
|
|
|
print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
}
|
|
|
|
|
# Check firewall options
|
|
|
|
|
if ( defined($o_conn)) {
|
|
|
|
|
if ( ! defined($o_fw))
|
|
|
|
|
{ print "Cannot check connexions without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
{ print "Cannot check connexions without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
my @warncrit=split(/,/ , $o_conn);
|
|
|
|
|
if ( $#warncrit != 1 )
|
|
|
|
|
{ print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
($o_warn,$o_crit)=@warncrit;
|
|
|
|
|
if ( isnnum($o_warn) || isnnum($o_crit) )
|
|
|
|
|
{ print "Numeric values for warning and critical in -c options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if ($o_warn >= $o_crit)
|
|
|
|
|
{ print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
}
|
|
|
|
|
if ( defined($o_connSR)) {
|
|
|
|
|
if ( ! defined($o_fw))
|
|
|
|
|
{ print "Cannot check connexionsSR without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
my @warncritSR=split(/,/ , $o_connSR);
|
|
|
|
|
if ( $#warncritSR != 1 )
|
|
|
|
|
{ print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
($o_warnSR,$o_critSR)=@warncritSR;
|
|
|
|
|
if ( isnnum($o_warnSR) || isnnum($o_critSR) )
|
|
|
|
|
{ print "Numeric values for warning and critical in -r options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if ($o_warnSR >= $o_critSR)
|
|
|
|
|
{ print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
{ print "Numeric values for warning and critical in -c options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if ($o_warn >= $o_crit)
|
|
|
|
|
{ print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
}
|
|
|
|
|
if ( defined($o_policy)) {
|
|
|
|
|
if (! defined($o_fw))
|
|
|
|
|
{ print "Cannot check policy name without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
{ print "Cannot check policy name without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if ($o_policy eq "")
|
|
|
|
|
{ print "Put a policy name !\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
}
|
|
|
|
|
if (defined($o_perf) && ! defined ($o_conn))
|
|
|
|
|
{ print "Nothing selected for perfparse !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
{ print "Nothing selected for perfparse !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if (!defined($o_fw) && !defined($o_ha) && !defined($o_mgmt) && !defined($o_svn))
|
|
|
|
|
{ print "Must select a product to check !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
{ print "Must select a product to check !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
if (defined ($o_ha) && ($o_ha ne "") && ($o_ha ne "standby"))
|
|
|
|
|
{ print "-a option comes with 'standby' or nothing !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
{ print "-a option comes with 'standby' or nothing !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
########## MAIN #######
|
|
|
|
|
@ -280,49 +259,49 @@ if ( defined($o_login) && defined($o_passwd)) {
|
|
|
|
|
if (!defined ($o_privpass)) {
|
|
|
|
|
verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
|
|
|
|
|
($session, $error) = Net::SNMP->session(
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-version => '3',
|
|
|
|
|
-username => $o_login,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-authpassword => $o_passwd,
|
|
|
|
|
-authprotocol => $o_authproto,
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-version => '3',
|
|
|
|
|
-username => $o_login,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-authpassword => $o_passwd,
|
|
|
|
|
-authprotocol => $o_authproto,
|
|
|
|
|
-timeout => $o_timeout
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
|
|
|
|
|
($session, $error) = Net::SNMP->session(
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-version => '3',
|
|
|
|
|
-username => $o_login,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-authpassword => $o_passwd,
|
|
|
|
|
-authprotocol => $o_authproto,
|
|
|
|
|
-privpassword => $o_privpass,
|
|
|
|
|
-privprotocol => $o_privproto,
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-version => '3',
|
|
|
|
|
-username => $o_login,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-authpassword => $o_passwd,
|
|
|
|
|
-authprotocol => $o_authproto,
|
|
|
|
|
-privpassword => $o_privpass,
|
|
|
|
|
-privprotocol => $o_privproto,
|
|
|
|
|
-timeout => $o_timeout
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if (defined ($o_version2)) {
|
|
|
|
|
# SNMPv2 Login
|
|
|
|
|
verb("SNMP v2c login");
|
|
|
|
|
($session, $error) = Net::SNMP->session(
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-version => 2,
|
|
|
|
|
-community => $o_community,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-timeout => $o_timeout
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
# SNMPV1 login
|
|
|
|
|
verb("SNMP v1 login");
|
|
|
|
|
($session, $error) = Net::SNMP->session(
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-community => $o_community,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-timeout => $o_timeout
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
if (defined ($o_version2)) {
|
|
|
|
|
# SNMPv2 Login
|
|
|
|
|
verb("SNMP v2c login");
|
|
|
|
|
($session, $error) = Net::SNMP->session(
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-version => 2,
|
|
|
|
|
-community => $o_community,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-timeout => $o_timeout
|
|
|
|
|
);
|
|
|
|
|
} else {
|
|
|
|
|
# SNMPV1 login
|
|
|
|
|
verb("SNMP v1 login");
|
|
|
|
|
($session, $error) = Net::SNMP->session(
|
|
|
|
|
-hostname => $o_host,
|
|
|
|
|
-community => $o_community,
|
|
|
|
|
-port => $o_port,
|
|
|
|
|
-timeout => $o_timeout
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (!defined($session)) {
|
|
|
|
|
printf("ERROR opening session: %s.\n", $error);
|
|
|
|
|
@ -348,8 +327,8 @@ $resultat = $session->get_request(
|
|
|
|
|
foreach $key ( keys %svn_checks) {
|
|
|
|
|
verb("$svn_checks_n{$key} : $svn_checks{$key} / $$resultat{$key}");
|
|
|
|
|
if ( $$resultat{$key} ne $svn_checks{$key} ) {
|
|
|
|
|
$svn_print .= $svn_checks_n{$key} . ":" . $$resultat{$key} . " ";
|
|
|
|
|
$svn_state=2;
|
|
|
|
|
$svn_print .= $svn_checks_n{$key} . ":" . $$resultat{$key} . " ";
|
|
|
|
|
$svn_state=2;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
@ -401,8 +380,6 @@ if (defined ($o_mgmt)) {
|
|
|
|
|
my $fw_state=0;
|
|
|
|
|
my $fw_print="";
|
|
|
|
|
my $perf_conn=undef;
|
|
|
|
|
my $perf_connSR=undef;
|
|
|
|
|
my $perf_connPeak=undef;
|
|
|
|
|
|
|
|
|
|
if (defined ($o_fw)) {
|
|
|
|
|
|
|
|
|
|
@ -415,8 +392,6 @@ if (defined ($o_fw)) {
|
|
|
|
|
verb("State : $$resultat{$policy_state}");
|
|
|
|
|
verb("Name : $$resultat{$policy_name}");
|
|
|
|
|
verb("connections : $$resultat{$connections}");
|
|
|
|
|
verb("connectionsSR : $$resultat{$connectionsSR}");
|
|
|
|
|
verb("connectionsPeak : $$resultat{$connectionsPeak}");
|
|
|
|
|
|
|
|
|
|
if ($$resultat{$policy_state} ne "Installed") {
|
|
|
|
|
$fw_state=2;
|
|
|
|
|
@ -426,38 +401,22 @@ if (defined ($o_fw)) {
|
|
|
|
|
|
|
|
|
|
if (defined($o_policy)) {
|
|
|
|
|
if ($$resultat{$policy_name} ne $o_policy) {
|
|
|
|
|
$fw_state=2;
|
|
|
|
|
$fw_print .= "Policy installed : $$resultat{$policy_name}";
|
|
|
|
|
$fw_state=2;
|
|
|
|
|
$fw_print .= "Policy installed : $$resultat{$policy_name}";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (defined($o_conn)) {
|
|
|
|
|
if ($$resultat{$connections} > $o_crit) {
|
|
|
|
|
$fw_state=2;
|
|
|
|
|
$fw_state=2;
|
|
|
|
|
$fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_crit." ";
|
|
|
|
|
} else {
|
|
|
|
|
if ($$resultat{$connections} > $o_warn) {
|
|
|
|
|
if ($fw_state!=2) {$fw_state=1;}
|
|
|
|
|
$fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_warn." ";
|
|
|
|
|
}
|
|
|
|
|
if ($$resultat{$connections} > $o_warn) {
|
|
|
|
|
if ($fw_state!=2) {$fw_state=1;}
|
|
|
|
|
$fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_warn." ";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$perf_conn=$$resultat{$connections};
|
|
|
|
|
$perf_connSR=$$resultat{$connectionsSR};
|
|
|
|
|
$perf_connPeak=$$resultat{$connectionsPeak};
|
|
|
|
|
}
|
|
|
|
|
if (defined($o_connSR)) {
|
|
|
|
|
if ($$resultat{$connectionsSR} > $o_critSR) {
|
|
|
|
|
$fw_state=3;
|
|
|
|
|
$fw_print .= "Conn/seg : ".$$resultat{$connectionsSR}." > ".$o_critSR." ";
|
|
|
|
|
} else {
|
|
|
|
|
if ($$resultat{$connectionsSR} > $o_warnSR) {
|
|
|
|
|
if ($fw_state!=3) {$fw_state=1;}
|
|
|
|
|
$fw_print .= "Conn/seg : ".$$resultat{$connectionsSR}." > ".$o_warnSR." ";
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
$perf_conn=$$resultat{$connections};
|
|
|
|
|
$perf_connSR=$$resultat{$connectionsSR};
|
|
|
|
|
$perf_connPeak=$$resultat{$connectionsPeak};
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
$fw_print .= "cannot find oids";
|
|
|
|
|
@ -489,17 +448,17 @@ if (defined ($o_ha)) {
|
|
|
|
|
verb("$ha_checks_n{$key} : $ha_checks{$key} / $$resultat{$key}");
|
|
|
|
|
if ( $o_ha eq "standby" ) {
|
|
|
|
|
if ( $$resultat{$key} ne $ha_checks_stand{$key} ) {
|
|
|
|
|
$ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " ";
|
|
|
|
|
$ha_state_n=2;
|
|
|
|
|
$ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " ";
|
|
|
|
|
$ha_state_n=2;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if ( $$resultat{$key} ne $ha_checks{$key} ) {
|
|
|
|
|
$ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " ";
|
|
|
|
|
$ha_state_n=2;
|
|
|
|
|
$ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " ";
|
|
|
|
|
$ha_state_n=2;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
#my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only" : ha Working mode
|
|
|
|
|
#my $ha_mode = "1.3.6.1.4.1.2620.1.5.11.0"; # "Sync only" : ha Working mode
|
|
|
|
|
} else {
|
|
|
|
|
$ha_print .= "cannot find oids";
|
|
|
|
|
#Critical state if not found because it means soft is not activated
|
|
|
|
|
@ -508,7 +467,7 @@ if (defined ($o_ha)) {
|
|
|
|
|
|
|
|
|
|
# get ha status table
|
|
|
|
|
$resultat = $session->get_table(
|
|
|
|
|
Baseoid => $ha_tables
|
|
|
|
|
Baseoid => $ha_tables
|
|
|
|
|
);
|
|
|
|
|
my %status;
|
|
|
|
|
my (@index,@oid) = (undef,undef);
|
|
|
|
|
@ -518,10 +477,10 @@ if (defined ($o_ha)) {
|
|
|
|
|
if (defined($resultat)) {
|
|
|
|
|
foreach $key ( keys %$resultat) {
|
|
|
|
|
if ( $key =~ /$index_search/) {
|
|
|
|
|
@oid=split (/\./,$key);
|
|
|
|
|
pop(@oid);
|
|
|
|
|
$index[$nindex]=pop(@oid);
|
|
|
|
|
$nindex++;
|
|
|
|
|
@oid=split (/\./,$key);
|
|
|
|
|
pop(@oid);
|
|
|
|
|
$index[$nindex]=pop(@oid);
|
|
|
|
|
$nindex++;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
@ -544,10 +503,10 @@ if (defined ($o_ha)) {
|
|
|
|
|
|
|
|
|
|
$key=$ha_tables . $ha_tables_state . "." . $index[$i] . ".0";
|
|
|
|
|
if (($status{$ha_soft_name} = $$resultat{$key}) ne "OK") {
|
|
|
|
|
$key=$ha_tables . $ha_tables_prbdesc . "." . $index[$i] . ".0";
|
|
|
|
|
$status{$ha_soft_name} = $$resultat{$key};
|
|
|
|
|
$ha_print .= $ha_soft_name . ":" . $status{$ha_soft_name} . " ";
|
|
|
|
|
$ha_state_n=2
|
|
|
|
|
$key=$ha_tables . $ha_tables_prbdesc . "." . $index[$i] . ".0";
|
|
|
|
|
$status{$ha_soft_name} = $$resultat{$key};
|
|
|
|
|
$ha_print .= $ha_soft_name . ":" . $status{$ha_soft_name} . " ";
|
|
|
|
|
$ha_state_n=2
|
|
|
|
|
}
|
|
|
|
|
verb ("$ha_soft_name : $status{$ha_soft_name}");
|
|
|
|
|
}
|
|
|
|
|
@ -589,8 +548,6 @@ if (($ha_state_n+$svn_state+$fw_state+$mgmt_state) == 0 ) {
|
|
|
|
|
|
|
|
|
|
if (defined($o_perf) && defined ($perf_conn)) {
|
|
|
|
|
$f_print .= " | fw_connexions=" . $perf_conn;
|
|
|
|
|
$f_print .= " | fw_connexionsSR=" . $perf_connSR;
|
|
|
|
|
$f_print .= " | fw_connexionsPeak=" . $perf_connPeak;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
print "$f_print\n";
|
|
|
|
|
|
