Create readme.md

Merge pull request #45 from monitoreoDotOsiAtUchileDotCl/master
:D
2025-04-03 22:43:41 +02:00 · 2022-01-04 13:20:15 +00:00 · 2020-10-28 16:34:34 +00:00 · 2020-10-28 12:24:56 -03:00 · 2020-10-28 12:17:15 -03:00 · 2020-10-26 21:34:49 +00:00
19 changed files with 1770 additions and 432 deletions
--- a/check_hpssacli/LICENSE
+++ b/check_hpssacli/LICENSE
@ -0,0 +1,341 @@
 		    GNU GENERAL PUBLIC LICENSE
 		       Version 2, June 1991
 Copyright (C) 1989, 1991 Free Software Foundation, Inc.
               51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.
 			    Preamble
  The licenses for most software are designed to take away your
 freedom to share and change it.  By contrast, the GNU General Public
 License is intended to guarantee your freedom to share and change free
 software--to make sure the software is free for all its users.  This
 General Public License applies to most of the Free Software
 Foundation's software and to any other program whose authors commit to
 using it.  (Some other Free Software Foundation software is covered by
 the GNU Library General Public License instead.)  You can apply it to
 your programs, too.
  When we speak of free software, we are referring to freedom, not
 price.  Our General Public Licenses are designed to make sure that you
 have the freedom to distribute copies of free software (and charge for
 this service if you wish), that you receive source code or can get it
 if you want it, that you can change the software or use pieces of it
 in new free programs; and that you know you can do these things.
  To protect your rights, we need to make restrictions that forbid
 anyone to deny you these rights or to ask you to surrender the rights.
 These restrictions translate to certain responsibilities for you if you
 distribute copies of the software, or if you modify it.
  For example, if you distribute copies of such a program, whether
 gratis or for a fee, you must give the recipients all the rights that
 you have.  You must make sure that they, too, receive or can get the
 source code.  And you must show them these terms so they know their
 rights.
  We protect your rights with two steps: (1) copyright the software, and
 (2) offer you this license which gives you legal permission to copy,
 distribute and/or modify the software.
  Also, for each author's protection and ours, we want to make certain
 that everyone understands that there is no warranty for this free
 software.  If the software is modified by someone else and passed on, we
 want its recipients to know that what they have is not the original, so
 that any problems introduced by others will not reflect on the original
 authors' reputations.
  Finally, any free program is threatened constantly by software
 patents.  We wish to avoid the danger that redistributors of a free
 program will individually obtain patent licenses, in effect making the
 program proprietary.  To prevent this, we have made it clear that any
 patent must be licensed for everyone's free use or not licensed at all.
  The precise terms and conditions for copying, distribution and
 modification follow.
 		    GNU GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
  0. This License applies to any program or other work which contains
 a notice placed by the copyright holder saying it may be distributed
 under the terms of this General Public License.  The "Program", below,
 refers to any such program or work, and a "work based on the Program"
 means either the Program or any derivative work under copyright law:
 that is to say, a work containing the Program or a portion of it,
 either verbatim or with modifications and/or translated into another
 language.  (Hereinafter, translation is included without limitation in
 the term "modification".)  Each licensee is addressed as "you".
 Activities other than copying, distribution and modification are not
 covered by this License; they are outside its scope.  The act of
 running the Program is not restricted, and the output from the Program
 is covered only if its contents constitute a work based on the
 Program (independent of having been made by running the Program).
 Whether that is true depends on what the Program does.
  1. You may copy and distribute verbatim copies of the Program's
 source code as you receive it, in any medium, provided that you
 conspicuously and appropriately publish on each copy an appropriate
 copyright notice and disclaimer of warranty; keep intact all the
 notices that refer to this License and to the absence of any warranty;
 and give any other recipients of the Program a copy of this License
 along with the Program.
 You may charge a fee for the physical act of transferring a copy, and
 you may at your option offer warranty protection in exchange for a fee.
  2. You may modify your copy or copies of the Program or any portion
 of it, thus forming a work based on the Program, and copy and
 distribute such modifications or work under the terms of Section 1
 above, provided that you also meet all of these conditions:
    a) You must cause the modified files to carry prominent notices
    stating that you changed the files and the date of any change.
    b) You must cause any work that you distribute or publish, that in
    whole or in part contains or is derived from the Program or any
    part thereof, to be licensed as a whole at no charge to all third
    parties under the terms of this License.
    c) If the modified program normally reads commands interactively
    when run, you must cause it, when started running for such
    interactive use in the most ordinary way, to print or display an
    announcement including an appropriate copyright notice and a
    notice that there is no warranty (or else, saying that you provide
    a warranty) and that users may redistribute the program under
    these conditions, and telling the user how to view a copy of this
    License.  (Exception: if the Program itself is interactive but
    does not normally print such an announcement, your work based on
    the Program is not required to print an announcement.)
 These requirements apply to the modified work as a whole.  If
 identifiable sections of that work are not derived from the Program,
 and can be reasonably considered independent and separate works in
 themselves, then this License, and its terms, do not apply to those
 sections when you distribute them as separate works.  But when you
 distribute the same sections as part of a whole which is a work based
 on the Program, the distribution of the whole must be on the terms of
 this License, whose permissions for other licensees extend to the
 entire whole, and thus to each and every part regardless of who wrote it.
 Thus, it is not the intent of this section to claim rights or contest
 your rights to work written entirely by you; rather, the intent is to
 exercise the right to control the distribution of derivative or
 collective works based on the Program.
 In addition, mere aggregation of another work not based on the Program
 with the Program (or with a work based on the Program) on a volume of
 a storage or distribution medium does not bring the other work under
 the scope of this License.
  3. You may copy and distribute the Program (or a work based on it,
 under Section 2) in object code or executable form under the terms of
 Sections 1 and 2 above provided that you also do one of the following:
    a) Accompany it with the complete corresponding machine-readable
    source code, which must be distributed under the terms of Sections
    1 and 2 above on a medium customarily used for software interchange; or,
    b) Accompany it with a written offer, valid for at least three
    years, to give any third party, for a charge no more than your
    cost of physically performing source distribution, a complete
    machine-readable copy of the corresponding source code, to be
    distributed under the terms of Sections 1 and 2 above on a medium
    customarily used for software interchange; or,
    c) Accompany it with the information you received as to the offer
    to distribute corresponding source code.  (This alternative is
    allowed only for noncommercial distribution and only if you
    received the program in object code or executable form with such
    an offer, in accord with Subsection b above.)
 The source code for a work means the preferred form of the work for
 making modifications to it.  For an executable work, complete source
 code means all the source code for all modules it contains, plus any
 associated interface definition files, plus the scripts used to
 control compilation and installation of the executable.  However, as a
 special exception, the source code distributed need not include
 anything that is normally distributed (in either source or binary
 form) with the major components (compiler, kernel, and so on) of the
 operating system on which the executable runs, unless that component
 itself accompanies the executable.
 If distribution of executable or object code is made by offering
 access to copy from a designated place, then offering equivalent
 access to copy the source code from the same place counts as
 distribution of the source code, even though third parties are not
 compelled to copy the source along with the object code.
  4. You may not copy, modify, sublicense, or distribute the Program
 except as expressly provided under this License.  Any attempt
 otherwise to copy, modify, sublicense or distribute the Program is
 void, and will automatically terminate your rights under this License.
 However, parties who have received copies, or rights, from you under
 this License will not have their licenses terminated so long as such
 parties remain in full compliance.
  5. You are not required to accept this License, since you have not
 signed it.  However, nothing else grants you permission to modify or
 distribute the Program or its derivative works.  These actions are
 prohibited by law if you do not accept this License.  Therefore, by
 modifying or distributing the Program (or any work based on the
 Program), you indicate your acceptance of this License to do so, and
 all its terms and conditions for copying, distributing or modifying
 the Program or works based on it.
  6. Each time you redistribute the Program (or any work based on the
 Program), the recipient automatically receives a license from the
 original licensor to copy, distribute or modify the Program subject to
 these terms and conditions.  You may not impose any further
 restrictions on the recipients' exercise of the rights granted herein.
 You are not responsible for enforcing compliance by third parties to
 this License.
  7. If, as a consequence of a court judgment or allegation of patent
 infringement or for any other reason (not limited to patent issues),
 conditions are imposed on you (whether by court order, agreement or
 otherwise) that contradict the conditions of this License, they do not
 excuse you from the conditions of this License.  If you cannot
 distribute so as to satisfy simultaneously your obligations under this
 License and any other pertinent obligations, then as a consequence you
 may not distribute the Program at all.  For example, if a patent
 license would not permit royalty-free redistribution of the Program by
 all those who receive copies directly or indirectly through you, then
 the only way you could satisfy both it and this License would be to
 refrain entirely from distribution of the Program.
 If any portion of this section is held invalid or unenforceable under
 any particular circumstance, the balance of the section is intended to
 apply and the section as a whole is intended to apply in other
 circumstances.
 It is not the purpose of this section to induce you to infringe any
 patents or other property right claims or to contest validity of any
 such claims; this section has the sole purpose of protecting the
 integrity of the free software distribution system, which is
 implemented by public license practices.  Many people have made
 generous contributions to the wide range of software distributed
 through that system in reliance on consistent application of that
 system; it is up to the author/donor to decide if he or she is willing
 to distribute software through any other system and a licensee cannot
 impose that choice.
 This section is intended to make thoroughly clear what is believed to
 be a consequence of the rest of this License.
  8. If the distribution and/or use of the Program is restricted in
 certain countries either by patents or by copyrighted interfaces, the
 original copyright holder who places the Program under this License
 may add an explicit geographical distribution limitation excluding
 those countries, so that distribution is permitted only in or among
 countries not thus excluded.  In such case, this License incorporates
 the limitation as if written in the body of this License.
  9. The Free Software Foundation may publish revised and/or new versions
 of the General Public License from time to time.  Such new versions will
 be similar in spirit to the present version, but may differ in detail to
 address new problems or concerns.
 Each version is given a distinguishing version number.  If the Program
 specifies a version number of this License which applies to it and "any
 later version", you have the option of following the terms and conditions
 either of that version or of any later version published by the Free
 Software Foundation.  If the Program does not specify a version number of
 this License, you may choose any version ever published by the Free Software
 Foundation.
  10. If you wish to incorporate parts of the Program into other free
 programs whose distribution conditions are different, write to the author
 to ask for permission.  For software which is copyrighted by the Free
 Software Foundation, write to the Free Software Foundation; we sometimes
 make exceptions for this.  Our decision will be guided by the two goals
 of preserving the free status of all derivatives of our free software and
 of promoting the sharing and reuse of software generally.
 			    NO WARRANTY
  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
 FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
 OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
 PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
 OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
 TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
 PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
 REPAIR OR CORRECTION.
  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
 WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
 REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
 INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
 OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
 TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
 YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
 PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
 POSSIBILITY OF SUCH DAMAGES.
 		     END OF TERMS AND CONDITIONS
 	    How to Apply These Terms to Your New Programs
  If you develop a new program, and you want it to be of the greatest
 possible use to the public, the best way to achieve this is to make it
 free software which everyone can redistribute and change under these terms.
  To do so, attach the following notices to the program.  It is safest
 to attach them to the start of each source file to most effectively
 convey the exclusion of warranty; and each file should have at least
 the "copyright" line and a pointer to where the full notice is found.
    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) 19yy  <name of author>
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
 Also add information on how to contact you by electronic and paper mail.
 If the program is interactive, make it output a short notice like this
 when it starts in an interactive mode:
    Gnomovision version 69, Copyright (C) 19yy name of author
    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.
 The hypothetical commands `show w' and `show c' should show the appropriate
 parts of the General Public License.  Of course, the commands you use may
 be called something other than `show w' and `show c'; they could even be
 mouse-clicks or menu items--whatever suits your program.
 You should also get your employer (if you work as a programmer) or your
 school, if any, to sign a "copyright disclaimer" for the program, if
 necessary.  Here is a sample; alter the names:
  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
  `Gnomovision' (which makes passes at compilers) written by James Hacker.
  <signature of Ty Coon>, 1 April 1989
  Ty Coon, President of Vice
 This General Public License does not permit incorporating your program into
 proprietary programs.  If your program is a subroutine library, you may
 consider it more useful to permit linking proprietary applications with the
 library.  If this is what you want to do, use the GNU Library General
 Public License instead of this License.
--- a/check_hpssacli/README
+++ b/check_hpssacli/README
@ -0,0 +1,53 @@
 = check_hpssacli =
 Checks the raid status on a HP Array using hpssacli. to check the following:
 * Controller Status
 * Controller Cache Status
 * Logical disk health (raid status)
 * Physical disk health
 == Download ==
 check_hpssacli.py depends on the hpssacli binary which comes with the HP Proliant Support Pack (PSP). The PSP can be downloaded [http://downloads.linux.hp.com/SDR/downloads/ProLiantSupportPack here].
 You can get check_hpacucly.py directly from our subversion repo [http://opensource.is/trac/browser/nagios-plugins/check_hpssacli/trunk here]
 == help page ==
 {{{
 # python check_hpssacli.py  --help
 check_hpssacli version 1.0
 This plugin checks HP Array with the hpssacli command
 Usage: check_hpssacli.py 
 Usage: check_hpssacli.py [--help]
 Usage: check_hpssacli.py [--version]
 Usage: check_hpssacli.py [--path </path/to/hpssacli>]
 Usage: check_hpssacli.py [--no-perfdata]
 Usage: check_hpssacli.py [--no-longoutput]
 }}}
 == Example output ==
 {{{
 # ./check_hparray --all
 OK - Found 1 controllers, 2 logicaldisks. 8 physicaldisks.  | 
 Smart Array P400 in Slot 1
 - Controller Status: OK (sn: P61620F9VV6FX2)
 - Cache Status: OK (sn: PA82C0H9VV4695)
 Checking logical Disks:
 - Logical Drive: 1 (/boot 101 MB) = OK
 - Logical Drive: 2 (None) = OK
 Checking Physical Disks:
 - physicaldrive 2I:1:1, SAS, 146 GB = OK
 - physicaldrive 2I:1:2, SAS, 146 GB = OK
 - physicaldrive 1I:1:5, SAS, 146 GB = OK
 - physicaldrive 1I:1:6, SAS, 146 GB = OK
 - physicaldrive 1I:1:7, SAS, 146 GB = OK
 - physicaldrive 1I:1:8, SAS, 146 GB = OK
 - physicaldrive 2I:1:3, SAS, 146 GB = OK
 - physicaldrive 2I:1:4, SAS, 146 GB = OK
 }}}
--- a/check_hpssacli/check_hpssacli.py
+++ b/check_hpssacli/check_hpssacli.py
@ -0,0 +1,362 @@
 #!/usr/bin/python
 #
 # Copyright 2019, Gardar Thorsteinsson <gardar@ok.is>
 #
 # check_hpssacli.py is free software: you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
 # check_hpssacli.py is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU General Public License for more details.
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 # About this script
 #
 # This script will check the status of Smart Array Raid Controller
 # You need the hpssacli binary in path (/usr/sbin/hpssacli is a good place)
 # hpssacli comes with the Proliant Support Pack (PSP) from HP
 debugging = False
 # No real need to change anything below here
 version = "1.1"
 ok = 0
 warning = 1
 critical = 2
 unknown = 3
 not_present = -1
 nagios_status = -1
 state = {}
 state[not_present] = "Not Present"
 state[ok] = "OK"
 state[warning] = "Warning"
 state[critical] = "Critical"
 state[unknown] = "Unknown"
 longserviceoutput = "\n"
 perfdata = ""
 summary = ""
 sudo = False
 from sys import exit
 from sys import argv
 from os import getenv, putenv, environ
 import subprocess
 def print_help():
    print "check_hpssacli version %s" % version
    print "This plugin checks HP Array with the hpssacli command"
    print ""
    print "Usage: %s " % argv[0]
    print "Usage: %s [--help]" % argv[0]
    print "Usage: %s [--version]" % argv[0]
    print "Usage: %s [--path </path/to/hpssacli>]" % argv[0]
    print "Usage: %s [--no-perfdata]" % argv[0]
    print "Usage: %s [--no-longoutput]" % argv[0]
    print  ""
 def error(errortext):
    print "* Error: %s" % errortext
    print_help()
    print "* Error: %s" % errortext
    exit(unknown)
 def debug(debugtext):
    global debugging
    if debugging:
        print  debugtext
 def runCommand(command):
    """ Run command from the shell prompt. Exit Nagios style if unsuccessful"""
    proc = subprocess.Popen(command,
                            shell=True,
                            stdout=subprocess.PIPE,
                            stderr=subprocess.PIPE,
                            )
    stdout, stderr = proc.communicate('through stdin to stdout')
    if proc.returncode > 0:
        print "Error %s: %s\n command was: '%s'"\
              % (proc.returncode, stderr.strip(), command)
    debug("results: %s" % (stdout.strip()))
    if proc.returncode == 127:  # File not found, lets print path
        path = getenv("PATH")
        print "Check if your path is correct %s" % (path)
    if stderr.find('Password:') == 0 and command.find('sudo') == 0:
        print "Check if user is in the sudoers file"
    if stderr.find('sorry, you must have a tty to run sudo') == 0 and command.find('sudo') == 0:
        print "Please remove 'requiretty' from /etc/sudoers"
        exit(unknown)
    else:
        return stdout
 def end():
    global summary
    global longserviceoutput
    global perfdata
    global nagios_status
    print "%s - %s | %s" % (state[nagios_status], summary, perfdata)
    print longserviceoutput
    if nagios_status < 0:
        nagios_status = unknown
    exit(nagios_status)
 def add_perfdata(text):
    global perfdata
    text = text.strip()
    perfdata = perfdata + " %s " % (text)
 def add_long(text):
    global longserviceoutput
    longserviceoutput = longserviceoutput + text + '\n'
 def add_summary(text):
    global summary
    summary = summary + text
 def set_path(path):
    current_path = getenv('PATH')
    if current_path.find('C:\\') > -1:  # We are on this platform
        if path == '':
            path = ";C:\Program Files\hp\hpssacli\Bin"
            path = path + ";C:\Program Files (x86)\hp\hpssacli\Bin"
            path = path + ";C:\Program Files\Smart Storage Administrator\ssacli\bin"
        else:
            path = ';' + path
    else:  # Unix/Linux, etc
        if path == '':
            path = ":/usr/sbin"
        else:
            path = ':' + path
    current_path = "%s%s" % (current_path, path)
    environ['PATH'] = current_path
 def run_hpssacli(run_type='controllers', controller=None):
    if run_type == 'controllers':
        command = "hpssacli  controller all show detail"
    elif run_type in ('logicaldisks', 'physicaldisks'):
        if 'Slot' not in controller:
            add_summary("Controller not found")
            end()
        identifier = 'slot=%s' % (controller['Slot'])
        command = "hpssacli  controller %s %s all show detail"
        if run_type == 'logicaldisks':
            subcommand = 'ld'
        elif run_type == 'physicaldisks':
            subcommand = 'pd'
        else:
            end()
            return
        command = command % (identifier, subcommand)
    debug(command)
    if sudo:
        command = "sudo " + command
    output = runCommand(command)
    # Some basic error checking
    error_strings = ['Permission denied']
    error_strings.append('Error: You need to have administrator rights to continue.')
    for error in error_strings:
        if output.find(error) > -1 and output.find("sudo") != 0:
            command = "sudo " + command
            print command
            output = runCommand(command)
    output = output.split('\n')
    objects = []
    my_object = None
    for i in output:
        if len(i) == 0:
            continue
        if i.strip() == '':
            continue
        if i.startswith('Note:'):
            continue
        if run_type == 'controllers' and i[0] != ' ':   # space on first line
            if my_object and not my_object in objects:
                objects.append(my_object)
            my_object = {}
            my_object['name'] = i
        elif run_type == 'logicaldisks' and i.find('Logical Drive:') > 0:
            if my_object and not my_object in objects:
                objects.append(my_object)
            my_object = {}
            my_object['name'] = i.strip()
        elif run_type == 'physicaldisks' and i.find('physicaldrive') > 0:
            if my_object and not my_object in objects:
                objects.append(my_object)
            my_object = {}
            my_object['name'] = i.strip()
        else:
            i = i.strip()
            if i.find(':') < 1:
                continue
            i = i.split(':')
            if i[0] == '':
                continue  # skip empty lines
            if len(i) == 1:
                continue
            key = i[0].strip()
            value = ' '.join(i[1:]).strip()
            my_object[key] = value
    if my_object and not my_object in objects:
        objects.append(my_object)
    return objects
 controllers = []
 def check_controllers():
    global controllers
    status = -1
    controllers = run_hpssacli()
    if len(controllers) == 0:
        add_summary("No Disk Controllers Found. Exiting...")
        global nagios_state
        nagios_state = unknown
        end()
    add_summary("Found %s controllers" % (len(controllers)))
    for i in controllers:
        controller_status = check(i, 'Controller Status', 'OK')
        status = max(status, controller_status)
        cache_status = check(i, 'Cache Status')
        status = max(status, cache_status)
        controller_serial = 'n/a'
        cache_serial = 'n/a'
        if 'Serial Number' in i:
            controller_serial = i['Serial Number']
        if 'Cache Serial Number' in i:
            cache_serial = i['Cache Serial Number']
        add_long("%s" % (i['name']))
        add_long("- Controller Status: %s (sn: %s)"
                 % (state[controller_status], controller_serial))
        add_long("- Cache Status: %s (sn: %s)"
                  % (state[cache_status], cache_serial))
        if controller_status > ok or cache_status > ok:
            add_summary(";%s on %s;" % (state[controller_status], i['name']))
    add_summary(', ')
    return status
 def check_logicaldisks():
    global controllers
    if len(controllers) < 1:
        controllers = run_hpssacli()
    logicaldisks = []
    for controller in controllers:
        for ld in run_hpssacli(run_type='logicaldisks',
                                controller=controller):
            logicaldisks.append(ld)
    status = -1
    add_long("\nChecking logical Disks:")
    add_summary("%s logicaldisks" % (len(logicaldisks)))
    for i in logicaldisks:
        ld_status = check(i, 'Status')
        status = max(status, ld_status)
        if i.get('Status') == 'Failed':
            status = max(status, critical)
        mount_point = i['Mount Points']
        add_long("- %s (%s) = %s" % (i['name'], mount_point, state[ld_status]))
    add_summary(". ")
 def check_physicaldisks():
    global controllers
    disktype = 'physicaldisks'
    if len(controllers) < 1:
        controllers = run_hpssacli()
    disks = []
    for controller in controllers:
        for disk in run_hpssacli(run_type=disktype, controller=controller):
            disks.append(disk)
    status = -1
    add_long("\nChecking Physical Disks:")
    add_summary("%s %s" % (len(disks), disktype))
    for i in disks:
        disk_status = check(i, 'Status')
        status = max(status, disk_status)
        size = i['Size']
        firmware = i['Firmware Revision']
        interface = i['Interface Type']
        serial = i['Serial Number']
        model = i['Model']
        add_long("- %s, %s, %s = %s" %
                 (i['name'], interface, size, state[disk_status])
        )
        if disk_status > ok:
            error_str = "-- Replace drive, firmware=%s, model=%s, serial=%s"
            add_long(error_str % (firmware, model, serial))
    if status > ok:
        add_summary("(errors)")
        add_summary(". ")
 def check(my_object, field, valid_states=None):
    if valid_states is None:
        valid_states = ['OK']
    state = -1
    global nagios_status
    if field in my_object:
        if my_object[field] in valid_states:
            state = ok
        else:
            state = warning
    nagios_status = max(nagios_status, state)
    return state
 def parse_arguments():
    arguments = argv[1:]
    while len(arguments) > 0:
        arg = arguments.pop(0)
        if arg == '--help':
            print_help()
            exit(ok)
        elif arg == '--path':
            path = arguments.pop(0)
            set_path(path)
        elif arg == '--debug':
            global debugging
            debugging = True
        elif arg == '--sudo':
            global sudo
            sudo = True
        else:
            print_help()
            exit(unknown)
 def main():
    parse_arguments()
    set_path('')
    check_controllers()
    check_logicaldisks()
    check_physicaldisks()
    end()
 if __name__ == '__main__':
    main()
--- a/check_hpssacli/nagios-okplugin-check_hpssacli.spec
+++ b/check_hpssacli/nagios-okplugin-check_hpssacli.spec
@ -0,0 +1,45 @@
 %define debug_package %{nil}
 Summary:	A Nagios plugin to check HP Array with hpssacli
 Name:		nagios-okplugin-check_hpssacli
 Version:	1.1
 Release:	1%{?dist}
 License:	GPLv2+
 Group:		Applications/System
 URL:		http://opensource.is/trac/wiki/check_hpssacli
 Source0:	http://opensource.ok.is/trac/browser/nagios-plugins/check_hpssacli/releases/nagios-okplugin-check_hpssacli-%{version}.tar.gz
 Requires:	hpssacli
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Packager:	Gardar Thorsteinsson <gardar@ok.is>
 %description
 Checks HP Array with hpssacli
 %prep
 %setup -q
 perl -pi -e "s|/usr/lib|%{_libdir}|g" nrpe.d/check_hpssacli.cfg
 perl -pi -e "s|/usr/lib64|%{_libdir}|g" sudoers.d/*
 %build
 %install
 rm -rf %{buildroot}
 install -D -p -m 0755 check_hpssacli.py %{buildroot}%{_libdir}/nagios/plugins/check_hpssacli.py
 install -D -p -m 0755 nrpe.d/check_hpssacli.cfg %{buildroot}/etc/nrpe.d/check_hpssacli.cfg
 install -D -p -m 0440 sudoers.d/check_hpssacli %{buildroot}/etc/sudoers.d/check_hpssacli
 %clean
 rm -rf %{buildroot}
 %files
 %defattr(-,root,root,-)
 %doc README LICENSE
 %{_libdir}/nagios/plugins/*
 /etc/nrpe.d/check_hpssacli.cfg
 /etc/sudoers.d/check_hpssacli
 %changelog
 * Fri Jun 14 2019 Gardar Thorsteinsson <gardar@ok.is> 1.1
 - Initial packaging
--- a/check_hpssacli/nrpe.d/check_hpssacli.cfg
+++ b/check_hpssacli/nrpe.d/check_hpssacli.cfg
@ -0,0 +1,2 @@
 command[check_hpssacli]=sudo /usr/lib/nagios/plugins/check_hpssacli.py
--- a/check_hpssacli/sudoers.d/check_hpssacli
+++ b/check_hpssacli/sudoers.d/check_hpssacli
@ -0,0 +1,2 @@
 Defaults:nrpe	!requiretty
 nrpe        ALL=(ALL)       NOPASSWD: /usr/lib64/nagios/plugins/check_hpssacli.py
--- a/check_ipa/check_ipa_replication
+++ b/check_ipa/check_ipa_replication
@ -46,9 +46,9 @@ except Exception, e:
 # Loop through replication agreements
 for rhost in replication:
    plugin.add_summary("Replica %s Status: %s" % (rhost[1]['nsDS5ReplicaHost'][0], rhost[1]['nsds5replicaLastUpdateStatus'][0]))
-    if rhost[1]['nsds5replicaLastUpdateStatus'][0][:2] == "0 ":
+    if rhost[1]['nsds5replicaLastUpdateStatus'][0][7:8] == "0":
        plugin.status(ok)
-    elif rhost[1]['nsds5replicaLastUpdateStatus'][0][:2] == "1 ":
+    elif rhost[1]['nsds5replicaLastUpdateStatus'][0][7:8] == "1":
        # Busy Replica is not an error, its "unknown" (but its "ok" for now)
        plugin.status(ok)
    else:
--- a/check_service.sh/check_service.sh
+++ b/check_service.sh/check_service.sh
@ -0,0 +1,349 @@
 #!/usr/bin/env bash
 set -o pipefail
 # Author: Jon Schipp
 # 2015-03-09 [Pascal Hegy] - Add sudo for linux
 # 2015-03-09 [Pascal Hegy] - Change USER variable to USERNAME to avoid the use and confusion with the USER env variable
 # 2017-08-30 [Roberto Leibman] - Reordered checks to make sure dead and inactive get checked first
 # 2018-04-25 [Robin Gierse] - Update check via systemctl for Linux with grep to produce better output for systemctl
 # 2019-03-15 [nem / liberodark] - Add support for check all failed services in linux
 ########
 # Examples:
 # 1.) List services for osx
 # $ ./check_service.sh -l -o osx
 #
 # 2.) Check status of SSH service on a linux machine
 # $ ./check_service.sh -o linux -s sshd
 # 3.) Manually select service management tool and service
 # $ ./check_service.sh -o linux -t "service rsyslog status"
 # Exemple for check all failed services
 # $ ./check_service.sh -o linux -t "systemctl list-units --state=failed"
 # Nagios Exit Codes
 OK=0
 WARNING=1
 CRITICAL=2
 UNKNOWN=3
 # Weather or not we can trust the exit code from the service management tool.
 # Defaults to 0, put to 1 for systemd.  Otherwise we must rely on parsing the
 # output from the service management tool.
 TRUST_EXIT_CODE=0
 usage()
 {
 cat <<EOF
 Check status of system services for Linux, FreeBSD, OSX, and AIX.
     Options:
        -s <service>    Specify service name
        -l              List services
        -o <os>         OS type, "linux/osx/freebsd/aix"
        -u <user>       User if you need to ``sudo -u'' for launchctl (def: nagios, linux and osx only)
        -t <tool>       Manually specify service management tool (def: autodetect) with status and service
                        e.g. ``-t "service nagios status"''
 EOF
 }
 argcheck() {
 # if less than n argument
 if [ $ARGC -lt $1 ]; then
        echo "Missing arguments! Use \`\`-h'' for help."
        exit 1
 fi
 }
 os_check() {
 if [ "$OS" == null ]; then
 	unamestr=$(uname)
        if [[ $unamestr == 'Linux' ]]; then
                OS='linux'
        elif [[ $unamestr == 'FreeBSD' ]]; then
               OS='freebsd'
        elif [[ $unamestr == 'Darwin' ]]; then
               OS='osx'	       
        else
                echo "OS not recognized, Use \`-o\` and specify the OS as an argument"
                exit 3
        fi
 fi
 }
 determine_service_tool() {
 if [[ $OS == linux ]]; then
        if command -v systemctl >/dev/null 2>&1; then
                SERVICETOOL="systemctl status $SERVICE | grep -i Active"
                LISTTOOL="systemctl"
                if [ $USERNAME ]; then
                    SERVICETOOL="sudo -u $USERNAME systemctl status $SERVICE"
                    LISTTOOL="sudo -u $USERNAME systemctl"
                fi
 		TRUST_EXIT_CODE=1
        elif command -v service >/dev/null 2>&1; then
                SERVICETOOL="service $SERVICE status"
                LISTTOOL="service --status-all"
                if [ $USERNAME ]; then
                    SERVICETOOL="sudo -u $USERNAME service $SERVICE status"
                    LISTTOOL="sudo -u $USERNAME service --status-all"
                fi
        elif command -v initctl >/dev/null 2>&1; then
                SERVICETOOL="status $SERVICE"
                LISTTOOL="initctl list"
                if [ $USERNAME ]; then
                    SERVICETOOL="sudo -u $USERNAME status $SERVICE"
                    LISTTOOL="sudo -u $USERNAME initctl list"
                fi
        elif command -v chkconfig >/dev/null 2>&1; then
                SERVICETOOL=chkconfig
                LISTTOOL="chkconfig --list"
                if [ $USERNAME ]; then
                    SERVICETOOL="sudo -u $USERNAME chkconfig"
                    LISTTOOL="sudo -u $USERNAME chkconfig --list"
                fi
        elif [ -f /etc/init.d/$SERVICE ] || [ -d /etc/init.d ]; then
                SERVICETOOL="/etc/init.d/$SERVICE status | tail -1"
                LISTTOOL="ls -1 /etc/init.d/"
                if [ $USERNAME ]; then
                    SERVICETOOL="sudo -u $USERNAME /etc/init.d/$SERVICE status | tail -1"
                    LISTTOOL="sudo -u $USERNAME ls -1 /etc/init.d/"
                fi
        else
                echo "Unable to determine the system's service tool!"
                exit 1
        fi
 fi
 if [[ $OS == freebsd ]]; then
        if command -v service >/dev/null 2>&1; then
                SERVICETOOL="service $SERVICE status"
                LISTTOOL="service -l"
        elif [ -f /etc/rc.d/$SERVICE ] || [ -d /etc/rc.d ]; then
                SERVICETOOL="/etc/rc.d/$SERVICE status"
                LISTTOOL="ls -1 /etc/rc.d/"
        else
                echo "Unable to determine the system's service tool!"
                exit 1
        fi
 fi
 if [[ $OS == osx ]]; then
        if [ -f /usr/sbin/serveradmin >/dev/null 2>&1 ] && serveradmin list | grep "$SERVICE" 2>&1 >/dev/null; then
                SERVICETOOL="serveradmin status $SERVICE"
                LISTTOOL="serveradmin list"
        elif [ -f /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin >/dev/null 2>&1 ] && \
               /Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin list | \
                grep "$SERVICE" 2>&1 >/dev/null; then
                SERVICETOOL="/Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin status $SERVICE"
                LISTTOOL="/Applications/Server.app/Contents/ServerRoot/usr/sbin/serveradmin list"
        elif command -v launchctl >/dev/null 2>&1; then
                SERVICETOOL="launchctl list | grep -v ^- | grep $SERVICE || echo $SERVICE not running! "
                LISTTOOL="launchctl list"
                if [ $USERNAME ]; then
                        SERVICETOOL="sudo -u $USERNAME launchctl list | grep -v ^- | grep $SERVICE || echo $SERVICE not running! "
                        LISTTOOL="sudo -u $USERNAME launchctl list"
                fi
        elif command -v service >/dev/null 2>&1; then
                SERVICETOOL="service --test-if-configured-on $SERVICE"
                LISTTOOL="service list"
        else
                echo "Unable to determine the system's service tool!"
                exit 1
        fi
 fi
 if [[ $OS == aix ]]; then
        if command -v lssrc >/dev/null 2>&1; then
                SERVICETOOL="lssrc -s $SERVICE | grep -v Subsystem"
                LISTTOOL="lssrc -a"
        else
                echo "Unable to determine the system's service tool!"
                exit 1
        fi
 fi
 }
 ARGC=$#
 LIST=0
 MANUAL=0
 OS=null
 SERVICETOOL=null
 LISTTOOL=null
 SERVICE=".*"
 #USERNAME=nagios
 argcheck 1
 while getopts "hls:o:t:u:" OPTION
 do
     case $OPTION in
         h)
             usage
             exit 0
             ;;
         l)
             LIST=1
             ;;
         s)
             SERVICE="$OPTARG"
             ;;
         o)
             if [[ "$OPTARG" == linux ]]; then
                     OS="$OPTARG"
             elif [[ "$OPTARG" == osx ]]; then
                     OS="$OPTARG"
             elif [[ "$OPTARG" == freebsd ]]; then
                     OS="$OPTARG"
             elif [[ "$OPTARG" == aix ]]; then
                     OS="$OPTARG"
             else
                     echo "Unknown type!"
                     exit 1
             fi
             ;;
         t)
             MANUAL=1
             MANUALSERVICETOOL="$OPTARG"
             ;;
         u)
             USERNAME="$OPTARG"
             ;;
         \?)
             exit 1
             ;;
     esac
 done
 os_check
 if [ $MANUAL -eq 1 ]; then
 SERVICETOOL=$MANUALSERVICETOOL
 else
 determine_service_tool
 fi
 # -l conflicts with -t                                                                                                                                                   
 if [ $MANUAL -eq 1 ] && [ $LIST -eq 1 ]; then
    echo "Options conflict: \`\`-t'' and \`\`-l''"
    exit 2
 fi
 if [ $LIST -eq 1 ]; then
        if [[ $LISTTOOL != null ]]; then
                $LISTTOOL
                exit 0
        else
                echo "OS not specified! Use \`\`-o''"
                exit 2
        fi
 fi
 # Check the status of a service
 STATUS_MSG=$(eval "$SERVICETOOL" 2>&1)
 EXIT_CODE=$?
 ## Exit code from the service tool - if it's non-zero, we should
 ## probably return CRITICAL.  (though, in some cases UNKNOWN would
 ## probably be more appropriate)
 [ $EXIT_CODE -ne 0 ] && echo "$STATUS_MSG" && exit $CRITICAL
 ## For systemd and most systems, $EXIT_CODE can be trusted - if it's 0, the service is running.
 ## Ref https://github.com/jonschipp/nagios-plugins/issues/15
 [ $TRUST_EXIT_CODE -eq 1 ] && [ $EXIT_CODE -eq 0 ] && echo "$STATUS_MSG" && exit $OK 
 case $STATUS_MSG in
 *stop*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *STOPPED*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *not*running*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *NOT*running*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *NOT*RUNNING*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 #*inactive*)
 #        echo "$STATUS_MSG"
 #        exit $CRITICAL
 #        ;;
 *dead*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *running*)
        echo "$STATUS_MSG"
        exit $OK
        ;;
 *RUNNING*)
        echo "$STATUS_MSG"
        exit $OK
        ;;
 *SUCCESS*)
        echo "$STATUS_MSG"
        exit $OK
        ;;
 *[eE]rr*)
        echo "Error in command: $STATUS_MSG"
        exit $CRITICAL
        ;;
 *[fF]ailed*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *[eE]nable*)
        echo "$STATUS_MSG"
        exit $OK
        ;;
 *[dD]isable*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *[cC]annot*)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 *[aA]ctive*)
        echo "$STATUS_MSG"
        exit $OK
        ;;
 *Subsystem*not*on*file)
        echo "$STATUS_MSG"
        exit $CRITICAL
        ;;
 [1-9][1-9]*)
        echo "$SERVICE running: $STATUS_MSG"
        exit $OK
        ;;
 "")
 	echo "$SERVICE is not running: no output from service command"
 	exit $CRITICAL
 	;;
 *)
        echo "Unknown status: $STATUS_MSG"
        echo "Is there a typo in the command or service configuration?: $STATUS_MSG"
        exit $UNKNOWN
        ;;
 *0\ loaded*)
        echo "$STATUS_MSG"
        exit $OK
        ;;
 esac
--- a/check_service.sh/nagios-plugins-check_service.spec
+++ b/check_service.sh/nagios-plugins-check_service.spec
@ -0,0 +1,48 @@
 %define debug_package %{nil}
 Summary:	A Nagios plugin to check services on Linux servers
 Name:		nagios-plugins-check_service
 Version:	0
 Release:	1%{?dist}
 License:	GPLv2+
 Group:		Applications/System
 URL:		https://github.com/jonschipp/nagios-plugins/blob/master/check_service.sh
 Source0:	http://opensource.ok.is/trac/browser/nagios-plugins/check_service/releases/nagios-plugins-check_service-%{version}.tar.gz
 Requires:	nrpe
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Packager:	Gardar Thorsteinsson <gardar@ok.is>
 BuildArch:	noarch
 %description
 Check status of system services for Linux, FreeBSD, OSX, and AIX.
 %prep
 %setup -q
 perl -pi -e "s|/usr/lib/|%{_libdir}/|g" nrpe.d/check_service.cfg
 perl -pi -e "s|/usr/lib64/|%{_libdir}/|g" nrpe.d/check_service.cfg
 %build
 %install
 rm -rf %{buildroot}
 install -D -p -m 0755 check_service.sh %{buildroot}%{_libdir}/nagios/plugins/check_service.sh
 install -D -p -m 0755 nrpe.d/check_service.cfg %{buildroot}/etc/nrpe.d/check_service.cfg
 %clean
 rm -rf %{buildroot}
 %post
 /sbin/service nrpe reload
 %files
 %defattr(-,root,root,-)
 #%doc README LICENSE
 %{_libdir}/nagios/plugins/*
 /etc/nrpe.d/check_service.cfg
 %changelog
 * Tue Apr 21 2020  <gardar@ok.is> 0.1-1
 - Initial packaging
--- a/check_service.sh/nrpe.d/check_service.cfg
+++ b/check_service.sh/nrpe.d/check_service.cfg
@ -0,0 +1 @@
 command[check_service]=/usr/lib/nagios/plugins/check_service.sh
--- a/check_snmp/check_snmp_cpfw.pl
+++ b/check_snmp/check_snmp_cpfw.pl
@ -5,6 +5,9 @@
 # Author  : Patrick Proy (patrick at proy.org)
 # Help : http://nagios.manubulon.com
 # Licence : GPL - http://www.fsf.org/licenses/gpl.txt
 # Patch 1.2.1c
 # Author : monitoreo.osi@uchile.cl
 # Desc:  warn/crit threshold to conns/seg check
 # TODO : 
 # - check sync method
 #################################################################
@ -19,6 +22,7 @@ use Getopt::Long;
 # Nagios specific
 use lib "/usr/local/nagios/libexec";
 #use lib "/usr/lib/nagios/plugins"; # use in ubugtu
 use utils qw(%ERRORS $TIMEOUT);
 #my $TIMEOUT = 15;
 #my %ERRORS=('OK'=>0,'WARNING'=>1,'CRITICAL'=>2,'UNKNOWN'=>3,'DEPENDENT'=>4);
@ -26,87 +30,90 @@ use utils qw(%ERRORS $TIMEOUT);
 ########### SNMP Datas ########### 
 ###### FW data
-my $policy_state	= "1.3.6.1.4.1.2620.1.1.1.0"; # "Installed"
+my $policy_state     = "1.3.6.1.4.1.2620.1.1.1.0";        # Installed
-my $policy_name		= "1.3.6.1.4.1.2620.1.1.2.0"; # Installed policy name
+my $policy_name      = "1.3.6.1.4.1.2620.1.1.2.0";        # Installed policy name
-my $connections		= "1.3.6.1.4.1.2620.1.1.25.3.0"; # number of connections
+my $connections      = "1.3.6.1.4.1.2620.1.1.25.3.0";     # Number of connections
-#my $connections_peak	= "1.3.6.1.4.1.2620.1.1.25.4.0"; # peak number of connections
+my $connectionsSR    = "1.3.6.1.4.1.2620.1.1.26.11.6.0" ; # FwConnectionsStatConnectionRate aka connx/seg
-my @fw_checks 		= ($policy_state,$policy_name,$connections);
+my $connectionsPeak  = "1.3.6.1.4.1.2620.1.1.25.4.0";     # Peak number of connections
 my @fw_checks        = ($policy_state,$policy_name,$connections,$connectionsSR,$connectionsPeak);
 ###### SVN data
-my $svn_status		= "1.3.6.1.4.1.2620.1.6.102.0"; # "OK" svn status
+my $svn_status    = "1.3.6.1.4.1.2620.1.6.102.0"; # "OK" svn status
-my %svn_checks		= ($svn_status,"OK");
+my %svn_checks    = ($svn_status,"OK");
-my %svn_checks_n	= ($svn_status,"SVN status");
+my %svn_checks_n  = ($svn_status,"SVN status");
-my @svn_checks_oid	= ($svn_status);
+my @svn_checks_oid  = ($svn_status);
 ###### HA data
-my $ha_active		= "1.3.6.1.4.1.2620.1.5.5.0"; 	# "yes"
+my $ha_active       = "1.3.6.1.4.1.2620.1.5.5.0";       # "yes"
-my $ha_state		= "1.3.6.1.4.1.2620.1.5.6.0"; 	# "active" / "standby"
+my $ha_state        = "1.3.6.1.4.1.2620.1.5.6.0";       # "active" / "standby"
-my $ha_block_state	= "1.3.6.1.4.1.2620.1.5.7.0"; 	#"OK" : ha blocking state
+my $ha_status       = "1.3.6.1.4.1.2620.1.5.102.0";     # "OK" : ha status
-my $ha_status		= "1.3.6.1.4.1.2620.1.5.102.0"; # "OK" : ha status
+my $ha_block_state  = "1.3.6.1.4.1.2620.1.5.7.0";       # "OK" : ha blocking state
-my %ha_checks		=( $ha_active,"yes",$ha_state,"active",$ha_block_state,"OK",$ha_status,"OK");
+my %ha_checks       =( $ha_active,"yes",$ha_state,"active",$ha_block_state,"OK",$ha_status,"OK");
-my %ha_checks_stand	=( $ha_active,"yes",$ha_state,"standby",$ha_block_state,"OK",$ha_status,"OK");
+my %ha_checks_stand =( $ha_active,"yes",$ha_state,"standby",$ha_block_state,"OK",$ha_status,"OK");
-my %ha_checks_n		=( $ha_active,"HA active",$ha_state,"HA state",$ha_block_state,"HA block state",$ha_status,"ha_status");
+my %ha_checks_n     =( $ha_active,"HA active",$ha_state,"HA state",$ha_block_state,"HA block state",$ha_status,"ha_status");
-my @ha_checks_oid	=( $ha_active,$ha_state,$ha_block_state,$ha_status);
+my @ha_checks_oid   =( $ha_active,$ha_state,$ha_block_state,$ha_status);
-my $ha_mode		= "1.3.6.1.4.1.2620.1.5.11.0";  # "Sync only"/"High Availability (Active Up)" : ha Working mode
+my $ha_mode         = "1.3.6.1.4.1.2620.1.5.11.0";  # "Sync only"/"High Availability (Active Up)" : ha Working mode
 my $ha_tables       = "1.3.6.1.4.1.2620.1.5.13.1";  # ha status table
 my $ha_tables_index = ".1";
 my $ha_tables_name  = ".2";
 my $ha_tables_state = ".3"; # "OK"
 my $ha_tables_prbdesc = ".6"; # Description if state is != "OK"
-my $ha_tables		= "1.3.6.1.4.1.2620.1.5.13.1"; 	# ha status table
+#my @ha_table_check = ("Synchronization","Filter","cphad","fwd"); # process to check
 my $ha_tables_index	= ".1";
 my $ha_tables_name	= ".2";
 my $ha_tables_state	= ".3"; # "OK"
 my $ha_tables_prbdesc	= ".6"; # Description if state is != "OK"
 #my @ha_table_check	= ("Synchronization","Filter","cphad","fwd"); # process to check
 ####### MGMT data
-my $mgmt_status		= "1.3.6.1.4.1.2620.1.7.5.0";	# "active" : management status
+my $mgmt_status   = "1.3.6.1.4.1.2620.1.7.5.0";       # "active" : management status
-my $mgmt_alive		= "1.3.6.1.4.1.2620.1.7.6.0";   # 1 : management is alive if 1
+my $mgmt_alive    = "1.3.6.1.4.1.2620.1.7.6.0";       # 1 : management is alive if 1
-my $mgmt_stat_desc	= "1.3.6.1.4.1.2620.1.7.102.0"; # Management status description
+my $mgmt_stat_desc  = "1.3.6.1.4.1.2620.1.7.102.0";   # Management status description
-my $mgmt_stats_desc_l	= "1.3.6.1.4.1.2620.1.7.103.0"; # Management status long description
+my $mgmt_stats_desc_l = "1.3.6.1.4.1.2620.1.7.103.0"; # Management status long description
-my %mgmt_checks		= ($mgmt_status,"active",$mgmt_alive,"1");
+my %mgmt_checks   = ($mgmt_status,"active",$mgmt_alive,"1");
-my %mgmt_checks_n	= ($mgmt_status,"Mgmt status",$mgmt_alive,"Mgmt alive");
+my %mgmt_checks_n = ($mgmt_status,"Mgmt status",$mgmt_alive,"Mgmt alive");
-my @mgmt_checks_oid	= ($mgmt_status,$mgmt_alive);
+my @mgmt_checks_oid = ($mgmt_status,$mgmt_alive);
 #################################### Globals ##############################""
-my $Version='1.2.1';
+my $Version='1.2.1b';
-my $o_host = 	undef; 		# hostname
+my $o_host =  undef;      # hostname
-my $o_community = undef; 	# community
+my $o_community = undef;  # community
-my $o_version2	=undef;		# Version 2
+my $o_version2  = undef;  # Version 2
-my $o_port = 	161; 		# port
+my $o_port =  161;        # port
-my $o_help=	undef; 		# wan't some help ?
+my $o_help= undef;        # wan't some help ?
-my $o_verb=	undef;		# verbose mode
+my $o_verb= undef;        # verbose mode
-my $o_version=	undef;		# print version
+my $o_version=  undef;    # print version
-my $o_timeout=  5;            	# Default 5s Timeout
+my $o_timeout=  5;        # Default 5s Timeout
-my $o_warn=	undef;		# Warning for connections
+my $o_warn= undef;        # Warning for connections
-my $o_crit=	undef;		# Crit for connections
+my $o_crit= undef;        # Crit for connections
-my $o_svn=	undef;		# Check for SVN status
+my $o_warnSR= undef;      # Warning for connectionsSR
-my $o_fw=	undef;		# Check for FW status
+my $o_critSR= undef;      # Crit for connectionsSR
-my $o_ha=	undef;		# Check for HA status
+my $o_svn=  undef;        # Check for SVN status
-my $o_mgmt=	undef;		# Check for management status
+my $o_fw= undef;          # Check for FW status
-my $o_policy=	undef;		# Check for policy name
+my $o_ha= undef;          # Check for HA status
-my $o_conn=	undef;		# Check for connexions
+my $o_mgmt= undef;        # Check for management status
-my $o_perf=	undef;		# Performance data output 
+my $o_policy= undef;      # Check for policy name
 my $o_conn= undef;        # Check for connexions
 my $o_connSR= undef;      # Check for connexionsSR
 my $o_perf= undef;        # Performance data output 
 # SNMPv3 specific
-my $o_login=	undef;		# Login for snmpv3
+my $o_login=  undef;      # Login for snmpv3
-my $o_passwd=	undef;		# Pass for snmpv3
+my $o_passwd= undef;      # Pass for snmpv3
-my $v3protocols=undef;	# V3 protocol list.
+my $v3protocols=undef;    # V3 protocol list.
-my $o_authproto='md5';		# Auth protocol
+my $o_authproto='md5';    # Auth protocol
-my $o_privproto='des';		# Priv protocol
+my $o_privproto='des';    # Priv protocol
-my $o_privpass= undef;		# priv password
+my $o_privpass= undef;    # priv password
 # functions
 sub p_version { print "check_snmp_cpfw version : $Version\n"; }
 sub print_usage {
-    print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n";
+    print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) [-s] [-w [-p=pol_name] [-c=warn,crit]] [-r=warn,crit]]  [-m] [-a [standby] ] [-f] [-p <port>] [-t <timeout>] [-V]\n";
 }
 sub isnnum { # Return true if arg is not a number
@ -117,7 +124,7 @@ sub isnnum { # Return true if arg is not a number
 sub help {
   print "\nSNMP Checkpoint FW-1 Monitor for Nagios version ",$Version,"\n";
-   print "GPL Licence, (c)2004-2007 - Patrick Proy\n\n";
+   print "GPL Licence, (c)2004-2020 - Patrick Proy\n\n";
   print_usage();
   print <<EOT;
 -v, --verbose
@ -157,6 +164,8 @@ sub help {
   SNMP port (Default 161)
 -t, --timeout=INTEGER
   timeout for SNMP (Default: Nagios default)   
 -r, --connexionsSR=WARN,CRIT
   check warn and critical number of connexionsSR (must have -w)
 -V, --version
   prints version number
 EOT
@ -168,69 +177,81 @@ sub verb { my $t=shift; print $t,"\n" if defined($o_verb) ; }
 sub check_options {
    Getopt::Long::Configure ("bundling");
    GetOptions(
-   	'v'	=> \$o_verb,		'verbose'	=> \$o_verb,
+    'v' => \$o_verb,    'verbose' => \$o_verb,
-        'h'     => \$o_help,    	'help'        	=> \$o_help,
+        'h'     => \$o_help,      'help'          => \$o_help,
-        'H:s'   => \$o_host,		'hostname:s'	=> \$o_host,
+        'H:s'   => \$o_host,    'hostname:s'  => \$o_host,
-        'P:i'   => \$o_port,   		'port:i'	=> \$o_port,
+        'P:i'   => \$o_port,      'port:i'  => \$o_port,
-        'C:s'   => \$o_community,	'community:s'	=> \$o_community,
+        'C:s'   => \$o_community, 'community:s' => \$o_community,
-	'2'     => \$o_version2,        'v2c'           => \$o_version2,
+  '2'     => \$o_version2,        'v2c'           => \$o_version2,
-	'l:s'	=> \$o_login,		'login:s'	=> \$o_login,
+  'l:s' => \$o_login,   'login:s' => \$o_login,
-	'x:s'	=> \$o_passwd,		'passwd:s'	=> \$o_passwd,
+  'x:s' => \$o_passwd,    'passwd:s'  => \$o_passwd,
-	'X:s'	=> \$o_privpass,		'privpass:s'	=> \$o_privpass,
+  'X:s' => \$o_privpass,    'privpass:s'  => \$o_privpass,
-	'L:s'	=> \$v3protocols,		'protocols:s'	=> \$v3protocols,   
+  'L:s' => \$v3protocols,   'protocols:s' => \$v3protocols,   
- 	't:i'   => \$o_timeout,       	'timeout:i'     => \$o_timeout,
+  't:i'   => \$o_timeout,         'timeout:i'     => \$o_timeout,
-	'V'	=> \$o_version,		'version'	=> \$o_version,
+  'V' => \$o_version,   'version' => \$o_version,
-	's'	=> \$o_svn,		'svn'		=> \$o_svn,
+  's' => \$o_svn,   'svn'   => \$o_svn,
-	'w'	=> \$o_fw,		'fw'		=> \$o_fw,
+  'w' => \$o_fw,    'fw'    => \$o_fw,
-	'a:s'	=> \$o_ha,		'ha:s'		=> \$o_ha,
+  'a:s' => \$o_ha,    'ha:s'    => \$o_ha,
-	'm'	=> \$o_mgmt,		'mgmt'		=> \$o_mgmt,
+  'm' => \$o_mgmt,    'mgmt'    => \$o_mgmt,
-	'p:s'	=> \$o_policy,		'policy:s'	=> \$o_policy,
+  'p:s' => \$o_policy,    'policy:s'  => \$o_policy,
-	'c:s'	=> \$o_conn,		'connexions:s'	=> \$o_conn,
+  'c:s' => \$o_conn,    'connexions:s'  => \$o_conn,
-	'f'	=> \$o_perf,		'perfparse'	=> \$o_perf
+  'r:s' => \$o_connSR,   'rate:s' => \$o_connSR,
-    );
+  'f' => \$o_perf,    'perfparse' => \$o_perf
  );
    if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
    if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
    if ( ! defined($o_host) ) # check host and filter 
-	{ print_usage(); exit $ERRORS{"UNKNOWN"}}
+      { print_usage(); exit $ERRORS{"UNKNOWN"}}
    # check snmp information
    if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
-	  { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
+      { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
-	if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
+    if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
-	  { print "Can't mix snmp v1,2c,3 protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
+      { print "Can't mix snmp v1,2c,3 protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
-	if (defined ($v3protocols)) {
+    if (defined ($v3protocols)) {
-	  if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
+      if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
-	  my @v3proto=split(/,/,$v3protocols);
+      my @v3proto=split(/,/,$v3protocols);
-	  if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];	}	# Auth protocol
+      if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];  } # Auth protocol
-	  if (defined ($v3proto[1])) {$o_privproto=$v3proto[1];	}	# Priv  protocol
+      if (defined ($v3proto[1])) {$o_privproto=$v3proto[1]; } # Priv  protocol
-	  if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
+      if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
-	    print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
+        print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
-	}
+    }
    # Check firewall options
    if ( defined($o_conn)) {
      if ( ! defined($o_fw))
- 	{ print "Cannot check connexions without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
+        { print "Cannot check connexions without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      my @warncrit=split(/,/ , $o_conn);
      if ( $#warncrit != 1 ) 
        { print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
      ($o_warn,$o_crit)=@warncrit;
      if ( isnnum($o_warn) || isnnum($o_crit) )
-	{ print "Numeric values for warning and critical in -c options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+        { print "Numeric values for warning and critical in -c options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
-      if ($o_warn >= $o_crit)
+          if ($o_warn >= $o_crit)
-	{ print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+           { print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
    }
    if ( defined($o_connSR)) {
      if ( ! defined($o_fw))
        { print "Cannot check connexionsSR without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      my @warncritSR=split(/,/ , $o_connSR);
      if ( $#warncritSR != 1 ) 
        { print "Put warn,crit levels with -c option\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
      ($o_warnSR,$o_critSR)=@warncritSR;
      if ( isnnum($o_warnSR) || isnnum($o_critSR) )
        { print "Numeric values for warning and critical in -r options\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
          if ($o_warnSR >= $o_critSR)
           { print "warning <= critical ! \n";print_usage(); exit $ERRORS{"UNKNOWN"}}
    }
    if ( defined($o_policy)) {
      if (! defined($o_fw))
-	{ print "Cannot check policy name without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
+        { print "Cannot check policy name without checking fw\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      if ($o_policy eq "")
        { print "Put a policy name !\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
    }
    if (defined($o_perf) && ! defined ($o_conn))
-	{ print "Nothing selected for perfparse !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+      { print "Nothing selected for perfparse !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
    if (!defined($o_fw) && !defined($o_ha) && !defined($o_mgmt) && !defined($o_svn))
-	{ print "Must select a product to check !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+      { print "Must select a product to check !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
    if (defined ($o_ha) && ($o_ha ne "") && ($o_ha ne "standby")) 
-	{ print "-a option comes with 'standby' or nothing !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
+      { print "-a option comes with 'standby' or nothing !\n";print_usage(); exit $ERRORS{"UNKNOWN"}}
 }
 ########## MAIN #######
@ -259,49 +280,49 @@ if ( defined($o_login) && defined($o_passwd)) {
    if (!defined ($o_privpass)) {
  verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
    ($session, $error) = Net::SNMP->session(
-      -hostname   	=> $o_host,
+      -hostname     => $o_host,
-      -version		=> '3',
+      -version    => '3',
-      -username		=> $o_login,
+      -username   => $o_login,
-      -port      	=> $o_port,
+      -port       => $o_port,
-      -authpassword	=> $o_passwd,
+      -authpassword => $o_passwd,
-      -authprotocol	=> $o_authproto,
+      -authprotocol => $o_authproto,
      -timeout          => $o_timeout
    );  
  } else {
    verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
    ($session, $error) = Net::SNMP->session(
-      -hostname   	=> $o_host,
+      -hostname     => $o_host,
-      -version		=> '3',
+      -version    => '3',
-      -username		=> $o_login,
+      -username   => $o_login,
-      -port      	=> $o_port,
+      -port       => $o_port,
-      -authpassword	=> $o_passwd,
+      -authpassword => $o_passwd,
-      -authprotocol	=> $o_authproto,
+      -authprotocol => $o_authproto,
-      -privpassword	=> $o_privpass,
+      -privpassword => $o_privpass,
-	  -privprotocol => $o_privproto,
+      -privprotocol => $o_privproto,
      -timeout          => $o_timeout
    );
  }
 } else {
-	if (defined ($o_version2)) {
+  if (defined ($o_version2)) {
-		# SNMPv2 Login
+    # SNMPv2 Login
-		verb("SNMP v2c login");
+    verb("SNMP v2c login");
-		  ($session, $error) = Net::SNMP->session(
+      ($session, $error) = Net::SNMP->session(
-		 -hostname  => $o_host,
+     -hostname  => $o_host,
-		 -version   => 2,
+     -version   => 2,
-		 -community => $o_community,
+     -community => $o_community,
-		 -port      => $o_port,
+     -port      => $o_port,
-		 -timeout   => $o_timeout
+     -timeout   => $o_timeout
-		);
+    );
-  	} else {
+    } else {
-	  # SNMPV1 login
+    # SNMPV1 login
-	  verb("SNMP v1 login");
+    verb("SNMP v1 login");
-	  ($session, $error) = Net::SNMP->session(
+    ($session, $error) = Net::SNMP->session(
-		-hostname  => $o_host,
+    -hostname  => $o_host,
-		-community => $o_community,
+    -community => $o_community,
-		-port      => $o_port,
+    -port      => $o_port,
-		-timeout   => $o_timeout
+    -timeout   => $o_timeout
-	  );
+    );
-	}
+  }
 }
 if (!defined($session)) {
   printf("ERROR opening session: %s.\n", $error);
@ -327,8 +348,8 @@ $resultat = $session->get_request(
    foreach $key ( keys %svn_checks) {
      verb("$svn_checks_n{$key} : $svn_checks{$key} / $$resultat{$key}");
      if ( $$resultat{$key} ne $svn_checks{$key} ) {
-	$svn_print .= $svn_checks_n{$key} . ":" . $$resultat{$key} . " ";
+  $svn_print .= $svn_checks_n{$key} . ":" . $$resultat{$key} . " ";
-	$svn_state=2;
+  $svn_state=2;
      }  
    }
  } else {
@ -380,6 +401,8 @@ if (defined ($o_mgmt)) {
 my $fw_state=0;
 my $fw_print="";
 my $perf_conn=undef;
 my $perf_connSR=undef;
 my $perf_connPeak=undef;
 if (defined ($o_fw)) {
@ -392,6 +415,8 @@ if (defined ($o_fw)) {
    verb("State : $$resultat{$policy_state}");
    verb("Name : $$resultat{$policy_name}");
    verb("connections : $$resultat{$connections}");
    verb("connectionsSR : $$resultat{$connectionsSR}");
    verb("connectionsPeak : $$resultat{$connectionsPeak}");
    if ($$resultat{$policy_state} ne "Installed") {
      $fw_state=2;
@ -401,22 +426,38 @@ if (defined ($o_fw)) {
    if (defined($o_policy)) {
      if ($$resultat{$policy_name} ne $o_policy) {
-	    $fw_state=2;
+      $fw_state=2;
-	    $fw_print .= "Policy installed : $$resultat{$policy_name}";
+      $fw_print .= "Policy installed : $$resultat{$policy_name}";
      }
    }
    if (defined($o_conn)) {
      if ($$resultat{$connections} > $o_crit) {
-	 $fw_state=2;
+        $fw_state=2;
        $fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_crit." ";
      } else {
-	if ($$resultat{$connections} > $o_warn) {
+      if ($$resultat{$connections} > $o_warn) {
-	  if ($fw_state!=2) {$fw_state=1;}
+        if ($fw_state!=2) {$fw_state=1;}
-	  $fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_warn." ";    
+          $fw_print .= "Connexions : ".$$resultat{$connections}." > ".$o_warn." ";    
-	}
+          }
      }
      $perf_conn=$$resultat{$connections};
      $perf_connSR=$$resultat{$connectionsSR};
      $perf_connPeak=$$resultat{$connectionsPeak};
    }
    if (defined($o_connSR)) {
      if ($$resultat{$connectionsSR} > $o_critSR) {
        $fw_state=3;
        $fw_print .= "Conn/seg  : ".$$resultat{$connectionsSR}." > ".$o_critSR." ";
      } else {
      if ($$resultat{$connectionsSR} > $o_warnSR) {
        if ($fw_state!=3) {$fw_state=1;}
          $fw_print .= "Conn/seg : ".$$resultat{$connectionsSR}." > ".$o_warnSR." ";    
          }
      }
      $perf_conn=$$resultat{$connections};
      $perf_connSR=$$resultat{$connectionsSR};
      $perf_connPeak=$$resultat{$connectionsPeak};
    }
  } else {
    $fw_print .= "cannot find oids";
@ -448,17 +489,17 @@ if (defined ($o_ha)) {
      verb("$ha_checks_n{$key} : $ha_checks{$key} / $$resultat{$key}");
      if ( $o_ha eq "standby" ) {
        if ( $$resultat{$key} ne $ha_checks_stand{$key} ) {
-	  $ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " "; 
+    $ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " "; 
-	  $ha_state_n=2;
+    $ha_state_n=2;
        }
      } else {
        if ( $$resultat{$key} ne $ha_checks{$key} ) {
-	  $ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " "; 
+    $ha_print .= $ha_checks_n{$key} . ":" . $$resultat{$key} . " "; 
-	  $ha_state_n=2;
+    $ha_state_n=2;
        }
      }  
    }
-    #my $ha_mode		= "1.3.6.1.4.1.2620.1.5.11.0";  # "Sync only" : ha Working mode
+    #my $ha_mode    = "1.3.6.1.4.1.2620.1.5.11.0";  # "Sync only" : ha Working mode
  } else {
    $ha_print .= "cannot find oids";
    #Critical state if not found because it means soft is not activated
@ -467,7 +508,7 @@ if (defined ($o_ha)) {
  # get ha status table
  $resultat = $session->get_table(
-	  Baseoid => $ha_tables
+    Baseoid => $ha_tables
  ); 
  my %status;
  my (@index,@oid) = (undef,undef);
@ -477,10 +518,10 @@ if (defined ($o_ha)) {
  if (defined($resultat)) {
    foreach $key ( keys %$resultat) {
      if ( $key =~ /$index_search/) {
-	@oid=split (/\./,$key);
+  @oid=split (/\./,$key);
-	pop(@oid);
+  pop(@oid);
-	$index[$nindex]=pop(@oid);
+  $index[$nindex]=pop(@oid);
-	$nindex++; 
+  $nindex++; 
      }
    }
  } else {
@ -503,10 +544,10 @@ if (defined ($o_ha)) {
      $key=$ha_tables . $ha_tables_state . "." . $index[$i] . ".0";
      if (($status{$ha_soft_name} = $$resultat{$key}) ne "OK") {
-	    $key=$ha_tables . $ha_tables_prbdesc . "." . $index[$i] . ".0";
+      $key=$ha_tables . $ha_tables_prbdesc . "." . $index[$i] . ".0";
-	    $status{$ha_soft_name} = $$resultat{$key};
+      $status{$ha_soft_name} = $$resultat{$key};
-	    $ha_print .= $ha_soft_name . ":" . $status{$ha_soft_name} . " ";
+      $ha_print .= $ha_soft_name . ":" . $status{$ha_soft_name} . " ";
-	    $ha_state_n=2
+      $ha_state_n=2
      }
      verb ("$ha_soft_name : $status{$ha_soft_name}");
    }
@ -548,6 +589,8 @@ if (($ha_state_n+$svn_state+$fw_state+$mgmt_state) == 0 ) {
 if (defined($o_perf) && defined ($perf_conn)) {
  $f_print .= " | fw_connexions=" . $perf_conn;
  $f_print .= " | fw_connexionsSR=" . $perf_connSR;
  $f_print .= " | fw_connexionsPeak=" . $perf_connPeak;
 }
 print "$f_print\n";
--- a/check_xroad_token/check_xroad_token.sh
+++ b/check_xroad_token/check_xroad_token.sh
@ -0,0 +1,15 @@
 #!/bin/bash
 xroad_list_tokens=$(signer-console list-tokens)
 if [[ $xroad_list_tokens == "Token: 0 (OK, writable, available, active)" ]]
 then
        echo "OK - $xroad_list_tokens"
        exit 0
 elif [[ $xroad_list_tokens != "Token: 0 (OK, writable, available, active)" ]]
 then
        echo "Critical - $xroad_list_tokens"
        exit 2
 else
        echo "Unknown - $xroad_list_tokens"
        exit 3
 fi
--- a/check_xroad_token/nagios-okplugin-check_xroad_token.spec
+++ b/check_xroad_token/nagios-okplugin-check_xroad_token.spec
@ -0,0 +1,52 @@
 %define debug_package %{nil}
 Summary:	A Nagios plugin to check status of XROAD soft-token
 Name:		nagios-okplugin-check_xroad_token
 Version:	1.2
 Release:	1%{?dist}
 License:	GPLv2+
 Group:		Applications/System
 URL:		https://github.com/opinkerfi/nagios-plugins/issues
 Source0:	http://opensource.ok.is/trac/browser/nagios-plugins/check_xroad_token/releases/nagios-okplugin-check_xroad_token-%{version}.tar.gz
 Requires:	nagios-nrpe
 Requires:	xroad-signer
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Packager:	Gardar Thorsteinsson <gardar@ok.is>
 %description
 A Nagios plugin to check status of XROAD soft-token
 %prep
 %setup -q
 #perl -pi -e "s|/usr/lib64|%{_libdir}|g" nrpe.d/check_xroad_token.cfg
 %build
 %install
 rm -rf %{buildroot}
 install -D -p -m 0755 check_xroad_token.sh %{buildroot}%{_libdir}/nagios/plugins/check_xroad_token.sh
 install -D -p -m 0755 nrpe.d/check_xroad_token.cfg %{buildroot}/etc/nrpe.d/check_xroad_token.cfg
 install -D -p -m 0644 sudoers.d/check_xroad_token %{buildroot}/etc/sudoers.d/check_xroad_token
 %clean
 rm -rf %{buildroot}
 %files
 %defattr(-,root,root,-)
 #%doc README LICENSE
 %{_libdir}/nagios/plugins/*
 /etc/nrpe.d/check_xroad_token.cfg
 /etc/sudoers.d/check_xroad_token
 %post
 restorecon -v %{_libdir}/nagios/plugins/check_xroad_token.sh /etc/nrpe.d/check_xroad_token.cfg /etc/sudoers.d/check_xroad_token
 %changelog
 * Mon Sep 14 2020 Your Name <you@example.com> 1.2-1
 - new package built with tito
 * Fri Sep 11 2020  Gardar Thorsteinsson <gardart@gmail.com> 1.0.1-1
 - Initial packaging
--- a/check_xroad_token/nrpe.d/check_xroad_token.cfg
+++ b/check_xroad_token/nrpe.d/check_xroad_token.cfg
@ -0,0 +1,2 @@
 # xroad plugin to check for tokens
 command[check_xroad_token]=sudo -u xroad /usr/lib64/nagios/plugins/check_xroad_token.sh
--- a/check_xroad_token/readme.md
+++ b/check_xroad_token/readme.md
@ -0,0 +1,9 @@
 # Required steps to use this check
 ```shell
 # On RHEL/Centos
 sudo semanage permissive -a nrpe_t
 sudo setsebool -P nagios_run_sudo 1
 sudo yum install nagios-okplugin-check_xroad_token -y
 sudo systemctl restart nrpe
 ```
--- a/check_xroad_token/sudoers.d/check_xroad_token
+++ b/check_xroad_token/sudoers.d/check_xroad_token
@ -0,0 +1,2 @@
 Defaults:nrpe   !requiretty
 nrpe            ALL = (xroad) NOPASSWD: /usr/bin/signer-console list-tokens, /usr/lib64/nagios/plugins/check_xroad_token.sh
--- a/check_yum/check_yum
+++ b/check_yum/check_yum
@ -1,24 +1,29 @@
-#!/usr/bin/python
+#!/usr/bin/env python
-# coding=utf-8
+#
 #  Author: Hari Sekhon
 #  Date: 2008-04-29 17:21:08 +0100 (Tue, 29 Apr 2008)
 #
 #  https://github.com/harisekhon/nagios-plugins
 #
 #  License: see accompanying LICENSE file
 #
-"""Nagios plugin to check the YUM package management system for package updates.
+"""
-   Can optionally alert on any available updates as well as just
+Nagios plugin to test for Yum updates on RedHat / CentOS Linux.
   security related updates"""
-__title__   = "check_yum"
+Can optionally alert on any available updates as well as just security related updates
 __version__ = "0.8.0"
-# Standard Nagios return codes
+See also: check_yum.pl (also part of the Advanced Nagios Plugins Collection)
-OK       = 0
+
-WARNING  = 1
+Tested on CentOS 5 / 6 / 7
-CRITICAL = 2
+"""
 UNKNOWN  = 3
 import os
 import re
 import sys
 import signal
 OLD_PYTHON = False
 # pylint: disable=wrong-import-position
 try:
    from subprocess import Popen, PIPE, STDOUT
 except ImportError:
@ -26,28 +31,41 @@ except ImportError:
    import commands
 from optparse import OptionParser
 __author__ = "Hari Sekhon"
 __title__ = "Nagios Plugin for Yum updates on RedHat/CentOS systems"
 __version__ = "0.8.9"
 # Standard Nagios return codes
 OK = 0
 WARNING = 1
 CRITICAL = 2
 UNKNOWN = 3
 DEFAULT_TIMEOUT = 30
 support_msg = "Please make sure you have upgraded to the latest version from " + \
              "https://github.com/harisekhon/nagios-plugins. If the problem persists, " + \
              "please raise a ticket at https://github.com/harisekhon/nagios-plugins/issues "+ \
              "with the full -vvv output"
-def end(status, message, perfdata=''):
+def end(status, message):
    """Exits the plugin with first arg as the return code and the second
    arg as the message to output"""
-    
+
    check = "YUM "
    if status == OK:
-        print "%sOK: %s | %s" % (check, message, perfdata)
+        print "%sOK: %s" % (check, message)
        sys.exit(OK)
    elif status == WARNING:
-        print "%sWARNING: %s | %s" % (check, message, perfdata)
+        print "%sWARNING: %s" % (check, message)
        sys.exit(WARNING)
    elif status == CRITICAL:
-        print "%sCRITICAL: %s | %s" % (check, message, perfdata)
+        print "%sCRITICAL: %s" % (check, message)
        sys.exit(CRITICAL)
    else:
        print "UNKNOWN: %s" % message
        sys.exit(UNKNOWN)
 YUM = "/usr/bin/yum"
 def check_yum_usable():
@ -62,26 +80,28 @@ def check_yum_usable():
        end(UNKNOWN, "%s is not executable" % YUM)
-class YumTester:
+class YumTester(object):
    """Class to hold all portage test functions and state"""
    def __init__(self):
        """Initialize all object variables"""
-        self.all_updates        = False
+        self.all_updates = False
-        self.no_cache_update    = False
+        self.no_cache_update = False
-        self.no_warn_on_lock    = False
+        self.no_warn_on_lock = False
-        self.enable_repo        = ""
+        self.enable_repo = ""
-        self.disable_repo       = ""
+        self.disable_repo = ""
-        self.timeout            = DEFAULT_TIMEOUT
+        self.disable_plugin = ""
-        self.verbosity          = 0
+        self.yum_config = ""
        self.timeout = DEFAULT_TIMEOUT
        self.verbosity = 0
        self.warn_on_any_update = False
    def validate_all_variables(self):
-        """Validates all object variables to make sure the 
+        """Validates all object variables to make sure the
        environment is sane"""
-        if self.timeout == None:
+        if self.timeout is None:
            self.timeout = DEFAULT_TIMEOUT
        try:
            self.timeout = int(self.timeout)
@ -92,7 +112,7 @@ class YumTester:
        if self.timeout < 1 or self.timeout > 3600:
            end(UNKNOWN, "Timeout must be a number between 1 and 3600 seconds")
-        if self.verbosity == None:
+        if self.verbosity is None:
            self.verbosity = 0
        try:
            self.verbosity = int(self.verbosity)
@ -104,13 +124,13 @@ class YumTester:
    def run(self, cmd):
-        """runs a system command and returns 
+        """runs a system command and returns
        an array of lines of the output"""
-        if cmd == "" or cmd == None:
+        if not cmd:
            end(UNKNOWN, "Internal python error - " \
                       + "no cmd supplied for run function")
-       
+
        if self.no_cache_update:
            cmd += " -C"
@ -121,32 +141,43 @@ class YumTester:
            for repo in self.disable_repo.split(","):
                cmd += " --disablerepo=%s" % repo
        if self.disable_plugin:
            # --disableplugin can take a comma separated list directly
            #for plugin in self.disable_plugin.split(","):
                #cmd += " --disableplugin=%s" % plugin
            cmd += " --disableplugin=%s" % self.disable_plugin
        if self.yum_config:
            for repo in self.yum_config.split(","):
                cmd += " --config=%s" % repo
        self.vprint(3, "running command: %s" % cmd)
        if OLD_PYTHON:
            self.vprint(3, "subprocess not available, probably old python " \
                         + "version, using shell instead")
            os.environ['LANG'] = "en_US"
            returncode, stdout = commands.getstatusoutput(cmd)
            if returncode >= 256:
                returncode = returncode / 256
        else:
            try:
-                process = Popen( cmd.split(), 
+                env = {'LANG': 'en_US'}
-                                 stdin=PIPE, 
+                process = Popen(cmd.split(), stdin=PIPE, stdout=PIPE, stderr=STDOUT, env=env)
                                 stdout=PIPE, 
                                 stderr=STDOUT )
            except OSError, error:
                error = str(error)
                if error == "No such file or directory":
                    end(UNKNOWN, "Cannot find utility '%s'" % cmd.split()[0])
                end(UNKNOWN, "Error trying to run utility '%s' - %s" \
                                                  % (cmd.split()[0], error))
-        
+
            output = process.communicate()
            # for using debug outputs, either do not comment above line or explicitly set exit code below
            #output = [open(os.path.dirname(__file__) + '/test_input.txt').read(), '']
            returncode = process.returncode
            stdout = output[0]
-        
+
-        if stdout == None or stdout == "":
+        if not stdout:
            end(UNKNOWN, "No output from utility '%s'" % cmd.split()[0])
        self.vprint(3, "Returncode: '%s'\nOutput: '%s'" \
@ -158,19 +189,21 @@ class YumTester:
    def check_returncode(self, returncode, output):
-        """Takes the returncode and output (as an array of lines) 
+        """Takes the returncode and output (as an array of lines)
-        of the YUM program execution and tests for failures, exits 
+        of the yum program execution and tests for failures, exits
        with an appropriate message if any are found"""
        if returncode == 0:
-            pass
+            for line in output:
                if "You must run this command as root" in line:
                    end(UNKNOWN, "You must run this plugin as root")
        elif returncode == 100:
            # Updates Available
            pass
        elif returncode == 200:
            if "lock" in output[-2] or "another copy is running" in output[-2]:
                msg = "Cannot check for updates, " \
-                    + "another instance of YUM is running"
+                    + "another instance of yum is running"
                if self.no_warn_on_lock:
                    end(OK, msg)
                else:
@ -179,10 +212,15 @@ class YumTester:
                output = self.strip_output(output)
                end(UNKNOWN, "%s" % output)
        else:
-            if not 'Loading "security" plugin' in output \
+            if 'No more mirrors to try' in output:
                end(UNKNOWN, 'connectivity issue to repos: \'No more mirrors to try\'. ' + \
                             'You could also try running --cache-only and ' + \
                             'scheduling a separate \'yum makecache\' via cron or similar')
            elif (not ('Loading "security" plugin' in output or 'Loaded plugins:.*security' in output)) \
               or "Command line error: no such option: --security" in output:
-                end(UNKNOWN, "Security plugin for YUM is required. Try to "    \
+                end(UNKNOWN, "Security plugin for yum is required. Try to "    \
-                           + "'yum install yum-security' and then re-run "     \
+                           + "'yum install yum-security' (RHEL5) or " \
                           + "'yum install yum-plugin-security' (RHEL6) and then re-run " \
                           + "this plugin. Alternatively, to just alert on "   \
                           + "any update which does not require the security " \
                           + "plugin, try --all-updates")
@ -192,8 +230,8 @@ class YumTester:
    def strip_output(self, output):
-        """Cleans up the output from the plugin and returns it. 
+        """Cleans up the output from the plugin and returns it.
-        Takes and returns an array of the lines of output 
+        Takes and returns an array of the lines of output
        and returns a single string"""
        self.vprint(3, "stripping output of 'Loading ... plugin' lines")
@ -243,149 +281,137 @@ class YumTester:
        return number_security_updates, number_other_updates
-    
+
    def get_all_updates(self):
-        """Gets all updates. Returns a single integer of the 
+        """Gets all updates. Returns a single integer of the
        number of available updates"""
        cmd = "%s check-update" % YUM
-        
+
        output = self.run(cmd)
-        output2 = "\n".join(output).split("\n\n")
+        output2 = [_ for _ in "\n".join(output).split("\n\n") if  _]
-        if self.verbosity >= 4 :
+        if self.verbosity >= 4:
            for section in output2:
                print "\nSection:\n%s\n" % section
        if len(output2) > 2 or \
-           not ( "Setting up repositories" in output2[0] or \
+           not ("Setting up repositories" in output2[0] or \
-                 "Loaded plugins: " in output2[0] or \
+                "Loaded plugins: " in output2[0] or \
-                 re.search('Loading\s+".+"\s+plugin', output2[0]) ):
+                re.search(r'Loading\s+".+"\s+plugin', output2[0])):
            end(WARNING, "Yum output signature does not match current known "  \
-                       + "format. Please make sure you have upgraded to the "  \
+                       + "format. " + support_msg)
-                       + "latest version of this plugin. If the problem "      \
+        number_packages = 0
                       + "persists, please contact the author for a fix")
        if len(output2) == 1:
-            # There are no updates but we have passed 
+            # There are no updates but we have passed
            # the loading and setting up of repositories
-            number_packages = 0
+            pass
        else:
-            number_packages = len([x for x in output2[1].split("\n") \
+            for line in output2[1].split("\n"):
-                                                        if len(x.split()) > 1 ])
+                if len(line.split()) > 1 and \
-        
+                   line[0:1] != " " and \
                   "Obsoleting Packages" not in line:
                    number_packages += 1
        try:
            number_packages = int(number_packages)
            if number_packages < 0:
                raise ValueError
        except ValueError:
            end(UNKNOWN, "Error parsing package information, invalid package " \
-                       + "number, YUM output may have changed. Please make "   \
+                       + "number, yum output may have changed. " + support_msg)
                       + "sure you have upgraded to the latest version of "    \
                       + "this plugin. If the problem persists, then please "  \
                       + "contact the author for a fix")
-        # Extra layer of checks. This is a security plugin so it's preferable 
+        # Extra layer of checks. This is a security plugin so it's preferable
-        # to fail on error rather than pass silently leaving you with an 
+        # to fail on error rather than pass silently leaving you with an
        # insecure system
        count = 0
        re_kernel_security_update = re.compile('^Security: kernel-.+ is an installed security update')
        re_kernel_update = re.compile('^Security: kernel-.+ is the currently running version')
        re_package_format = \
-                re.compile("^.+\.(i[3456]86|x86_64|noarch)\s+.+\s+.+$")
+                re.compile(r'^.+\.(i[3456]86|x86_64|noarch)\s+.+\s+.+$')
-        # This is to work around a YUM truncation issue effectively changing
+        # This is to work around a yum truncation issue effectively changing
        # the package output format. Currently only very long kmod lines
        # are seen to have caused this so we stick to what we know for safety
        # and raise an unknown error on anything else for maximum security
        #re_package_format_truncated = \
        #        re.compile("^[\w-]+-kmod-\d[\d\.-]+.*\s+.+\s+.+$")
        obsoleting_packages = False
        for line in output:
            if ' excluded ' in line:
                continue
            elif obsoleting_packages and line[0:1] == " ":
                continue
            elif "Obsoleting Packages" in line:
                obsoleting_packages = True
                continue
            elif re_kernel_security_update.match(line):
                end(WARNING, 'Kernel security update is installed but requires a reboot')
            elif re_kernel_update.match(line):
                continue
            if re_package_format.match(line):
                count += 1
        if count != number_packages:
            end(UNKNOWN, "Error parsing package information, inconsistent "    \
-                       + "package count, yum output may have changed. Please " \
+                       + "package count (%d count vs %s num packages)" % (count, number_packages) \
-                       + "make sure you have upgraded to the latest version "  \
+                       + ", yum output may have changed. " + support_msg)
                       + "of this plugin. If the problem persists, then "      \
                       + "please contact the author for a fix")
-        return number_packages, "'updates'=%s" % (number_packages)
+        return number_packages
    def get_security_updateinfo(self):
        """Fetches errata numbers and package names"""
        cmd = "%s list-security" % YUM
        output = self.run(cmd)
        errata = []
        for line in output:
 	    try:
                if line.split()[1] != "security" and line.split()[1][-4:] != "Sec.":
                    continue
            except:
                continue
 	    (advisoryid, etype, package) = line.split()
            errata.append( { "name": package, "advisory": advisoryid } )
        return errata
    def get_security_updates(self):
        """Gets all updates, but differentiates between
-        security and normal updates. Returns a tuple of the number 
+        security and normal updates. Returns a tuple of the number
        of security and normal updates"""
        cmd = "%s --security check-update" % YUM
        output = self.run(cmd)
-        
+
-        re_security_summary_rhel5 = re.compile("Needed \d+ of \d+ packages, for security")
+        re_security_summary = \
-        re_security_summary_rhel6 = re.compile("\d+ package\(s\) needed for security, out of \d+ available")
+                re.compile(r'Needed (\d+) of (\d+) packages, for security')
-        re_no_security_updates_available_rhel5 = re.compile("No packages needed, for security, \d+ available")
+        re_summary_rhel6 = re.compile(r'(\d+) package\(s\) needed for security, out of (\d+) available')
-        re_no_security_updates_available_rhel6 = re.compile("No packages needed for security; \d+ packages available")
+        re_no_sec_updates = \
                re.compile(r'No packages needed,? for security[;,] (\d+) (?:packages )?available')
        re_kernel_update = re.compile(r'^Security: kernel-.+ is an installed security update')
        summary_line_found = False
        for line in output:
-            if re_no_security_updates_available_rhel5.match(line):
+            _ = re_summary_rhel6.match(line)
            if _:
                summary_line_found = True
                number_security_updates = _.group(1)
                number_total_updates = _.group(2)
                break
            _ = re_no_sec_updates.match(line)
            if _:
                summary_line_found = True
                number_security_updates = 0
-                number_total_updates    = line.split()[5]
+                number_total_updates = _.group(1)
                break
-            if re_no_security_updates_available_rhel6.match(line):
+            _ = re_security_summary.match(line)
            if _:
                summary_line_found = True
-                number_security_updates = 0
+                number_security_updates = _.group(1)
-                number_total_updates    = line.split()[5]
+                number_total_updates = _.group(2)
                break
            if re_security_summary_rhel5.match(line):
                summary_line_found = True
                number_security_updates = line.split()[1]
                number_total_updates    = line.split()[3]
                break
            if re_security_summary_rhel6.match(line):
                summary_line_found = True
                number_security_updates = line.split()[0]
                number_total_updates    = line.split()[7]
                break
            _ = re_kernel_update.match(line)
            if _:
                end(CRITICAL, "Kernel security update is installed but requires a reboot")
        if not summary_line_found:
-            end(WARNING, "Cannot find summary line in YUM output. Please "     \
+            end(WARNING, "Cannot find summary line in yum output. " + support_msg)
                       + "make sure you have upgraded to the latest version "  \
                       + "of this plugin. If the problem persists, please "    \
                       + "contact the author for a fix")
        try:
            number_security_updates = int(number_security_updates)
            number_total_updates = int(number_total_updates)
        except ValueError:
-            end(WARNING, "Error parsing package information, YUM output " \
+            end(WARNING, "Error parsing package information, yum output " \
-                       + "may have changed. Please make sure you have "     \
+                       + "may have changed. " + support_msg)
                       + "upgraded to the latest version of this plugin. "  \
                       + "If the problem persists, the please contact the " \
                       + "author for a fix")
        number_other_updates = number_total_updates - number_security_updates
-         
+
-        if len(output) > number_total_updates + 25:
+        from_excluded_regex = re.compile(' from .+ excluded ')
        if len([_ for _ in output if not from_excluded_regex.search(_)]) > number_total_updates + 25:
            end(WARNING, "Yum output signature is larger than current known "  \
-                       + "format, please make sure you have upgraded to the "  \
+                       + "format. " + support_msg)
                       + "latest version of this plugin. If the problem "      \
                       + "persists, please contact the author for a fix")
        return number_security_updates, number_other_updates
@ -394,26 +420,25 @@ class YumTester:
        """Starts tests and controls logic flow"""
        check_yum_usable()
-        self.vprint(3, "%s - Version %s\n" \
+        self.vprint(3, "%s - Version %s\nAuthor: %s\n" \
-            % (__title__, __version__))
+            % (__title__, __version__, __author__))
-        
+
        self.validate_all_variables()
        self.set_timeout()
-  
+
        if self.all_updates:
            return self.test_all_updates()
-        else:
+        return self.test_security_updates()
            return self.test_security_updates()
    def test_all_updates(self):
-        """Tests for all updates, and returns a tuple 
+        """Tests for all updates, and returns a tuple
        of the status code and output"""
-        status  = UNKNOWN
+        status = UNKNOWN
-        message = "code error - please contact author for a fix"
+        message = "code error. " + support_msg
-        number_updates, perfdata = self.get_all_updates()
+        number_updates = self.get_all_updates()
        if number_updates == 0:
            status = OK
            message = "0 Updates Available"
@ -424,20 +449,20 @@ class YumTester:
            else:
                message = "%s Updates Available" % number_updates
-        return status, message, perfdata
+        message += " | total_updates_available=%s" % number_updates
        return status, message
    def test_security_updates(self):
        """Tests for security updates and returns a tuple
        of the status code and output"""
-        status  = UNKNOWN
+        status = UNKNOWN
-        message = "code error - please contact author for a fix"
+        message = "code error. " + support_msg
-        
+
        number_security_updates, number_other_updates = \
                                                    self.get_security_updates()
 	perfdata = "'security_updates'=%s 'other_updates'=%s" % (number_security_updates, number_other_updates)
        if number_security_updates == 0:
            status = OK
            message = "0 Security Updates Available"
@ -448,6 +473,7 @@ class YumTester:
            elif number_security_updates > 1:
                message = "%s Security Updates Available" \
                                                    % number_security_updates
        if number_other_updates != 0:
            if self.warn_on_any_update and status != CRITICAL:
                status = WARNING
@ -456,13 +482,10 @@ class YumTester:
            else:
                message += ". %s Non-Security Updates Available" \
                                                        % number_other_updates
-                                
+        message += " | security_updates_available=%s non_security_updates_available=%s total_updates_available=%s" \
-        if number_security_updates and self.long_output:
+                   % (number_security_updates, number_other_updates, number_security_updates + number_other_updates)
-            errata = self.get_security_updateinfo()
+
-            for e in errata:
+        return status, message
                message += "\n%s - %s" % (e['advisory'], e['name'])
        return status, message, perfdata
    def vprint(self, threshold, message):
@ -479,88 +502,97 @@ def main():
    tester = YumTester()
    parser = OptionParser()
-    parser.add_option( "--all-updates",
+    parser.add_option("-A",
-                       action="store_true",
+                      "--all-updates",
-                       dest="all_updates",
+                      action="store_true",
-                       help="Does not distinguish between security and "      \
+                      dest="all_updates",
-                          + "non-security updates, but returns critical for " \
+                      help="Does not distinguish between security and "      \
-                          + "any available update. This may be used if the "  \
+                         + "non-security updates, but returns critical for " \
-                          + "YUM security plugin is absent or you want to "   \
+                         + "any available update. This may be used if the "  \
-                          + "maintain every single package at the latest "    \
+                         + "yum security plugin is absent or you want to "   \
-                          + "version. You may want to use "                   \
+                         + "maintain every single package at the latest "    \
-                          + "--warn-on-any-update instead of this option")
+                         + "version. You may want to use "                   \
                         + "--warn-on-any-update instead of this option")
-    parser.add_option( "--warn-on-any-update",
+    parser.add_option("-W",
-                       action="store_true",
+                      "--warn-on-any-update",
-                       dest="warn_on_any_update",
+                      action="store_true",
-                       help="Warns if there are any (non-security) package "   \
+                      dest="warn_on_any_update",
-                          + "updates available. By default only warns when "   \
+                      help="Warns if there are any (non-security) package "   \
-                          + "security related updates are available. If "      \
+                         + "updates available. By default only warns when "   \
-                          + "--all-updates is used, then this option is "      \
+                         + "security related updates are available. If "      \
-                          + "redundant as --all-updates will return a "        \
+                         + "--all-updates is used, then this option is "      \
-                          + "critical result on any available update, "        \
+                         + "redundant as --all-updates will return a "        \
-                          + "whereas using this switch still allows you to "   \
+                         + "critical result on any available update, "        \
-                          + "differentiate between the severity of updates ")
+                         + "whereas using this switch still allows you to "   \
                         + "differentiate between the severity of updates ")
-    parser.add_option( "-C",
+    parser.add_option("-C",
-                       "--cache-only",
+                      "--cache-only",
-                       action="store_true",
+                      action="store_true",
-                       dest="no_cache_update",
+                      dest="no_cache_update",
-                       help="Run entirely from cache and do not update the " \
+                      help="Run entirely from cache and do not update the " \
-                          + "cache when running YUM. Useful if you have "    \
+                         + "cache when running yum. Useful if you have "    \
-                          + "'yum makecache' cronned so that the nagios "    \
+                         + "'yum makecache' cronned so that the nagios "    \
-                          + "check itself doesn't have to do it, possibly "  \
+                         + "check itself doesn't have to do it, possibly "  \
-                          + "speeding up execution (by 1-2 seconds in tests)")
+                         + "speeding up execution (by 1-2 seconds in tests)")
-    parser.add_option( "--no-warn-on-lock",
+    parser.add_option("-c",
-                       action="store_true",
+                      "--config",
-                       dest="no_warn_on_lock",
+                      dest="yum_config",
-                       help="Return OK instead of WARNING when YUM is locked " \
+                      help="Run with custom repository config in order to use " \
-                          + "and fails to check for updates due to another "   \
+                         + "custom repositories in case of special setup for")
                          + "instance running. This is not recommended from "  \
                          + "the security standpoint, but may be wanted to "   \
                          + "reduce the number of alerts that may "            \
                          + "intermittently pop up when someone is running "   \
                          + "YUM interactively for package management")
-    parser.add_option( "--enablerepo",
+    parser.add_option("-N",
-                       dest="repository_to_enable",
+                      "--no-warn-on-lock",
-                       help="Explicitly enables a reposity when calling YUM. "
+                      action="store_true",
-                          + "Can take a comma separated list of repositories")
+                      dest="no_warn_on_lock",
                      help="Return OK instead of WARNING when yum is locked " \
                         + "and fails to check for updates due to another "   \
                         + "instance running. This is not recommended from "  \
                         + "the security standpoint, but may be wanted to "   \
                         + "reduce the number of alerts that may "            \
                         + "intermittently pop up when someone is running "   \
                         + "yum for package management")
-    parser.add_option( "--disablerepo",
+    parser.add_option("-e",
-                       dest="repository_to_disable",
+                      "--enablerepo",
-                       help="Explicitly disables a repository when calling YUM "
+                      dest="repository_to_enable",
-                          + "Can take a comma separated list of repositories")
+                      help="Explicitly enables a reposity when calling yum. " +
                      "Can take a comma separated list of repositories")
-    parser.add_option( "-l",
+    parser.add_option("-d",
-                       "--long-output",
+                      "--disablerepo",
-                       action="store_true",
+                      dest="repository_to_disable",
-                       dest="long_output",
+                      help="Explicitly disables a repository when calling yum. " \
-                       help="Shows more detailed output including the errata "
+                         + "Can take a comma separated list of repositories")
                          + "ID.")
-    parser.add_option( "-t",
+    parser.add_option("--disableplugin",
-                       "--timeout",
+                      dest="plugin_to_disable",
-                       dest="timeout",
+                      help="Explicitly disables a plugin when calling yum. " \
-                       help="Sets a timeout in seconds after which the "  \
+                         + "Can take a comma separated list of plugins")
-                           +"plugin will exit (defaults to %s seconds). " \
+
    parser.add_option("-t",
                      "--timeout",
                      dest="timeout",
                      help="Sets a timeout in seconds after which the "  \
                          +"plugin will exit (defaults to %s seconds). " \
                                                      % DEFAULT_TIMEOUT)
-    parser.add_option( "-v", 
+    parser.add_option("-v",
-                       "--verbose", 
+                      "--verbose",
-                       action="count", 
+                      action="count",
-                       dest="verbosity",
+                      dest="verbosity",
-                       help="Verbose mode. Can be used multiple times to "     \
+                      help="Verbose mode. Can be used multiple times to "     \
-                          + "increase output. Use -vvv for debugging output. " \
+                         + "increase output. Use -vvv for debugging output. " \
-                          + "By default only one result line is printed as "   \
+                         + "By default only one result line is printed as "   \
-                          + "per Nagios standards")
+                         + "per Nagios standards")
-    parser.add_option( "-V",
+    parser.add_option("-V",
-                       "--version",
+                      "--version",
-                       action="store_true",
+                      action="store_true",
-                       dest="version",
+                      dest="version",
-                       help="Print version number and exit")
+                      help="Print version number and exit")
    (options, args) = parser.parse_args()
@ -568,23 +600,24 @@ def main():
        parser.print_help()
        sys.exit(UNKNOWN)
-    tester.all_updates                 = options.all_updates
+    tester.all_updates = options.all_updates
-    tester.no_cache_update             = options.no_cache_update
+    tester.no_cache_update = options.no_cache_update
-    tester.no_warn_on_lock             = options.no_warn_on_lock
+    tester.no_warn_on_lock = options.no_warn_on_lock
-    tester.enable_repo                 = options.repository_to_enable
+    tester.enable_repo = options.repository_to_enable
-    tester.disable_repo                = options.repository_to_disable
+    tester.disable_repo = options.repository_to_disable
-    tester.timeout                     = options.timeout
+    tester.disable_plugin = options.plugin_to_disable
-    tester.verbosity                   = options.verbosity
+    tester.yum_config = options.yum_config
-    tester.warn_on_any_update          = options.warn_on_any_update
+    tester.timeout = options.timeout
-    tester.long_output                 = options.long_output
+    tester.verbosity = options.verbosity
    tester.warn_on_any_update = options.warn_on_any_update
    if options.version:
-        print "%s - Version %s\n" \
+        print "%s - Version %s\nAuthor: %s\n" \
-            % (__title__, __version__)
+            % (__title__, __version__, __author__)
        sys.exit(OK)
-    
+
-    result, output, perfdata = tester.test_yum_updates()
+    result, output = tester.test_yum_updates()
-    end(result, output, perfdata)
+    end(result, output)
 if __name__ == "__main__":
@ -593,37 +626,3 @@ if __name__ == "__main__":
    except KeyboardInterrupt:
        print "Caught Control-C..."
        sys.exit(CRITICAL)
 #Copyright © ?–?, Hari Sekhon <harisekhon@gmail.com>.
 #Copyright © 2012, Christoph Anton Mitterer <mail@christoph.anton.mitterer.name>.
 #All rights reserved.
 #
 #
 #This program is free software; you can redistribute it and/or
 #modify it under the terms of the GNU General Public License
 #as published by the Free Software Foundation; version 2
 #of the License.
 #
 #This program is distributed in the hope that it will be useful,
 #but WITHOUT ANY WARRANTY; without even the implied warranty of
 #MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 #GNU General Public License for more details.
 #
 #You should have received a copy of the GNU General Public License
 #along with this program; if not, write to the Free Software
 #Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
--- a/rel-eng/packages/nagios-okplugin-check_xroad_token
+++ b/rel-eng/packages/nagios-okplugin-check_xroad_token
@ -0,0 +1 @@
 1.2-1 check_xroad_token/
--- a/rel-eng/releasers.conf
+++ b/rel-eng/releasers.conf
@ -3,6 +3,7 @@
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-7-x86_64
 srpm_disttag = .el7
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel7/x86_64/
 # RHEL 7 Test
@ -10,6 +11,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel7/x86_64/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-7-x86_64
 srpm_disttag = .el7
 builder.test = 1
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel7/x86_64/
@ -19,12 +21,14 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel7/x8
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-x86_64
 srpm_disttag = .el6
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/x86_64/
 [production-el6-i386]
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-i386
 srpm_disttag = .el6
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/i386/
@ -34,6 +38,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel6/i386/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-x86_64
 srpm_disttag = .el5
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/x86_64/
@ -42,6 +47,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/x86_64/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-i386
 srpm_disttag = .el5
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/i386/
@ -50,6 +56,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/rhel5/i386/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-x86_64
 srpm_disttag = .el6
 builder.test = 1
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/x86_64/
@ -58,6 +65,7 @@ releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-6-i386
 builder.test = 1
 srpm_disttag = .el6
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/i386/
@ -66,6 +74,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel6/i3
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-x86_64
 srpm_disttag = .el5
 builder.test = 1
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/x86_64/
@ -75,6 +84,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/x8
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = epel-5-i386
 srpm_disttag = .el5
 builder.test = 1
 createrepo_command = createrepo -s sha1 .
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/i386/
@ -86,6 +96,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/rhel5/i3
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = fedora-20-x86_64
 srpm_disttag = .fc20
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/fedora20/x86_64/
 # Fedora FC20
@ -93,6 +104,7 @@ rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/fedora20/x86_64/
 releaser = tito.release.YumRepoReleaser
 builder = tito.builder.MockBuilder
 builder.mock = fedora-20-x86_64
 srpm_disttag = .fc20
 builder.test = 1
 rsync = tito@opensource.is:/var/www/sites/opensource.ok.is/repo/testing/fedora20/x86_64/
Author	SHA1	Message	Date
Guðvarður Ólafsson	ffbdd754d4	Create readme.md	2022-01-04 13:20:15 +00:00
Garðar Þorsteinsson	0440124d3a	Merge pull request #45 from monitoreoDotOsiAtUchileDotCl/master :D	2020-10-28 16:34:34 +00:00
monitoreoDotOsiAtUchileDotCl	36582886c9	warn/crit threshold 4 connRate, warning/crit output improvement	2020-10-28 12:24:56 -03:00
monitoreoDotOsiAtUchileDotCl	21c7874418	warn/crit threshold 4 connRate, warning/crit output improvement	2020-10-28 12:17:15 -03:00
Garðar Þorsteinsson	6b12d2414a	Merge pull request #44 from monitoreoDotOsiAtUchileDotCl/master warn/crit threshold 4 connRate	2020-10-26 21:34:49 +00:00
monitoreoDotOsiAtUchileDotCl	ac1f45311e	warn/crit threshold 4 connRate	2020-10-26 17:46:39 -03:00
Garðar Þorsteinsson	be3ea24fd8	Merge pull request #43 from monitoreoDotOsiAtUchileDotCl/master some improvements	2020-10-22 15:34:40 +00:00
monitoreoDotOsiAtUchileDotCl	1f9e1444cc	another minor change, libexec path	2020-10-22 10:37:42 -03:00
monitoreoDotOsiAtUchileDotCl	bdb3233198	minor changes ,using spaces instead of tabs	2020-10-22 10:32:57 -03:00
monitoreoDotOsiAtUchileDotCl	f22a7d8fb8	patch 1.2.1a	2020-10-22 10:27:34 -03:00
Garðar Þorsteinsson	6c12036e30	Update releasers.conf	2020-09-14 12:31:11 +00:00
Your Name	8aed467ab0	Automatic commit of package [nagios-okplugin-check_xroad_token] release [1.2-1].	2020-09-14 11:51:06 +00:00
Garðar Þorsteinsson	df42d6ee6d	Merge pull request #41 from opinkerfi/xroad-check_xroad_token check_xroad_token plugin created	2020-09-11 16:04:15 +00:00
Garðar Þorsteinsson	223331510b	check_xroad_token plugin created	2020-09-11 16:01:05 +00:00
Garðar Þorsteinsson	ea93f8126f	Fix masking of exit code	2020-09-11 11:09:40 +00:00
Garðar Þorsteinsson	3ad7f64f55	Merge pull request #40 from opinkerfi/check_service Added check_service plugin	2020-04-21 12:58:41 +00:00
Gardar Thorsteinsson	e48179add8	Added check_service	2020-04-21 12:56:55 +00:00
Gardar Thorsteinsson	56960140fe	Added check_service plugin	2020-04-21 12:52:47 +00:00
Garðar Þorsteinsson	9eda5324d5	Merge pull request #39 from opinkerfi/plugin_check_yum_update Updated check_yum to 0.8.9	2019-10-23 15:45:05 +00:00
Gardar Thorsteinsson	09f29727fb	Updated check_yum to 0.8.9	2019-10-23 15:44:17 +00:00
Garðar Þorsteinsson	bb55bd5e09	Update nagios-okplugin-check_hpssacli.spec	2019-06-14 14:43:15 +00:00
Garðar Þorsteinsson	4d6b5ce427	Merge pull request #38 from opinkerfi/plugin-check_hpssacli Initial packaging of hpssacli plugin	2019-06-14 14:10:13 +00:00
Gardar Thorsteinsson	d9b0b77dc1	ssacli path updated for windows	2019-06-14 14:09:35 +00:00
Gardar Thorsteinsson	23714fa9cd	Initial packaging of hpssacli plugin	2019-06-14 11:18:20 +00:00
Garðar Þorsteinsson	22062ef76f	Merge pull request #36 from Popsiclestick/patch-1 Fix check_ipa_replication	2019-04-10 15:21:26 +00:00
Michael Salsone	f774b44b47	Update check_ipa_replication Fix this slice so it gets the correct value.	2017-12-07 10:27:20 -06:00
		`@ -0,0 +1,2 @@`
							`command[check_hpssacli]=sudo /usr/lib/nagios/plugins/check_hpssacli.py`
		`@ -0,0 +1,2 @@`
							`Defaults:nrpe !requiretty`
							`nrpe ALL=(ALL) NOPASSWD: /usr/lib64/nagios/plugins/check_hpssacli.py`
		`@ -0,0 +1 @@`
							`command[check_service]=/usr/lib/nagios/plugins/check_service.sh`
		`@ -0,0 +1,2 @@`
							`# xroad plugin to check for tokens`
							`command[check_xroad_token]=sudo -u xroad /usr/lib64/nagios/plugins/check_xroad_token.sh`
		`@ -0,0 +1,2 @@`
							`Defaults:nrpe !requiretty`
							`nrpe ALL = (xroad) NOPASSWD: /usr/bin/signer-console list-tokens, /usr/lib64/nagios/plugins/check_xroad_token.sh`