47 lines
1.3 KiB
Bash
47 lines
1.3 KiB
Bash
#!/bin/sh
|
|
#
|
|
|
|
if [ "$1" = "-e" ] && [ ! -z "$2" ]; then
|
|
|
|
exitstatus=2 #default
|
|
|
|
endpoint=$2
|
|
name_instead=$4
|
|
|
|
regex="\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b"
|
|
|
|
IPTEST=$(echo $endpoint | egrep $regex)
|
|
if [ "$?" -eq 0 ]
|
|
then
|
|
result=$(/usr/local/sbin/ipsec statusall | grep 'ESTABLISHED' | grep $endpoint | cut -d":" -f2 | cut -d "," -f1 | sed -e 's/^[ \t]*//')||exit 3
|
|
else
|
|
hostip=$(dig +short $endpoint)
|
|
result=$(/usr/local/sbin/ipsec statusall | grep 'ESTABLISHED' | grep $hostip | cut -d":" -f2 | cut -d "," -f1 | sed -e 's/^[ \t]*//')||exit 3
|
|
fi
|
|
|
|
if [ "$name_instead" != "" ]
|
|
then
|
|
endpoint=$name_instead
|
|
fi
|
|
|
|
if [ "$result" != "" ]
|
|
then
|
|
echo "OK - IPSEC VPN tunnel to $endpoint - $result"
|
|
exitstatus=0
|
|
else
|
|
echo "CRITICAL - IPSEC VPN tunnel not found: $endpoint"
|
|
exitstatus=2
|
|
fi
|
|
|
|
#echo "exit: $exitstatus"
|
|
exit $exitstatus
|
|
|
|
else
|
|
echo "check_pf_ipsec_tunnel.sh - Nagios Plugin for checking IPSEC tunnel status on pfSense "
|
|
echo ""
|
|
echo "Usage: check_pf_ipsec_tunnel.sh -e <remote gateway> [-name instead of IP address]"
|
|
echo "Note: must be the same IP or hostname used in IPSEC config"
|
|
echo "Example: check_pf_ipsec_tunnel.sh -e 4.4.4.4 -name Google"
|
|
exit 3
|
|
fi
|