[Nagiosplug-devel] [ nagiosplug-Patches-3515506 ] Add authoritative verification to check_dig

SourceForge.net noreply at sourceforge.net
Fri Apr 6 16:50:48 CEST 2012


Patches item #3515506, was opened at 2012-04-06 07:50
Message generated for change (Tracker Item Submitted) made by bruce_p
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397599&aid=3515506&group_id=29880

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: Enhancement
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Bruce Pennypacker (bruce_p)
Assigned to: Nobody/Anonymous (nobody)
Summary: Add authoritative verification to check_dig

Initial Comment:
This patch adds the -e option to check_dig, which checks that the 'aa' flag is returned in the 'flags' stanza from dig.  This verifies that the responding name server is an authority for the for the domain being queried.

Patch against Plugin Version (-V output): check_dig v1.4.15 (nagios-plugins 1.4.15)
Plugin Name: check_dig
Example Plugin Commandline:
Tested on operating system: linux (RedHat 5.7)
Tested on architecture: x86, x86_64
Tested with compiler: gcc 4.1.2

Examples (demonstrates that ns-1.sourceforge.com is authoritative for sf.net):

[brucep at carbon:~/tmp] ./check_dig -H NS-1.SOURCEFORGE.COM -l sf.net -w 10 -c 20 -e
DNS OK - 0.012 seconds response time (sf.net.   3600 IN A 216.34.181.62)|time=0.012328s;10.000000;20.000000;0.000000
[brucep at carbon:~/tmp] echo $?
0
[brucep at carbon:~/tmp] ./check_dig -H 4.2.2.2 -l sf.net -w 10 -c 20 -e
DNS CRITICAL - 0.033 seconds response time (Non-authoritative answer when authoritative answer required.)|time=0.032638s;10.000000;20.000000;0.000000
[brucep at carbon:~/tmp] echo $?
2
[brucep at carbon:~/tmp] ./check_dig -H 4.2.2.2 -l sf.net -w 10 -c 20 
DNS OK - 0.010 seconds response time (sf.net.   3576 IN A 216.34.181.62)|time=0.010212s;10.000000;20.000000;0.000000
[brucep at carbon:~/tmp] echo $?
0

Note: Last test does not use -e to ensure an otherwise valid response from dig.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397599&aid=3515506&group_id=29880




More information about the Devel mailing list