snmpv3 patches

git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@746 f882894a-f735-0410-b71e-b25c423dba1c
author: Subhendu Ghosh <sghosh@users.sourceforge.net> 2003-10-14 03:15:19 +0000
committer: Subhendu Ghosh <sghosh@users.sourceforge.net> 2003-10-14 03:15:19 +0000
commit: e4354556c3f4a1c4631c4feb1979fdabc07b1e06 (patch)
tree: 7a910c8757fdb23ed44a9746a020e5fdc5fecf60 /plugins-scripts
parent: fa9983a26043e067546667e2f9721e1b499a4fba (diff)
download: monitoring-plugins-e4354556c3f4a1c4631c4feb1979fdabc07b1e06.tar.gz
1 files changed, 224 insertions, 91 deletions
diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl
index f4eaefc0..8a23ca5e 100644
--- a/plugins-scripts/check_ifoperstatus.pl
+++ b/plugins-scripts/check_ifoperstatus.pl
@@ -5,6 +5,7 @@
 # Copyright (C) 2000 Christoph Kron,
 # Modified 5/2002 to conform to updated Nagios Plugin Guidelines
 # Added support for named interfaces per Valdimir Ivaschenko (S. Ghosh)
+# Added SNMPv3 support (10/2003)
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License
@@ -42,6 +43,10 @@ use Getopt::Long;
 &Getopt::Long::config('bundling');
 my $PROGNAME = "check_ifoperstatus";
+sub print_help ();
+sub usage ();
+sub process_arguments ();
 my $status;
 my %ifOperStatus =      ('1','up',
                         '2','down',
@@ -55,6 +60,8 @@ my $state = "UNKNOWN";
 my $answer = "";
 my $snmpkey = 0;
 my $community = "public";
+my $maxmsgsize = 1472 ; # Net::SNMP default is 1472
+my ($seclevel, $authproto, $secname, $authpass, $privpass, $auth, $priv, $context);
 my $port = 161;
 my @snmpoids;
 my $sysUptime        = '1.3.6.1.2.1.1.3.0';
@@ -92,81 +99,7 @@ alarm($TIMEOUT);
 ### Validate Arguments
-$status = GetOptions(
+$status = process_arguments();
-                        "V"   => \$opt_V, "version"    => \$opt_V,
-                        "h"   => \$opt_h, "help"       => \$opt_h,
-                        "v=i" => \$snmp_version, "snmp_version=i"  => \$snmp_version,
-                        "C=s" =>\$community, "community=s" => \$community,
-                        "k=i" =>\$snmpkey, "key=i",\$snmpkey,
-                        "d=s" =>\$ifdescr, "descr=s" => \$ifdescr,
-                        "l=s" => \$lastc,  "lastchange=s" => \$lastc,
-                        "p=i" =>\$port,  "port=i",\$port,
-                        "H=s" => \$hostname, "hostname=s" => \$hostname,
-                        "I"       => \$ifXTable, "ifmib" => \$ifXTable,
-                        "n=s" => \$ifName, "name=s" => \$ifName,
-                        "w=s" => \$dormantWarn, "warn=s" => \$dormantWarn );
-                                
-if ($status == 0)
-{
-        print_help();
-        exit $ERRORS{'OK'};
-}
-  
-if ($opt_V) {
-        print_revision($PROGNAME,'$Revision$ ');
-        exit $ERRORS{'OK'};
-}
-if ($opt_h) {
-        print_help();
-        exit $ERRORS{'OK'};
-}
-if (! utils::is_hostname($hostname)){
-        usage();
-        exit $ERRORS{"UNKNOWN"};
-}
-unless ($snmpkey > 0 || defined $ifdescr){
-        printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n";
-        usage();
-        exit $ERRORS{"UNKNOWN"};
-}
-if (defined $name) {
-        $ifXTable=1;
-}
-if ( $snmp_version =~ /[12]/ ) {
-   ($session, $error) = Net::SNMP->session(
-                -hostname  => $hostname,
-                -community => $community,
-                -port      => $port,
-                -version        => $snmp_version
-        );
-        if (!defined($session)) {
-                $state='UNKNOWN';
-                $answer=$error;
-                print ("$state: $answer");
-                exit $ERRORS{$state};
-        }
-}elsif ( $snmp_version =~ /3/ ) {
-        $state='UNKNOWN';
-        print ("$state: No support for SNMP v3 yet\n");
-        exit $ERRORS{$state};
-}else{
-        $state='UNKNOWN';
-        print ("$state: No support for SNMP v$snmp_version yet\n");
-        exit $ERRORS{$state};
-}
-## End validation
 ## map ifdescr to ifindex - should look at being able to cache this value
@@ -179,7 +112,7 @@ if (defined $ifdescr) {
                                                          # recommend use of SNMP v2 (get-bulk)
        if ($status==0) {
                $state = "UNKNOWN";
-                printf "$state: could not retrive snmpkey - $status-$snmpkey\n";
+                printf "$state: could not retrive ifdescr snmpkey - $status-$snmpkey\n";
                $session->close;
                exit $ERRORS{$state};
        }
@@ -245,21 +178,21 @@ push(@snmpoids,$snmpIfAlias) if (defined $ifXTable) ;
      $answer = "Interface $name (index $snmpkey) is down.";
   } elsif ( $response->{$snmpIfOperStatus} == 5 ) {
      if (defined $dormantWarn ) {
-            if ($dormantWarn eq "w") {
+                                if ($dormantWarn eq "w") {
-                  $state = 'WARNNG';
+                          $state = 'WARNNG';
-                  $answer = "Interface $name (index $snmpkey) is dormant.";
+                                  $answer = "Interface $name (index $snmpkey) is dormant.";
-            }elsif($dormantWarn eq "c") {
+                  }elsif($dormantWarn eq "c") {
-                  $state = 'CRITICAL';
+                        $state = 'CRITICAL';
-                  $answer = "Interface $name (index $snmpkey) is dormant.";
+                                  $answer = "Interface $name (index $snmpkey) is dormant.";
        }elsif($dormantWarn eq "i") {
-                  $state = 'OK';
+                          $state = 'OK';
-                  $answer = "Interface $name (index $snmpkey) is dormant.";
+                                $answer = "Interface $name (index $snmpkey) is dormant.";
        }
-         }else{
+                        }else{
-            # dormant interface  - but warning/critical/ignore not requested
+                # dormant interface  - but warning/critical/ignore not requested
-           $state = 'CRITICAL';
+                   $state = 'CRITICAL';
-           $answer = "Interface $name (index $snmpkey) is dormant.";
+                   $answer = "Interface $name (index $snmpkey) is dormant.";
-        }
+                        }
   } elsif ( $response->{$snmpIfOperStatus} == 6 ) {
           $state = 'CRITICAL';
           $answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress.";
@@ -311,7 +244,7 @@ sub fetch_ifdescr {
        return $snmpkey;
 }
-sub usage {
+sub usage() {
  printf "\nMissing arguments!\n";
  printf "\n";
  printf "usage: \n";
@@ -324,7 +257,7 @@ sub usage {
  exit $ERRORS{"UNKNOWN"};
 }
-sub print_help {
+sub print_help() {
        printf "check_ifoperstatus plugin for Nagios monitors operational \n";
        printf "status of a particular network interface on the target host\n";
        printf "\nUsage:\n";
@@ -335,6 +268,16 @@ sub print_help {
        printf "                        2 for SNMP v2c\n";
        printf "                        SNMP v2c will use get_bulk for less overhead\n";
        printf "                        if monitoring with -d\n";
+        printf "   -L (--seclevel)   choice of \"noAuthNoPriv\", \"authNoPriv\", or     \"authPriv\"\n";
+        printf "   -U (--secname)    username for SNMPv3 context\n";
+        printf "   -c (--context)    SNMPv3 context name (default is empty      string)";
+        printf "   -A (--authpass)   authentication password (cleartext ascii or localized key\n";
+        printf "                     in hex with 0x prefix generated by using   \"snmpkey\" utility\n"; 
+        printf "                     auth password and authEngineID\n";
+        printf "   -a (--authproto)  Authentication protocol ( MD5 or SHA1)\n";
+        printf "   -X (--privpass)   privacy password (cleartext ascii or localized key\n";
+        printf "                     in hex with 0x prefix generated by using   \"snmpkey\" utility\n"; 
+        printf "                     privacy password and authEngineID\n";
        printf "   -k (--key)        SNMP IfIndex value\n";
        printf "   -d (--descr)      SNMP ifDescr value\n";
        printf "   -p (--port)       SNMP port (default 161)\n";
@@ -343,6 +286,7 @@ sub print_help {
        printf "   -n (--name)       the value should match the returned ifName\n";
        printf "                     (Implies the use of -I)\n";
        printf "   -w (--warn =i|w|c) ignore|warn|crit if the interface is dormant (default critical)\n";
+        printf "   -M (--maxmsgsize) Max message size - usefull only for v1 or v2c\n";
        printf "   -V (--version)    Plugin version\n";
        printf "   -h (--help)       usage help \n\n";
        printf " -k or -d must be specified\n\n";
@@ -353,3 +297,192 @@ sub print_help {
        print_revision($PROGNAME, '$Revision$');
        
 }
+sub process_arguments() {
+        $status = GetOptions(
+                        "V"   => \$opt_V, "version"    => \$opt_V,
+                        "h"   => \$opt_h, "help"       => \$opt_h,
+                        "v=i" => \$snmp_version, "snmp_version=i"  => \$snmp_version,
+                        "C=s" => \$community, "community=s" => \$community,
+                        "L=s" => \$seclevel, "seclevel=s" => \$seclevel,
+                        "a=s" => \$authproto, "authproto=s" => \$authproto,
+                        "U=s" => \$secname,   "secname=s"   => \$secname,
+                        "A=s" => \$authpass,  "authpass=s"  => \$authpass,
+                        "X=s" => \$privpass,  "privpass=s"  => \$privpass,
+                        "c=s" => \$context,   "context=s"   => \$context,
+                        "k=i" => \$snmpkey, "key=i",\$snmpkey,
+                        "d=s" => \$ifdescr, "descr=s" => \$ifdescr,
+                        "l=s" => \$lastc,  "lastchange=s" => \$lastc,
+                        "p=i" = >\$port,  "port=i" =>\$port,
+                        "H=s" => \$hostname, "hostname=s" => \$hostname,
+                        "I"       => \$ifXTable, "ifmib" => \$ifXTable,
+                        "n=s" => \$ifName, "name=s" => \$ifName,
+                        "w=s" => \$dormantWarn, "warn=s" => \$dormantWarn,
+                        "M=i" => \$maxmsgsize, "maxmsgsize=i" => \$maxmsgsize);
+                                
+        if ($status == 0){
+                print_help();
+                exit $ERRORS{'OK'};
+        }
+  
+        if ($opt_V) {
+                print_revision($PROGNAME,'$Revision$ ');
+                exit $ERRORS{'OK'};
+        }
+        if ($opt_h) {
+                print_help();
+                exit $ERRORS{'OK'};
+        }
+        if (! utils::is_hostname($hostname)){
+                usage();
+                exit $ERRORS{"UNKNOWN"};
+        }
+        unless ($snmpkey > 0 || defined $ifdescr){
+                printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n";
+                usage();
+                exit $ERRORS{"UNKNOWN"};
+        }
+        if (defined $name) {
+                $ifXTable=1;
+        }       
+        if (defined $dormantWarn) {
+                unless ($dormantWarn =~ /^(w|c|i)$/ ) {
+                        printf "Dormant alerts must be one of w|c|i \n";
+                        exit $ERRORS{'UNKNOWN'};
+                }
+        }
+        
+        if ($snmp_version =~ /3/ ) {
+                # Must define a security level even though default is noAuthNoPriv
+                # v3 requires a security username
+                if (defined $seclevel  && defined $secname) {
+                
+                        # Must define a security level even though defualt is noAuthNoPriv
+                        unless ($seclevel eq ('noAuthNoPriv' || 'authNoPriv' || 'authPriv' ) ) {
+                                usage();
+                                exit $ERRORS{"UNKNOWN"};
+                        }
+                        
+                        # Authentication wanted
+                        if ($seclevel eq ('authNoPriv' || 'authPriv') ) {
+                
+                                unless ($authproto eq ('MD5' || 'SHA1') ) {
+                                        usage();
+                                        exit $ERRORS{"UNKNOWN"};
+                                }
+                                if ( !defined $authpass) {
+                                        usage();
+                                        exit $ERRORS{"UNKNOWN"};
+                                }else{
+                                        if ($authpass =~ /^0x/ ) {
+                                                $auth = "-authkey => $authpass" ;
+                                        }else{
+                                                $auth = "-authpassword => $authpass";
+                                        }
+                                }
+                                        
+                        }
+                        
+                        # Privacy (DES encryption) wanted
+                        if ($seclevel eq  'authPriv' ) {
+                                if (! defined $privpass) {
+                                        usage();
+                                        exit $ERRORS{"UNKNOWN"};
+                                }else{
+                                        if ($privpass =~ /^0x/){
+                                                $priv = "-privkey => $privpass";
+                                        }else{
+                                                $priv = "-privpassword => $privpass";
+                                        }
+                                }
+                        }
+                        # Context name defined or default
+                        unless ( defined $context) {
+                                $context = "";
+                        }
+                
+                
+                
+                }else {
+                                        usage();
+                                        exit $ERRORS{'UNKNOWN'}; ;
+                }
+        } # end snmpv3
+        if ( $snmp_version =~ /[12]/ ) {
+        ($session, $error) = Net::SNMP->session(
+                        -hostname  => $hostname,
+                        -community => $community,
+                        -port      => $port,
+                        -version        => $snmp_version,
+                        -maxmsgsize => $maxmsgsize
+                );
+                if (!defined($session)) {
+                        $state='UNKNOWN';
+                        $answer=$error;
+                        print ("$state: $answer");
+                        exit $ERRORS{$state};
+                }
+        
+        }elsif ( $snmp_version =~ /3/ ) {
+                if ($seclevel eq 'noAuthNoPriv') {
+                        ($session, $error) = Net::SNMP->session(
+                                -hostname  => $hostname,
+                                -port      => $port,
+                                -version  => $snmp_version,
+                                -username => $secname,
+                        );
+                }elsif ( $seclevel eq 'authNoPriv' ) {
+                        ($session, $error) = Net::SNMP->session(
+                                -hostname  => $hostname,
+                                -port      => $port,
+                                -version  => $snmp_version,
+                                -username => $secname,
+                                $auth,
+                                -authprotocol => $authproto,
+                        );      
+                }elsif ($seclevel eq 'authPriv' ) {
+                        ($session, $error) = Net::SNMP->session(
+                                -hostname  => $hostname,
+                                -port      => $port,
+                                -version  => $snmp_version,
+                                -username => $secname,
+                                $auth,
+                                -authprotocol => $authproto,
+                                $priv
+                        );
+                }
+                                        
+                                        
+                if (!defined($session)) {
+                                        $state='UNKNOWN';
+                                        $answer=$error;
+                                        print ("$state: $answer");
+                                        exit $ERRORS{$state};
+                }
+        }else{
+                $state='UNKNOWN';
+                print ("$state: No support for SNMP v$snmp_version yet\n");
+                exit $ERRORS{$state};
+        }
+}
+## End validation
author	Subhendu Ghosh <sghosh@users.sourceforge.net>	2003-10-14 03:15:19 +0000
committer	Subhendu Ghosh <sghosh@users.sourceforge.net>	2003-10-14 03:15:19 +0000
commit	e4354556c3f4a1c4631c4feb1979fdabc07b1e06 (patch)
tree	7a910c8757fdb23ed44a9746a020e5fdc5fecf60 /plugins-scripts
parent	fa9983a26043e067546667e2f9721e1b499a4fba (diff)
download	monitoring-plugins-e4354556c3f4a1c4631c4feb1979fdabc07b1e06.tar.gz

diff --git a/plugins-scripts/check_ifoperstatus.pl b/plugins-scripts/check_ifoperstatus.pl index f4eaefc0..8a23ca5e 100644 --- a/plugins-scripts/check_ifoperstatus.pl +++ b/plugins-scripts/check_ifoperstatus.pl
@@ -5,6 +5,7 @@
5	# Copyright (C) 2000 Christoph Kron,	5	# Copyright (C) 2000 Christoph Kron,
6	# Modified 5/2002 to conform to updated Nagios Plugin Guidelines	6	# Modified 5/2002 to conform to updated Nagios Plugin Guidelines
7	# Added support for named interfaces per Valdimir Ivaschenko (S. Ghosh)	7	# Added support for named interfaces per Valdimir Ivaschenko (S. Ghosh)
		8	# Added SNMPv3 support (10/2003)
8	#	9	#
9	# This program is free software; you can redistribute it and/or	10	# This program is free software; you can redistribute it and/or
10	# modify it under the terms of the GNU General Public License	11	# modify it under the terms of the GNU General Public License
@@ -42,6 +43,10 @@ use Getopt::Long;
42	&Getopt::Long::config('bundling');	43	&Getopt::Long::config('bundling');
43		44
44	my $PROGNAME = "check_ifoperstatus";	45	my $PROGNAME = "check_ifoperstatus";
		46	sub print_help ();
		47	sub usage ();
		48	sub process_arguments ();
		49
45	my $status;	50	my $status;
46	my %ifOperStatus = ('1','up',	51	my %ifOperStatus = ('1','up',
47	'2','down',	52	'2','down',
@@ -55,6 +60,8 @@ my $state = "UNKNOWN";
55	my $answer = "";	60	my $answer = "";
56	my $snmpkey = 0;	61	my $snmpkey = 0;
57	my $community = "public";	62	my $community = "public";
		63	my $maxmsgsize = 1472 ; # Net::SNMP default is 1472
		64	my ($seclevel, $authproto, $secname, $authpass, $privpass, $auth, $priv, $context);
58	my $port = 161;	65	my $port = 161;
59	my @snmpoids;	66	my @snmpoids;
60	my $sysUptime = '1.3.6.1.2.1.1.3.0';	67	my $sysUptime = '1.3.6.1.2.1.1.3.0';
@@ -92,81 +99,7 @@ alarm($TIMEOUT);
92		99
93	### Validate Arguments	100	### Validate Arguments
94		101
95	$status = GetOptions(	102	$status = process_arguments();
96	"V" => \$opt_V, "version" => \$opt_V,
97	"h" => \$opt_h, "help" => \$opt_h,
98	"v=i" => \$snmp_version, "snmp_version=i" => \$snmp_version,
99	"C=s" =>\$community, "community=s" => \$community,
100	"k=i" =>\$snmpkey, "key=i",\$snmpkey,
101	"d=s" =>\$ifdescr, "descr=s" => \$ifdescr,
102	"l=s" => \$lastc, "lastchange=s" => \$lastc,
103	"p=i" =>\$port, "port=i",\$port,
104	"H=s" => \$hostname, "hostname=s" => \$hostname,
105	"I" => \$ifXTable, "ifmib" => \$ifXTable,
106	"n=s" => \$ifName, "name=s" => \$ifName,
107	"w=s" => \$dormantWarn, "warn=s" => \$dormantWarn );
108
109
110
111	if ($status == 0)
112	{
113	print_help();
114	exit $ERRORS{'OK'};
115	}
116
117	if ($opt_V) {
118	print_revision($PROGNAME,'$Revision$ ');
119	exit $ERRORS{'OK'};
120	}
121
122	if ($opt_h) {
123	print_help();
124	exit $ERRORS{'OK'};
125	}
126
127	if (! utils::is_hostname($hostname)){
128	usage();
129	exit $ERRORS{"UNKNOWN"};
130	}
131
132
133	unless ($snmpkey > 0 \|\| defined $ifdescr){
134	printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n";
135	usage();
136	exit $ERRORS{"UNKNOWN"};
137	}
138
139
140	if (defined $name) {
141	$ifXTable=1;
142	}
143
144	if ( $snmp_version =~ /[12]/ ) {
145	($session, $error) = Net::SNMP->session(
146	-hostname => $hostname,
147	-community => $community,
148	-port => $port,
149	-version => $snmp_version
150	);
151
152	if (!defined($session)) {
153	$state='UNKNOWN';
154	$answer=$error;
155	print ("$state: $answer");
156	exit $ERRORS{$state};
157	}
158	}elsif ( $snmp_version =~ /3/ ) {
159	$state='UNKNOWN';
160	print ("$state: No support for SNMP v3 yet\n");
161	exit $ERRORS{$state};
162	}else{
163	$state='UNKNOWN';
164	print ("$state: No support for SNMP v$snmp_version yet\n");
165	exit $ERRORS{$state};
166	}
167
168	## End validation
169
170		103
171		104
172	## map ifdescr to ifindex - should look at being able to cache this value	105	## map ifdescr to ifindex - should look at being able to cache this value
@@ -179,7 +112,7 @@ if (defined $ifdescr) {
179	# recommend use of SNMP v2 (get-bulk)	112	# recommend use of SNMP v2 (get-bulk)
180	if ($status==0) {	113	if ($status==0) {
181	$state = "UNKNOWN";	114	$state = "UNKNOWN";
182	printf "$state: could not retrive snmpkey - $status-$snmpkey\n";	115	printf "$state: could not retrive ifdescr snmpkey - $status-$snmpkey\n";
183	$session->close;	116	$session->close;
184	exit $ERRORS{$state};	117	exit $ERRORS{$state};
185	}	118	}
@@ -245,21 +178,21 @@ push(@snmpoids,$snmpIfAlias) if (defined $ifXTable) ;
245	$answer = "Interface $name (index $snmpkey) is down.";	178	$answer = "Interface $name (index $snmpkey) is down.";
246	} elsif ( $response->{$snmpIfOperStatus} == 5 ) {	179	} elsif ( $response->{$snmpIfOperStatus} == 5 ) {
247	if (defined $dormantWarn ) {	180	if (defined $dormantWarn ) {
248	if ($dormantWarn eq "w") {	181	if ($dormantWarn eq "w") {
249	$state = 'WARNNG';	182	$state = 'WARNNG';
250	$answer = "Interface $name (index $snmpkey) is dormant.";	183	$answer = "Interface $name (index $snmpkey) is dormant.";
251	}elsif($dormantWarn eq "c") {	184	}elsif($dormantWarn eq "c") {
252	$state = 'CRITICAL';	185	$state = 'CRITICAL';
253	$answer = "Interface $name (index $snmpkey) is dormant.";	186	$answer = "Interface $name (index $snmpkey) is dormant.";
254	}elsif($dormantWarn eq "i") {	187	}elsif($dormantWarn eq "i") {
255	$state = 'OK';	188	$state = 'OK';
256	$answer = "Interface $name (index $snmpkey) is dormant.";	189	$answer = "Interface $name (index $snmpkey) is dormant.";
257	}	190	}
258	}else{	191	}else{
259	# dormant interface - but warning/critical/ignore not requested	192	# dormant interface - but warning/critical/ignore not requested
260	$state = 'CRITICAL';	193	$state = 'CRITICAL';
261	$answer = "Interface $name (index $snmpkey) is dormant.";	194	$answer = "Interface $name (index $snmpkey) is dormant.";
262	}	195	}
263	} elsif ( $response->{$snmpIfOperStatus} == 6 ) {	196	} elsif ( $response->{$snmpIfOperStatus} == 6 ) {
264	$state = 'CRITICAL';	197	$state = 'CRITICAL';
265	$answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress.";	198	$answer = "Interface $name (index $snmpkey) notPresent - possible hotswap in progress.";
@@ -311,7 +244,7 @@ sub fetch_ifdescr {
311	return $snmpkey;	244	return $snmpkey;
312	}	245	}
313		246
314	sub usage {	247	sub usage() {
315	printf "\nMissing arguments!\n";	248	printf "\nMissing arguments!\n";
316	printf "\n";	249	printf "\n";
317	printf "usage: \n";	250	printf "usage: \n";
@@ -324,7 +257,7 @@ sub usage {
324	exit $ERRORS{"UNKNOWN"};	257	exit $ERRORS{"UNKNOWN"};
325	}	258	}
326		259
327	sub print_help {	260	sub print_help() {
328	printf "check_ifoperstatus plugin for Nagios monitors operational \n";	261	printf "check_ifoperstatus plugin for Nagios monitors operational \n";
329	printf "status of a particular network interface on the target host\n";	262	printf "status of a particular network interface on the target host\n";
330	printf "\nUsage:\n";	263	printf "\nUsage:\n";
@@ -335,6 +268,16 @@ sub print_help {
335	printf " 2 for SNMP v2c\n";	268	printf " 2 for SNMP v2c\n";
336	printf " SNMP v2c will use get_bulk for less overhead\n";	269	printf " SNMP v2c will use get_bulk for less overhead\n";
337	printf " if monitoring with -d\n";	270	printf " if monitoring with -d\n";
		271	printf " -L (--seclevel) choice of \"noAuthNoPriv\", \"authNoPriv\", or \"authPriv\"\n";
		272	printf " -U (--secname) username for SNMPv3 context\n";
		273	printf " -c (--context) SNMPv3 context name (default is empty string)";
		274	printf " -A (--authpass) authentication password (cleartext ascii or localized key\n";
		275	printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n";
		276	printf " auth password and authEngineID\n";
		277	printf " -a (--authproto) Authentication protocol ( MD5 or SHA1)\n";
		278	printf " -X (--privpass) privacy password (cleartext ascii or localized key\n";
		279	printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n";
		280	printf " privacy password and authEngineID\n";
338	printf " -k (--key) SNMP IfIndex value\n";	281	printf " -k (--key) SNMP IfIndex value\n";
339	printf " -d (--descr) SNMP ifDescr value\n";	282	printf " -d (--descr) SNMP ifDescr value\n";
340	printf " -p (--port) SNMP port (default 161)\n";	283	printf " -p (--port) SNMP port (default 161)\n";
@@ -343,6 +286,7 @@ sub print_help {
343	printf " -n (--name) the value should match the returned ifName\n";	286	printf " -n (--name) the value should match the returned ifName\n";
344	printf " (Implies the use of -I)\n";	287	printf " (Implies the use of -I)\n";
345	printf " -w (--warn =i\|w\|c) ignore\|warn\|crit if the interface is dormant (default critical)\n";	288	printf " -w (--warn =i\|w\|c) ignore\|warn\|crit if the interface is dormant (default critical)\n";
		289	printf " -M (--maxmsgsize) Max message size - usefull only for v1 or v2c\n";
346	printf " -V (--version) Plugin version\n";	290	printf " -V (--version) Plugin version\n";
347	printf " -h (--help) usage help \n\n";	291	printf " -h (--help) usage help \n\n";
348	printf " -k or -d must be specified\n\n";	292	printf " -k or -d must be specified\n\n";
@@ -353,3 +297,192 @@ sub print_help {
353	print_revision($PROGNAME, '$Revision$');	297	print_revision($PROGNAME, '$Revision$');
354		298
355	}	299	}
		300
		301	sub process_arguments() {
		302	$status = GetOptions(
		303	"V" => \$opt_V, "version" => \$opt_V,
		304	"h" => \$opt_h, "help" => \$opt_h,
		305	"v=i" => \$snmp_version, "snmp_version=i" => \$snmp_version,
		306	"C=s" => \$community, "community=s" => \$community,
		307	"L=s" => \$seclevel, "seclevel=s" => \$seclevel,
		308	"a=s" => \$authproto, "authproto=s" => \$authproto,
		309	"U=s" => \$secname, "secname=s" => \$secname,
		310	"A=s" => \$authpass, "authpass=s" => \$authpass,
		311	"X=s" => \$privpass, "privpass=s" => \$privpass,
		312	"c=s" => \$context, "context=s" => \$context,
		313	"k=i" => \$snmpkey, "key=i",\$snmpkey,
		314	"d=s" => \$ifdescr, "descr=s" => \$ifdescr,
		315	"l=s" => \$lastc, "lastchange=s" => \$lastc,
		316	"p=i" = >\$port, "port=i" =>\$port,
		317	"H=s" => \$hostname, "hostname=s" => \$hostname,
		318	"I" => \$ifXTable, "ifmib" => \$ifXTable,
		319	"n=s" => \$ifName, "name=s" => \$ifName,
		320	"w=s" => \$dormantWarn, "warn=s" => \$dormantWarn,
		321	"M=i" => \$maxmsgsize, "maxmsgsize=i" => \$maxmsgsize);
		322
		323
		324
		325	if ($status == 0){
		326	print_help();
		327	exit $ERRORS{'OK'};
		328	}
		329
		330	if ($opt_V) {
		331	print_revision($PROGNAME,'$Revision$ ');
		332	exit $ERRORS{'OK'};
		333	}
		334
		335	if ($opt_h) {
		336	print_help();
		337	exit $ERRORS{'OK'};
		338	}
		339
		340	if (! utils::is_hostname($hostname)){
		341	usage();
		342	exit $ERRORS{"UNKNOWN"};
		343	}
		344
		345
		346	unless ($snmpkey > 0 \|\| defined $ifdescr){
		347	printf "Either a valid snmpkey key (-k) or a ifDescr (-d) must be provided)\n";
		348	usage();
		349	exit $ERRORS{"UNKNOWN"};
		350	}
		351
		352
		353	if (defined $name) {
		354	$ifXTable=1;
		355	}
		356
		357	if (defined $dormantWarn) {
		358	unless ($dormantWarn =~ /^(w\|c\|i)$/ ) {
		359	printf "Dormant alerts must be one of w\|c\|i \n";
		360	exit $ERRORS{'UNKNOWN'};
		361	}
		362	}
		363
		364	if ($snmp_version =~ /3/ ) {
		365	# Must define a security level even though default is noAuthNoPriv
		366	# v3 requires a security username
		367	if (defined $seclevel && defined $secname) {
		368
		369	# Must define a security level even though defualt is noAuthNoPriv
		370	unless ($seclevel eq ('noAuthNoPriv' \|\| 'authNoPriv' \|\| 'authPriv' ) ) {
		371	usage();
		372	exit $ERRORS{"UNKNOWN"};
		373	}
		374
		375	# Authentication wanted
		376	if ($seclevel eq ('authNoPriv' \|\| 'authPriv') ) {
		377
		378	unless ($authproto eq ('MD5' \|\| 'SHA1') ) {
		379	usage();
		380	exit $ERRORS{"UNKNOWN"};
		381	}
		382
		383	if ( !defined $authpass) {
		384	usage();
		385	exit $ERRORS{"UNKNOWN"};
		386	}else{
		387	if ($authpass =~ /^0x/ ) {
		388	$auth = "-authkey => $authpass" ;
		389	}else{
		390	$auth = "-authpassword => $authpass";
		391	}
		392	}
		393
		394	}
		395
		396	# Privacy (DES encryption) wanted
		397	if ($seclevel eq 'authPriv' ) {
		398	if (! defined $privpass) {
		399	usage();
		400	exit $ERRORS{"UNKNOWN"};
		401	}else{
		402	if ($privpass =~ /^0x/){
		403	$priv = "-privkey => $privpass";
		404	}else{
		405	$priv = "-privpassword => $privpass";
		406	}
		407	}
		408	}
		409
		410	# Context name defined or default
		411
		412	unless ( defined $context) {
		413	$context = "";
		414	}
		415
		416
		417
		418	}else {
		419	usage();
		420	exit $ERRORS{'UNKNOWN'}; ;
		421	}
		422	} # end snmpv3
		423
		424
		425	if ( $snmp_version =~ /[12]/ ) {
		426	($session, $error) = Net::SNMP->session(
		427	-hostname => $hostname,
		428	-community => $community,
		429	-port => $port,
		430	-version => $snmp_version,
		431	-maxmsgsize => $maxmsgsize
		432	);
		433
		434	if (!defined($session)) {
		435	$state='UNKNOWN';
		436	$answer=$error;
		437	print ("$state: $answer");
		438	exit $ERRORS{$state};
		439	}
		440
		441	}elsif ( $snmp_version =~ /3/ ) {
		442
		443	if ($seclevel eq 'noAuthNoPriv') {
		444	($session, $error) = Net::SNMP->session(
		445	-hostname => $hostname,
		446	-port => $port,
		447	-version => $snmp_version,
		448	-username => $secname,
		449	);
		450
		451	}elsif ( $seclevel eq 'authNoPriv' ) {
		452	($session, $error) = Net::SNMP->session(
		453	-hostname => $hostname,
		454	-port => $port,
		455	-version => $snmp_version,
		456	-username => $secname,
		457	$auth,
		458	-authprotocol => $authproto,
		459	);
		460	}elsif ($seclevel eq 'authPriv' ) {
		461	($session, $error) = Net::SNMP->session(
		462	-hostname => $hostname,
		463	-port => $port,
		464	-version => $snmp_version,
		465	-username => $secname,
		466	$auth,
		467	-authprotocol => $authproto,
		468	$priv
		469	);
		470	}
		471
		472
		473	if (!defined($session)) {
		474	$state='UNKNOWN';
		475	$answer=$error;
		476	print ("$state: $answer");
		477	exit $ERRORS{$state};
		478	}
		479
		480	}else{
		481	$state='UNKNOWN';
		482	print ("$state: No support for SNMP v$snmp_version yet\n");
		483	exit $ERRORS{$state};
		484	}
		485
		486	}
		487	## End validation
		488