diff options
| author | Karl DeBisschop <kdebisschop@users.sourceforge.net> | 2004-02-25 08:51:03 +0000 |
|---|---|---|
| committer | Karl DeBisschop <kdebisschop@users.sourceforge.net> | 2004-02-25 08:51:03 +0000 |
| commit | db265d5590f08746d9375807551cb1effdcf941d (patch) | |
| tree | 60c81719ef542e919912cba178505e928b83ab56 /plugins | |
| parent | 7616b1b460b0a3e0f51089c371bd5364e75dfb9d (diff) | |
| download | monitoring-plugins-db265d5590f08746d9375807551cb1effdcf941d.tar.gz | |
check server for authoritative status (from Jon Hallet)
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@826 f882894a-f735-0410-b71e-b25c423dba1c
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/check_dns.c | 61 |
1 files changed, 40 insertions, 21 deletions
diff --git a/plugins/check_dns.c b/plugins/check_dns.c index 24205294..14d4306c 100644 --- a/plugins/check_dns.c +++ b/plugins/check_dns.c | |||
| @@ -7,7 +7,7 @@ | |||
| 7 | 7 | ||
| 8 | This program is distributed in the hope that it will be useful, | 8 | This program is distributed in the hope that it will be useful, |
| 9 | but WITHOUT ANY WARRANTY; without even the implied warranty of | 9 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
| 10 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 10 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| 11 | GNU General Public License for more details. | 11 | GNU General Public License for more details. |
| 12 | 12 | ||
| 13 | You should have received a copy of the GNU General Public License | 13 | You should have received a copy of the GNU General Public License |
| @@ -42,6 +42,7 @@ char ptr_server[ADDRESS_LENGTH] = ""; | |||
| 42 | int verbose = FALSE; | 42 | int verbose = FALSE; |
| 43 | char expected_address[ADDRESS_LENGTH] = ""; | 43 | char expected_address[ADDRESS_LENGTH] = ""; |
| 44 | int match_expected_address = FALSE; | 44 | int match_expected_address = FALSE; |
| 45 | int expect_authority = FALSE; | ||
| 45 | 46 | ||
| 46 | int | 47 | int |
| 47 | main (int argc, char **argv) | 48 | main (int argc, char **argv) |
| @@ -51,12 +52,13 @@ main (int argc, char **argv) | |||
| 51 | char *output = NULL; | 52 | char *output = NULL; |
| 52 | char *address = NULL; | 53 | char *address = NULL; |
| 53 | char *temp_buffer = NULL; | 54 | char *temp_buffer = NULL; |
| 55 | int non_authoritative = FALSE; | ||
| 54 | int result = STATE_UNKNOWN; | 56 | int result = STATE_UNKNOWN; |
| 55 | double elapsed_time; | 57 | double elapsed_time; |
| 56 | long microsec; | 58 | long microsec; |
| 57 | struct timeval tv; | 59 | struct timeval tv; |
| 58 | int multi_address; | 60 | int multi_address; |
| 59 | int parse_address = FALSE; /* This flag scans for Address: but only after Name: */ | 61 | int parse_address = FALSE; /* This flag scans for Address: but only after Name: */ |
| 60 | 62 | ||
| 61 | setlocale (LC_ALL, ""); | 63 | setlocale (LC_ALL, ""); |
| 62 | bindtextdomain (PACKAGE, LOCALEDIR); | 64 | bindtextdomain (PACKAGE, LOCALEDIR); |
| @@ -74,7 +76,7 @@ main (int argc, char **argv) | |||
| 74 | } | 76 | } |
| 75 | 77 | ||
| 76 | /* get the command to run */ | 78 | /* get the command to run */ |
| 77 | asprintf (&command_line, "%s %s %s", NSLOOKUP_COMMAND, query_address, dns_server); | 79 | asprintf (&command_line, "%s %s %s", NSLOOKUP_COMMAND, query_address, dns_server); |
| 78 | 80 | ||
| 79 | alarm (timeout_interval); | 81 | alarm (timeout_interval); |
| 80 | gettimeofday (&tv, NULL); | 82 | gettimeofday (&tv, NULL); |
| @@ -111,7 +113,8 @@ main (int argc, char **argv) | |||
| 111 | /* the server is responding, we just got the host name... */ | 113 | /* the server is responding, we just got the host name... */ |
| 112 | if (strstr (input_buffer, "Name:")) | 114 | if (strstr (input_buffer, "Name:")) |
| 113 | parse_address = TRUE; | 115 | parse_address = TRUE; |
| 114 | else if (parse_address == TRUE && (strstr (input_buffer, "Address:") || strstr (input_buffer, "Addresses:"))) { | 116 | else if (parse_address == TRUE && (strstr (input_buffer, "Address:") || |
| 117 | strstr (input_buffer, "Addresses:"))) { | ||
| 115 | temp_buffer = index (input_buffer, ':'); | 118 | temp_buffer = index (input_buffer, ':'); |
| 116 | temp_buffer++; | 119 | temp_buffer++; |
| 117 | 120 | ||
| @@ -121,8 +124,9 @@ main (int argc, char **argv) | |||
| 121 | 124 | ||
| 122 | strip(temp_buffer); | 125 | strip(temp_buffer); |
| 123 | if (temp_buffer==NULL || strlen(temp_buffer)==0) { | 126 | if (temp_buffer==NULL || strlen(temp_buffer)==0) { |
| 124 | die (STATE_CRITICAL, _("DNS CRITICAL - '%s' returned empty host name string\n"), | 127 | die (STATE_CRITICAL, |
| 125 | NSLOOKUP_COMMAND); | 128 | _("DNS CRITICAL - '%s' returned empty host name string\n"), |
| 129 | NSLOOKUP_COMMAND); | ||
| 126 | } | 130 | } |
| 127 | 131 | ||
| 128 | if (address == NULL) | 132 | if (address == NULL) |
| @@ -131,6 +135,10 @@ main (int argc, char **argv) | |||
| 131 | asprintf(&address, "%s,%s", address, temp_buffer); | 135 | asprintf(&address, "%s,%s", address, temp_buffer); |
| 132 | } | 136 | } |
| 133 | 137 | ||
| 138 | else if (strstr (input_buffer, "Non-authoritative answer:")) { | ||
| 139 | non_authoritative = TRUE; | ||
| 140 | } | ||
| 141 | |||
| 134 | result = error_scan (input_buffer); | 142 | result = error_scan (input_buffer); |
| 135 | if (result != STATE_OK) { | 143 | if (result != STATE_OK) { |
| 136 | output = strdup (1 + index (input_buffer, ':')); | 144 | output = strdup (1 + index (input_buffer, ':')); |
| @@ -163,8 +171,8 @@ main (int argc, char **argv) | |||
| 163 | and we can segfault if we do not */ | 171 | and we can segfault if we do not */ |
| 164 | if (address==NULL || strlen(address)==0) | 172 | if (address==NULL || strlen(address)==0) |
| 165 | die (STATE_CRITICAL, | 173 | die (STATE_CRITICAL, |
| 166 | _("DNS CRITICAL - '%s' output parsing exited with no address\n"), | 174 | _("DNS CRITICAL - '%s' output parsing exited with no address\n"), |
| 167 | NSLOOKUP_COMMAND); | 175 | NSLOOKUP_COMMAND); |
| 168 | 176 | ||
| 169 | /* compare to expected address */ | 177 | /* compare to expected address */ |
| 170 | if (result == STATE_OK && match_expected_address && strcmp(address, expected_address)) { | 178 | if (result == STATE_OK && match_expected_address && strcmp(address, expected_address)) { |
| @@ -172,6 +180,12 @@ main (int argc, char **argv) | |||
| 172 | asprintf(&output, _("expected %s but got %s"), expected_address, address); | 180 | asprintf(&output, _("expected %s but got %s"), expected_address, address); |
| 173 | } | 181 | } |
| 174 | 182 | ||
| 183 | /* check if authoritative */ | ||
| 184 | if (result == STATE_OK && expect_authority && non_authoritative) { | ||
| 185 | result = STATE_CRITICAL; | ||
| 186 | asprintf(&output, _("server %s is not authoritative for %s"), dns_server, query_address); | ||
| 187 | } | ||
| 188 | |||
| 175 | microsec = deltime (tv); | 189 | microsec = deltime (tv); |
| 176 | elapsed_time = (double)microsec / 1.0e6; | 190 | elapsed_time = (double)microsec / 1.0e6; |
| 177 | 191 | ||
| @@ -188,13 +202,13 @@ main (int argc, char **argv) | |||
| 188 | } | 202 | } |
| 189 | else if (result == STATE_WARNING) | 203 | else if (result == STATE_WARNING) |
| 190 | printf (_("DNS WARNING - %s\n"), | 204 | printf (_("DNS WARNING - %s\n"), |
| 191 | !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output); | 205 | !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output); |
| 192 | else if (result == STATE_CRITICAL) | 206 | else if (result == STATE_CRITICAL) |
| 193 | printf (_("DNS CRITICAL - %s\n"), | 207 | printf (_("DNS CRITICAL - %s\n"), |
| 194 | !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output); | 208 | !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output); |
| 195 | else | 209 | else |
| 196 | printf (_("DNS problem - %s\n"), | 210 | printf (_("DNS problem - %s\n"), |
| 197 | !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output); | 211 | !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output); |
| 198 | 212 | ||
| 199 | return result; | 213 | return result; |
| 200 | } | 214 | } |
| @@ -204,7 +218,7 @@ error_scan (char *input_buffer) | |||
| 204 | { | 218 | { |
| 205 | 219 | ||
| 206 | /* the DNS lookup timed out */ | 220 | /* the DNS lookup timed out */ |
| 207 | if (strstr (input_buffer, "Note: nslookup is deprecated and may be removed from future releases.") || | 221 | if (strstr (input_buffer, "Note: nslookup is deprecated and may be removed from future releases.") || |
| 208 | strstr (input_buffer, "Consider using the `dig' or `host' programs instead. Run nslookup with") || | 222 | strstr (input_buffer, "Consider using the `dig' or `host' programs instead. Run nslookup with") || |
| 209 | strstr (input_buffer, "the `-sil[ent]' option to prevent this message from appearing.")) | 223 | strstr (input_buffer, "the `-sil[ent]' option to prevent this message from appearing.")) |
| 210 | return STATE_OK; | 224 | return STATE_OK; |
| @@ -219,9 +233,9 @@ error_scan (char *input_buffer) | |||
| 219 | 233 | ||
| 220 | /* Connection was refused */ | 234 | /* Connection was refused */ |
| 221 | else if (strstr (input_buffer, "Connection refused") || | 235 | else if (strstr (input_buffer, "Connection refused") || |
| 236 | strstr (input_buffer, "Refused") || | ||
| 222 | (strstr (input_buffer, "** server can't find") && | 237 | (strstr (input_buffer, "** server can't find") && |
| 223 | strstr (input_buffer, ": REFUSED")) || | 238 | strstr (input_buffer, ": REFUSED"))) |
| 224 | (strstr (input_buffer, "Refused"))) | ||
| 225 | die (STATE_CRITICAL, _("Connection to name server %s was refused\n"), dns_server); | 239 | die (STATE_CRITICAL, _("Connection to name server %s was refused\n"), dns_server); |
| 226 | 240 | ||
| 227 | /* Host or domain name does not exist */ | 241 | /* Host or domain name does not exist */ |
| @@ -263,6 +277,7 @@ process_arguments (int argc, char **argv) | |||
| 263 | {"server", required_argument, 0, 's'}, | 277 | {"server", required_argument, 0, 's'}, |
| 264 | {"reverse-server", required_argument, 0, 'r'}, | 278 | {"reverse-server", required_argument, 0, 'r'}, |
| 265 | {"expected-address", required_argument, 0, 'a'}, | 279 | {"expected-address", required_argument, 0, 'a'}, |
| 280 | {"expect-authority", no_argument, 0, 'A'}, | ||
| 266 | {0, 0, 0, 0} | 281 | {0, 0, 0, 0} |
| 267 | }; | 282 | }; |
| 268 | 283 | ||
| @@ -274,7 +289,7 @@ process_arguments (int argc, char **argv) | |||
| 274 | strcpy (argv[c], "-t"); | 289 | strcpy (argv[c], "-t"); |
| 275 | 290 | ||
| 276 | while (1) { | 291 | while (1) { |
| 277 | c = getopt_long (argc, argv, "hVvt:H:s:r:a:", long_opts, &opt_index); | 292 | c = getopt_long (argc, argv, "hVvAt:H:s:r:a:", long_opts, &opt_index); |
| 278 | 293 | ||
| 279 | if (c == -1 || c == EOF) | 294 | if (c == -1 || c == EOF) |
| 280 | break; | 295 | break; |
| @@ -302,8 +317,8 @@ process_arguments (int argc, char **argv) | |||
| 302 | strcpy (query_address, optarg); | 317 | strcpy (query_address, optarg); |
| 303 | break; | 318 | break; |
| 304 | case 's': /* server name */ | 319 | case 's': /* server name */ |
| 305 | /* TODO: this is_host check is probably unnecessary. Better to confirm nslookup | 320 | /* TODO: this is_host check is probably unnecessary. */ |
| 306 | response matches */ | 321 | /* Better to confirm nslookup response matches */ |
| 307 | if (is_host (optarg) == FALSE) { | 322 | if (is_host (optarg) == FALSE) { |
| 308 | printf (_("Invalid server name/address\n\n")); | 323 | printf (_("Invalid server name/address\n\n")); |
| 309 | print_usage (); | 324 | print_usage (); |
| @@ -330,6 +345,9 @@ process_arguments (int argc, char **argv) | |||
| 330 | strcpy (expected_address, optarg); | 345 | strcpy (expected_address, optarg); |
| 331 | match_expected_address = TRUE; | 346 | match_expected_address = TRUE; |
| 332 | break; | 347 | break; |
| 348 | case 'A': /* expect authority */ | ||
| 349 | expect_authority = TRUE; | ||
| 350 | break; | ||
| 333 | } | 351 | } |
| 334 | } | 352 | } |
| 335 | 353 | ||
| @@ -386,7 +404,9 @@ print_help (void) | |||
| 386 | -s, --server=HOST\n\ | 404 | -s, --server=HOST\n\ |
| 387 | Optional DNS server you want to use for the lookup\n\ | 405 | Optional DNS server you want to use for the lookup\n\ |
| 388 | -a, --expected-address=IP-ADDRESS\n\ | 406 | -a, --expected-address=IP-ADDRESS\n\ |
| 389 | Optional IP address you expect the DNS server to return\n")); | 407 | Optional IP address you expect the DNS server to return\n\ |
| 408 | -A, --expect-authority\n\ | ||
| 409 | Optionally expect the DNS server to be authoritative for the lookup\n")); | ||
| 390 | 410 | ||
| 391 | printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT); | 411 | printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT); |
| 392 | 412 | ||
| @@ -406,8 +426,7 @@ void | |||
| 406 | print_usage (void) | 426 | print_usage (void) |
| 407 | { | 427 | { |
| 408 | printf (_("\ | 428 | printf (_("\ |
| 409 | Usage: %s -H host [-s server] [-a expected-address] [-t timeout]\n\ | 429 | Usage: %s -H host [-s server] [-a expected-address] [-A] [-t timeout]\n\ |
| 410 | %s --help\n\ | 430 | %s --help\n\ |
| 411 | %s --version\n"), | 431 | %s --version\n"), progname, progname, progname); |
| 412 | progname, progname, progname); | ||
| 413 | } | 432 | } |