diff options
| author | Jan Wagner <waja@cyconet.org> | 2017-01-04 13:29:00 +0100 |
|---|---|---|
| committer | Jan Wagner <waja@cyconet.org> | 2017-01-04 13:29:00 +0100 |
| commit | d9a1fb15dd60935cf1655e6b9786b28e899c8dc8 (patch) | |
| tree | 31a2708d65e6b03301f35a3ec5df3abe6d8b93a7 /plugins | |
| parent | f524b15e572c4316feb70917d05f6349bef996ef (diff) | |
| parent | 6a0f4fe275bdf1c90de3d1b611293cf57cc3887b (diff) | |
| download | monitoring-plugins-d9a1fb15dd60935cf1655e6b9786b28e899c8dc8.tar.gz | |
Merge remote-tracking branch 'upstream/pr/1456'
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/check_dns.c | 42 | ||||
| -rw-r--r-- | plugins/t/NPTest.cache.travis | 4 | ||||
| -rw-r--r-- | plugins/t/check_dns.t | 26 |
3 files changed, 62 insertions, 10 deletions
diff --git a/plugins/check_dns.c b/plugins/check_dns.c index 1f43c2ed..5feafc80 100644 --- a/plugins/check_dns.c +++ b/plugins/check_dns.c | |||
| @@ -42,6 +42,8 @@ const char *email = "devel@monitoring-plugins.org"; | |||
| 42 | int process_arguments (int, char **); | 42 | int process_arguments (int, char **); |
| 43 | int validate_arguments (void); | 43 | int validate_arguments (void); |
| 44 | int error_scan (char *); | 44 | int error_scan (char *); |
| 45 | int ip_match_cidr(const char *, const char *); | ||
| 46 | unsigned long ip2long(const char *); | ||
| 45 | void print_help (void); | 47 | void print_help (void); |
| 46 | void print_usage (void); | 48 | void print_usage (void); |
| 47 | 49 | ||
| @@ -226,9 +228,14 @@ main (int argc, char **argv) | |||
| 226 | if (result == STATE_OK && expected_address_cnt > 0) { | 228 | if (result == STATE_OK && expected_address_cnt > 0) { |
| 227 | result = STATE_CRITICAL; | 229 | result = STATE_CRITICAL; |
| 228 | temp_buffer = ""; | 230 | temp_buffer = ""; |
| 231 | |||
| 229 | for (i=0; i<expected_address_cnt; i++) { | 232 | for (i=0; i<expected_address_cnt; i++) { |
| 230 | /* check if we get a match and prepare an error string */ | 233 | /* check if we get a match on 'raw' ip or cidr */ |
| 231 | if (strcmp(address, expected_address[i]) == 0) result = STATE_OK; | 234 | if ( strcmp(address, expected_address[i]) == 0 |
| 235 | || ip_match_cidr(address, expected_address[i]) ) | ||
| 236 | result = STATE_OK; | ||
| 237 | |||
| 238 | /* prepare an error string */ | ||
| 232 | xasprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]); | 239 | xasprintf(&temp_buffer, "%s%s; ", temp_buffer, expected_address[i]); |
| 233 | } | 240 | } |
| 234 | if (result == STATE_CRITICAL) { | 241 | if (result == STATE_CRITICAL) { |
| @@ -289,7 +296,32 @@ main (int argc, char **argv) | |||
| 289 | return result; | 296 | return result; |
| 290 | } | 297 | } |
| 291 | 298 | ||
| 299 | int | ||
| 300 | ip_match_cidr(const char *addr, const char *cidr_ro) | ||
| 301 | { | ||
| 302 | char *subnet, *mask_c, *cidr = strdup(cidr_ro); | ||
| 303 | int mask; | ||
| 304 | subnet = strtok(cidr, "/"); | ||
| 305 | mask_c = strtok(NULL, "\0"); | ||
| 306 | if (!subnet || !mask_c) | ||
| 307 | return FALSE; | ||
| 308 | mask = atoi(mask_c); | ||
| 309 | |||
| 310 | /* https://www.cryptobells.com/verifying-ips-in-a-subnet-in-php/ */ | ||
| 311 | return (ip2long(addr) & ~((1 << (32 - mask)) - 1)) == (ip2long(subnet) >> (32 - mask)) << (32 - mask); | ||
| 312 | } | ||
| 292 | 313 | ||
| 314 | unsigned long | ||
| 315 | ip2long(const char* src) { | ||
| 316 | unsigned long ip[4]; | ||
| 317 | /* http://computer-programming-forum.com/47-c-language/1376ffb92a12c471.htm */ | ||
| 318 | return (sscanf(src, "%3lu.%3lu.%3lu.%3lu", | ||
| 319 | &ip[0], &ip[1], &ip[2], &ip[3]) == 4 && | ||
| 320 | ip[0] < 256 && ip[1] < 256 && | ||
| 321 | ip[2] < 256 && ip[3] < 256) | ||
| 322 | ? ip[0] << 24 | ip[1] << 16 | ip[2] << 8 | ip[3] | ||
| 323 | : 0; | ||
| 324 | } | ||
| 293 | 325 | ||
| 294 | int | 326 | int |
| 295 | error_scan (char *input_buffer) | 327 | error_scan (char *input_buffer) |
| @@ -494,9 +526,9 @@ print_help (void) | |||
| 494 | printf (" %s\n", _("The name or address you want to query")); | 526 | printf (" %s\n", _("The name or address you want to query")); |
| 495 | printf (" -s, --server=HOST\n"); | 527 | printf (" -s, --server=HOST\n"); |
| 496 | printf (" %s\n", _("Optional DNS server you want to use for the lookup")); | 528 | printf (" %s\n", _("Optional DNS server you want to use for the lookup")); |
| 497 | printf (" -a, --expected-address=IP-ADDRESS|HOST\n"); | 529 | printf (" -a, --expected-address=IP-ADDRESS|CIDR|HOST\n"); |
| 498 | printf (" %s\n", _("Optional IP-ADDRESS you expect the DNS server to return. HOST must end with")); | 530 | printf (" %s\n", _("Optional IP-ADDRESS/CIDR you expect the DNS server to return. HOST must end")); |
| 499 | printf (" %s\n", _("a dot (.). This option can be repeated multiple times (Returns OK if any")); | 531 | printf (" %s\n", _("with a dot (.). This option can be repeated multiple times (Returns OK if any")); |
| 500 | printf (" %s\n", _("value match). If multiple addresses are returned at once, you have to match")); | 532 | printf (" %s\n", _("value match). If multiple addresses are returned at once, you have to match")); |
| 501 | printf (" %s\n", _("the whole string of addresses separated with commas (sorted alphabetically).")); | 533 | printf (" %s\n", _("the whole string of addresses separated with commas (sorted alphabetically).")); |
| 502 | printf (" -A, --expect-authority\n"); | 534 | printf (" -A, --expect-authority\n"); |
diff --git a/plugins/t/NPTest.cache.travis b/plugins/t/NPTest.cache.travis index bcec9855..38c0a6b2 100644 --- a/plugins/t/NPTest.cache.travis +++ b/plugins/t/NPTest.cache.travis | |||
| @@ -4,8 +4,10 @@ | |||
| 4 | 'NP_DNS_SERVER' => '8.8.8.8', | 4 | 'NP_DNS_SERVER' => '8.8.8.8', |
| 5 | 'NP_GOOD_NTP_SERVICE' => '', | 5 | 'NP_GOOD_NTP_SERVICE' => '', |
| 6 | 'NP_HOSTNAME_INVALID' => 'nosuchhost', | 6 | 'NP_HOSTNAME_INVALID' => 'nosuchhost', |
| 7 | 'NP_HOSTNAME_VALID' => 'monitoringplugins.org', | 7 | 'NP_HOSTNAME_VALID' => 'monitoring-plugins.org', |
| 8 | 'NP_HOSTNAME_VALID_IP' => '130.133.8.40', | 8 | 'NP_HOSTNAME_VALID_IP' => '130.133.8.40', |
| 9 | 'NP_HOSTNAME_VALID_CIDR' => '130.133.8.41/30', | ||
| 10 | 'NP_HOSTNAME_INVALID_CIDR' => '130.133.8.39/30', | ||
| 9 | 'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.', | 11 | 'NP_HOSTNAME_VALID_REVERSE' => 'orwell.monitoring-plugins.org.', |
| 10 | 'NP_HOST_DHCP_RESPONSIVE' => '', | 12 | 'NP_HOST_DHCP_RESPONSIVE' => '', |
| 11 | 'NP_HOST_NONRESPONSIVE' => '10.0.0.1', | 13 | 'NP_HOST_NONRESPONSIVE' => '10.0.0.1', |
diff --git a/plugins/t/check_dns.t b/plugins/t/check_dns.t index 035e7682..cdfbe60d 100644 --- a/plugins/t/check_dns.t +++ b/plugins/t/check_dns.t | |||
| @@ -10,26 +10,38 @@ use NPTest; | |||
| 10 | 10 | ||
| 11 | plan skip_all => "check_dns not compiled" unless (-x "check_dns"); | 11 | plan skip_all => "check_dns not compiled" unless (-x "check_dns"); |
| 12 | 12 | ||
| 13 | plan tests => 16; | 13 | plan tests => 19; |
| 14 | 14 | ||
| 15 | my $successOutput = '/DNS OK: [\.0-9]+ seconds? response time/'; | 15 | my $successOutput = '/DNS OK: [\.0-9]+ seconds? response time/'; |
| 16 | 16 | ||
| 17 | my $hostname_valid = getTestParameter( | 17 | my $hostname_valid = getTestParameter( |
| 18 | "NP_HOSTNAME_VALID", | 18 | "NP_HOSTNAME_VALID", |
| 19 | "A valid (known to DNS) hostname", | 19 | "A valid (known to DNS) hostname", |
| 20 | "monitoring-plugins.org" | 20 | "monitoring-plugins.org", |
| 21 | ); | 21 | ); |
| 22 | 22 | ||
| 23 | my $hostname_valid_ip = getTestParameter( | 23 | my $hostname_valid_ip = getTestParameter( |
| 24 | "NP_HOSTNAME_VALID_IP", | 24 | "NP_HOSTNAME_VALID_IP", |
| 25 | "The IP address of the valid hostname $hostname_valid", | 25 | "The IP address of the valid hostname $hostname_valid", |
| 26 | "66.118.156.50", | 26 | "130.133.8.40", |
| 27 | ); | ||
| 28 | |||
| 29 | my $hostname_valid_cidr = getTestParameter( | ||
| 30 | "NP_HOSTNAME_VALID_CIDR", | ||
| 31 | "An valid CIDR range containing $hostname_valid_ip", | ||
| 32 | "130.133.8.41/30", | ||
| 33 | ); | ||
| 34 | |||
| 35 | my $hostname_invalid_cidr = getTestParameter( | ||
| 36 | "NP_HOSTNAME_INVALID_CIDR", | ||
| 37 | "An (valid) CIDR range NOT containing $hostname_valid_ip", | ||
| 38 | "130.133.8.39/30", | ||
| 27 | ); | 39 | ); |
| 28 | 40 | ||
| 29 | my $hostname_valid_reverse = getTestParameter( | 41 | my $hostname_valid_reverse = getTestParameter( |
| 30 | "NP_HOSTNAME_VALID_REVERSE", | 42 | "NP_HOSTNAME_VALID_REVERSE", |
| 31 | "The hostname of $hostname_valid_ip", | 43 | "The hostname of $hostname_valid_ip", |
| 32 | "66-118-156-50.static.sagonet.net.", | 44 | "orwell.monitoring-plugins.org.", |
| 33 | ); | 45 | ); |
| 34 | 46 | ||
| 35 | my $hostname_invalid = getTestParameter( | 47 | my $hostname_invalid = getTestParameter( |
| @@ -87,3 +99,9 @@ $res = NPTest->testCmd("./check_dns -H $hostname_valid_ip -a $hostname_valid_rev | |||
| 87 | cmp_ok( $res->return_code, '==', 0, "Got expected fqdn"); | 99 | cmp_ok( $res->return_code, '==', 0, "Got expected fqdn"); |
| 88 | like ( $res->output, $successOutput, "Output OK"); | 100 | like ( $res->output, $successOutput, "Output OK"); |
| 89 | 101 | ||
| 102 | $res = NPTest->testCmd("./check_dns -H $hostname_valid -a $hostname_valid_cidr -t 5"); | ||
| 103 | cmp_ok( $res->return_code, '==', 0, "Got expected address"); | ||
| 104 | |||
| 105 | $res = NPTest->testCmd("./check_dns -H $hostname_valid -a $hostname_invalid_cidr -t 5"); | ||
| 106 | cmp_ok( $res->return_code, '==', 2, "Got wrong address"); | ||
| 107 | like ( $res->output, "/^DNS CRITICAL.*expected '$hostname_invalid_cidr' but got '$hostname_valid_ip'".'$/', "Output OK"); | ||