From 4832e747509d441ae8e822a5d1aa0b58041a171e Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Thu, 23 Oct 2014 14:31:26 +0200 Subject: [PATCH] check_ipsec: Adding needed patches --- debian/patches/check_ipsec/10_pathes | 27 ++++++++ debian/patches/check_ipsec/15_fix_syntax | 71 ++++++++++++++++++++ debian/patches/check_ipsec/20_remove_gateway | 27 ++++++++ debian/patches/series | 3 + 4 files changed, 128 insertions(+) create mode 100644 debian/patches/check_ipsec/10_pathes create mode 100644 debian/patches/check_ipsec/15_fix_syntax create mode 100644 debian/patches/check_ipsec/20_remove_gateway diff --git a/debian/patches/check_ipsec/10_pathes b/debian/patches/check_ipsec/10_pathes new file mode 100644 index 0000000..5f169ee --- /dev/null +++ b/debian/patches/check_ipsec/10_pathes @@ -0,0 +1,27 @@ +Author: Jan Wagner +Description: + Patches check_ipsec to use debian specific paths. + +diff --git a/check_ipsec/check_ipsec b/check_ipsec/check_ipsec +index 29834df..084e6ee 100644 +--- a/check_ipsec/check_ipsec ++++ b/check_ipsec/check_ipsec +@@ -20,15 +20,15 @@ REVISION=`echo '$Revision: 2.0 $' | sed -e 's/[^0-9.]//g'` + #STRONG=`$IPSECBIN --version |grep strongSwan | wc -l` + DOWN="" + # ---------- Change to your needs ---------- +-PLUGINPATH="/usr/lib64/nagios/plugins" ++PLUGINPATH="/usr/lib/nagios/plugins" + GATEWAYLIST="gateways.txt" + IPSECBIN="/usr/sbin/ipsec" +-FPINGBIN="/usr/sbin/fping" ++FPINGBIN="/usr/bin/fping" + # ping server in network on the other side of the tunnel + PINGIP=1 # ping yes or no (1/0) + # ------------------------------------------ + +-. $PROGPATH/utils.sh ++. $PLUGINPATH/utils.sh + + + # Testing availability of $IPSECBIN, $FPINGBIN and $GATEWAYLIST diff --git a/debian/patches/check_ipsec/15_fix_syntax b/debian/patches/check_ipsec/15_fix_syntax new file mode 100644 index 0000000..c1d2c8f --- /dev/null +++ b/debian/patches/check_ipsec/15_fix_syntax @@ -0,0 +1,71 @@ +Author: Jan Wagner +Description: + Patches check_ipsec to fix syntax issues + +diff --git a/check_ipsec/check_ipsec b/check_ipsec/check_ipsec +index 29834df..084e6ee 100644 +--- a/check_ipsec/check_ipsec ++++ b/check_ipsec/check_ipsec +@@ -96,7 +96,7 @@ print_help() { + + check_tunnel() { + +- if [[ "$STRONG" -eq "1" ]] ++ if [ "$STRONG" -eq "1" ] + then + eroutes=`$IPSECBIN status | grep -e "IPsec SA established" | grep -e "newest IPSEC" | wc -l` + else +@@ -104,21 +104,21 @@ check_tunnel() { + fi + + +- if [[ "$eroutes" -eq "$2" ]] ++ if [ "$eroutes" -eq "$2" ] + then + echo "OK - All $2 tunnels are up an running" + exit $STATE_OK +- elif [[ "$eroutes" -gt "$2" ]] ++ elif [ "$eroutes" -gt "$2" ] + then + echo "WARNING - More than $2 ($eroutes) tunnels are up an running" + exit $STATE_WARNING + else + echo "CRITICAL - Only $eroutes tunnels from $2 are up an running - $(location)" ++ location + exit $STATE_CRITICAL + fi + } + +- + location() { + + count=0 +@@ -129,24 +129,24 @@ while read line; do + CONN=`echo $line| awk '{print $1}'` + IP=`echo $line| awk '{print $2}'` + +- if [[ "$STRONG" -eq "1" ]] ++ if [ "$STRONG" -eq "1" ] + then + tunneltest=`$IPSECBIN status | grep -e "IPsec SA established" | grep -e "newest IPSEC" |grep -e $CONN | wc -l` + else + tunneltest=`$IPSECBIN whack --status | grep -e "IPsec SA established" | grep -e "newest IPSEC" |grep -e "$CONN" | wc -l` + fi + +- if [[ "$tunneltest" -eq "0" ]] ++ if [ "$tunneltest" -eq "0" ] + then + count=$[$count+1] + DOWN="$DOWN $CONN" + fi + +- if [[ "$PINGIP" -eq "1" && "$tunneltest" -eq "1" ]] ++ if [ "$PINGIP" -eq "1" && "$tunneltest" -eq "1" ] + then + alive=`$FPINGBIN $IP -r 1 | grep alive | wc -l` + +- if [[ "$alive" -eq "0" ]] ++ if [ "$alive" -eq "0" ] + then + count=$[$count+1] + DOWN="$DOWN $CONN (no ping)" diff --git a/debian/patches/check_ipsec/20_remove_gateway b/debian/patches/check_ipsec/20_remove_gateway new file mode 100644 index 0000000..17f938a --- /dev/null +++ b/debian/patches/check_ipsec/20_remove_gateway @@ -0,0 +1,27 @@ +--- a/check_ipsec/check_ipsec ++++ b/check_ipsec/check_ipsec +@@ -61,8 +61,7 @@ + test -e $PROGPATH/$GATEWAYLIST + if [ $? -ne 0 ]; + then +- echo CRITICAL - $GATEWAYLIST not exist +- exit $STATE_CRITICAL ++ USEGATEWAYS="0" + fi + + print_usage() { +@@ -113,8 +112,12 @@ + echo "WARNING - More than $2 ($eroutes) tunnels are up an running" + exit $STATE_WARNING + else +- echo "CRITICAL - Only $eroutes tunnels from $2 are up an running - $(location)" +- location ++ if [ "$USEGATEWAYS" -eq "0" ] ++ then ++ echo "CRITICAL - Only $eroutes tunnels from $2 are up an running" ++ else ++ echo "CRITICAL - Only $eroutes tunnels from $2 are up an running - $(location)" ++ fi + exit $STATE_CRITICAL + fi + } diff --git a/debian/patches/series b/debian/patches/series index c3e9e36..1f94b0f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -2,3 +2,6 @@ check_tomcat/epn check_tftp/epn check_phpfpm_status/10_pathes check_sieve/10_pathes +check_ipsec/10_pathes +check_ipsec/15_fix_syntax +check_ipsec/20_remove_gateway