check_ipsec: Adding needed patches
This commit is contained in:
parent
7978d99a92
commit
4832e74750
27
debian/patches/check_ipsec/10_pathes
vendored
Normal file
27
debian/patches/check_ipsec/10_pathes
vendored
Normal file
|
|
@ -0,0 +1,27 @@
|
||||||
|
Author: Jan Wagner <waja@cyconet.org>
|
||||||
|
Description:
|
||||||
|
Patches check_ipsec to use debian specific paths.
|
||||||
|
|
||||||
|
diff --git a/check_ipsec/check_ipsec b/check_ipsec/check_ipsec
|
||||||
|
index 29834df..084e6ee 100644
|
||||||
|
--- a/check_ipsec/check_ipsec
|
||||||
|
+++ b/check_ipsec/check_ipsec
|
||||||
|
@@ -20,15 +20,15 @@ REVISION=`echo '$Revision: 2.0 $' | sed -e 's/[^0-9.]//g'`
|
||||||
|
#STRONG=`$IPSECBIN --version |grep strongSwan | wc -l`
|
||||||
|
DOWN=""
|
||||||
|
# ---------- Change to your needs ----------
|
||||||
|
-PLUGINPATH="/usr/lib64/nagios/plugins"
|
||||||
|
+PLUGINPATH="/usr/lib/nagios/plugins"
|
||||||
|
GATEWAYLIST="gateways.txt"
|
||||||
|
IPSECBIN="/usr/sbin/ipsec"
|
||||||
|
-FPINGBIN="/usr/sbin/fping"
|
||||||
|
+FPINGBIN="/usr/bin/fping"
|
||||||
|
# ping server in network on the other side of the tunnel
|
||||||
|
PINGIP=1 # ping yes or no (1/0)
|
||||||
|
# ------------------------------------------
|
||||||
|
|
||||||
|
-. $PROGPATH/utils.sh
|
||||||
|
+. $PLUGINPATH/utils.sh
|
||||||
|
|
||||||
|
|
||||||
|
# Testing availability of $IPSECBIN, $FPINGBIN and $GATEWAYLIST
|
||||||
71
debian/patches/check_ipsec/15_fix_syntax
vendored
Normal file
71
debian/patches/check_ipsec/15_fix_syntax
vendored
Normal file
|
|
@ -0,0 +1,71 @@
|
||||||
|
Author: Jan Wagner <waja@cyconet.org>
|
||||||
|
Description:
|
||||||
|
Patches check_ipsec to fix syntax issues
|
||||||
|
|
||||||
|
diff --git a/check_ipsec/check_ipsec b/check_ipsec/check_ipsec
|
||||||
|
index 29834df..084e6ee 100644
|
||||||
|
--- a/check_ipsec/check_ipsec
|
||||||
|
+++ b/check_ipsec/check_ipsec
|
||||||
|
@@ -96,7 +96,7 @@ print_help() {
|
||||||
|
|
||||||
|
check_tunnel() {
|
||||||
|
|
||||||
|
- if [[ "$STRONG" -eq "1" ]]
|
||||||
|
+ if [ "$STRONG" -eq "1" ]
|
||||||
|
then
|
||||||
|
eroutes=`$IPSECBIN status | grep -e "IPsec SA established" | grep -e "newest IPSEC" | wc -l`
|
||||||
|
else
|
||||||
|
@@ -104,21 +104,21 @@ check_tunnel() {
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
- if [[ "$eroutes" -eq "$2" ]]
|
||||||
|
+ if [ "$eroutes" -eq "$2" ]
|
||||||
|
then
|
||||||
|
echo "OK - All $2 tunnels are up an running"
|
||||||
|
exit $STATE_OK
|
||||||
|
- elif [[ "$eroutes" -gt "$2" ]]
|
||||||
|
+ elif [ "$eroutes" -gt "$2" ]
|
||||||
|
then
|
||||||
|
echo "WARNING - More than $2 ($eroutes) tunnels are up an running"
|
||||||
|
exit $STATE_WARNING
|
||||||
|
else
|
||||||
|
echo "CRITICAL - Only $eroutes tunnels from $2 are up an running - $(location)"
|
||||||
|
+ location
|
||||||
|
exit $STATE_CRITICAL
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
-
|
||||||
|
location() {
|
||||||
|
|
||||||
|
count=0
|
||||||
|
@@ -129,24 +129,24 @@ while read line; do
|
||||||
|
CONN=`echo $line| awk '{print $1}'`
|
||||||
|
IP=`echo $line| awk '{print $2}'`
|
||||||
|
|
||||||
|
- if [[ "$STRONG" -eq "1" ]]
|
||||||
|
+ if [ "$STRONG" -eq "1" ]
|
||||||
|
then
|
||||||
|
tunneltest=`$IPSECBIN status | grep -e "IPsec SA established" | grep -e "newest IPSEC" |grep -e $CONN | wc -l`
|
||||||
|
else
|
||||||
|
tunneltest=`$IPSECBIN whack --status | grep -e "IPsec SA established" | grep -e "newest IPSEC" |grep -e "$CONN" | wc -l`
|
||||||
|
fi
|
||||||
|
|
||||||
|
- if [[ "$tunneltest" -eq "0" ]]
|
||||||
|
+ if [ "$tunneltest" -eq "0" ]
|
||||||
|
then
|
||||||
|
count=$[$count+1]
|
||||||
|
DOWN="$DOWN $CONN"
|
||||||
|
fi
|
||||||
|
|
||||||
|
- if [[ "$PINGIP" -eq "1" && "$tunneltest" -eq "1" ]]
|
||||||
|
+ if [ "$PINGIP" -eq "1" && "$tunneltest" -eq "1" ]
|
||||||
|
then
|
||||||
|
alive=`$FPINGBIN $IP -r 1 | grep alive | wc -l`
|
||||||
|
|
||||||
|
- if [[ "$alive" -eq "0" ]]
|
||||||
|
+ if [ "$alive" -eq "0" ]
|
||||||
|
then
|
||||||
|
count=$[$count+1]
|
||||||
|
DOWN="$DOWN $CONN (no ping)"
|
||||||
27
debian/patches/check_ipsec/20_remove_gateway
vendored
Normal file
27
debian/patches/check_ipsec/20_remove_gateway
vendored
Normal file
|
|
@ -0,0 +1,27 @@
|
||||||
|
--- a/check_ipsec/check_ipsec
|
||||||
|
+++ b/check_ipsec/check_ipsec
|
||||||
|
@@ -61,8 +61,7 @@
|
||||||
|
test -e $PROGPATH/$GATEWAYLIST
|
||||||
|
if [ $? -ne 0 ];
|
||||||
|
then
|
||||||
|
- echo CRITICAL - $GATEWAYLIST not exist
|
||||||
|
- exit $STATE_CRITICAL
|
||||||
|
+ USEGATEWAYS="0"
|
||||||
|
fi
|
||||||
|
|
||||||
|
print_usage() {
|
||||||
|
@@ -113,8 +112,12 @@
|
||||||
|
echo "WARNING - More than $2 ($eroutes) tunnels are up an running"
|
||||||
|
exit $STATE_WARNING
|
||||||
|
else
|
||||||
|
- echo "CRITICAL - Only $eroutes tunnels from $2 are up an running - $(location)"
|
||||||
|
- location
|
||||||
|
+ if [ "$USEGATEWAYS" -eq "0" ]
|
||||||
|
+ then
|
||||||
|
+ echo "CRITICAL - Only $eroutes tunnels from $2 are up an running"
|
||||||
|
+ else
|
||||||
|
+ echo "CRITICAL - Only $eroutes tunnels from $2 are up an running - $(location)"
|
||||||
|
+ fi
|
||||||
|
exit $STATE_CRITICAL
|
||||||
|
fi
|
||||||
|
}
|
||||||
3
debian/patches/series
vendored
3
debian/patches/series
vendored
|
|
@ -2,3 +2,6 @@ check_tomcat/epn
|
||||||
check_tftp/epn
|
check_tftp/epn
|
||||||
check_phpfpm_status/10_pathes
|
check_phpfpm_status/10_pathes
|
||||||
check_sieve/10_pathes
|
check_sieve/10_pathes
|
||||||
|
check_ipsec/10_pathes
|
||||||
|
check_ipsec/15_fix_syntax
|
||||||
|
check_ipsec/20_remove_gateway
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue