From e3da64769f9a65fc0d2af2345d1008a359d14821 Mon Sep 17 00:00:00 2001 From: Jan Wagner Date: Mon, 18 Nov 2013 14:49:37 +0100 Subject: [PATCH] Add check_openvpn --- check_openvpn/Makefile | 4 ++ check_openvpn/check_openvpn | 86 +++++++++++++++++++++++++++++++++ check_openvpn/check_openvpn.cfg | 6 +++ check_openvpn/control | 6 +++ check_openvpn/copyright | 21 ++++++++ 5 files changed, 123 insertions(+) create mode 100644 check_openvpn/Makefile create mode 100644 check_openvpn/check_openvpn create mode 100644 check_openvpn/check_openvpn.cfg create mode 100644 check_openvpn/control create mode 100644 check_openvpn/copyright diff --git a/check_openvpn/Makefile b/check_openvpn/Makefile new file mode 100644 index 0000000..52de70c --- /dev/null +++ b/check_openvpn/Makefile @@ -0,0 +1,4 @@ +#/usr/bin/make -f + +include ../common.mk + diff --git a/check_openvpn/check_openvpn b/check_openvpn/check_openvpn new file mode 100644 index 0000000..f91fab7 --- /dev/null +++ b/check_openvpn/check_openvpn @@ -0,0 +1,86 @@ +#! /usr/bin/python + +# Check if an OpenVPN server runs on a given UDP port. +# +# Copyright 2013 Roland Wolters, credativ GmbH +# +# Version 20130904 +# +# Permission is hereby granted, free of charge, to any person obtaining +# a copy of this software and associated documentation files (the +# "Software"), to deal in the Software without restriction, including +# without limitation the rights to use, copy, modify, merge, publish, +# distribute, sublicense, and/or sell copies of the Software, and to +# permit persons to whom the Software is furnished to do so, subject to +# the following conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +# LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +# OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +# WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + +import sys +import socket +import argparse +import binascii + +def ok(msg): + print "OK: %s" % msg + sys.exit(0) + +def critical(msg): + print "CRIT: %s" % msg + sys.exit(2) + +def checkserver(host,port,proto): + byte_stream = "\x38\x01\x00\x00\x00\x00\x00\x00\x00" + + if proto: + ovpn_sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) + else: + ovpn_sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + + ovpn_sock.settimeout(5) + + try: + ovpn_sock.connect((host, port)) + ovpn_sock.sendto(byte_stream, (host, port)) + data, addr = ovpn_sock.recvfrom(1024) # buffer size is 1024 bytes + reply = binascii.hexlify(data) + if proto: + ok("OpenVPN tcp port reachable.") + else: + ok("OpenVPN server response (hex): %s" % reply) + except socket.timeout: + critical("Request timed out") + ovpn_sock.close() + except (socket.error, Exception): + critical("OpenVPN server not responding") + ovpn_sock.close() + + ovpn_sock.close() + return data + +def optionsparser(): + parser = argparse.ArgumentParser() + parser.add_argument("-p","--port", help="set port number", + type=int, dest="port", default="1194") + parser.add_argument("-t","--tcp", help="use tcp instead of udp", + action="store_true") + parser.add_argument("host", type=str, help="the OpenVPN host name or ip") + return parser.parse_args() + +def main(): + arguments = optionsparser() + + data = checkserver(arguments.host,arguments.port,arguments.tcp) + +if __name__ == "__main__": + main() + diff --git a/check_openvpn/check_openvpn.cfg b/check_openvpn/check_openvpn.cfg new file mode 100644 index 0000000..ac4d1d2 --- /dev/null +++ b/check_openvpn/check_openvpn.cfg @@ -0,0 +1,6 @@ +# 'check_openvpn' command definition +define command { + command_name check_openvpn + command_line /usr/lib/monitoring-plugins/check_openvpn -p '$ARG1$' '$HOSTADDRESS$' +} + diff --git a/check_openvpn/control b/check_openvpn/control new file mode 100644 index 0000000..25b9192 --- /dev/null +++ b/check_openvpn/control @@ -0,0 +1,6 @@ +Homepage: https://raw.github.com/liquidat/nagios-icinga-checks/master/check_openvpn +Watch: https://raw.github.com/liquidat/nagios-icinga-checks/master/check_openvpn Version\ ([0-9.]+) +Recommends: python-argparse +Version: 20130904 +Uploaders: Jan Wagner +Description: plugin to check if an OpenVPN server runs on a given port diff --git a/check_openvpn/copyright b/check_openvpn/copyright new file mode 100644 index 0000000..f0461d8 --- /dev/null +++ b/check_openvpn/copyright @@ -0,0 +1,21 @@ +Copyright 2013 Roland Wolters, credativ GmbH + +License: MIT + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE.