293 lines
9.7 KiB
Perl
293 lines
9.7 KiB
Perl
#!/usr/bin/perl
|
|
# nagios: +epn
|
|
#
|
|
# check_bgp - nagios plugin
|
|
#
|
|
# Copyright (C) 2006 Larry Low
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License
|
|
# as published by the Free Software Foundation; either version 2
|
|
# of the License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
|
|
#
|
|
# Report bugs to: llow0@yahoo.com
|
|
#
|
|
# Primary MIB reference - BGP4-MIB
|
|
#
|
|
# Version 0.4
|
|
# - added snmpv3 support
|
|
# Version 0.3
|
|
# - fixed $snmp was not checked for being defined
|
|
# Version 0.2
|
|
# - added conformed with ePN
|
|
#
|
|
use strict;
|
|
use warnings;
|
|
use lib "/usr/lib/nagios/plugins" ;
|
|
use utils qw($TIMEOUT %ERRORS &print_revision &support);
|
|
use vars qw($PROGNAME);
|
|
|
|
# Just in case of problems, let's not hang Nagios
|
|
$SIG{'ALRM'} = sub {
|
|
print ("ERROR: Plugin took too long to complete (alarm)\n");
|
|
exit $ERRORS{"UNKNOWN"};
|
|
};
|
|
alarm($TIMEOUT);
|
|
|
|
$PROGNAME = "check_bgp.pl";
|
|
sub print_help ();
|
|
sub print_usage ();
|
|
use POSIX qw(floor);
|
|
sub seconds_to_string($);
|
|
|
|
my ($opt_h,$opt_V);
|
|
my $community = "public";
|
|
my $snmp_version = 2;
|
|
my ($hostname,$bgppeer);;
|
|
|
|
use Getopt::Long;
|
|
&Getopt::Long::config('bundling');
|
|
GetOptions(
|
|
"V" => \$opt_V, "version" => \$opt_V,
|
|
"h" => \$opt_h, "help" => \$opt_h,
|
|
"C=s" => \$community, "community=s" => \$community,
|
|
"H=s" => \$hostname, "hostname=s" => \$hostname,
|
|
"p=s" => \$bgppeer, "peer=s" => \$bgppeer,
|
|
"v=i" => \$snmp_version,"snmp_version=i" => \$snmp_version
|
|
);
|
|
# -h & --help print help
|
|
if ($opt_h) { print_help(); exit $ERRORS{'OK'}; }
|
|
# -V & --version print version
|
|
if ($opt_V) { print_revision($PROGNAME,'$Revision: 0.4 $ '); exit $ERRORS{'OK'}; }
|
|
# Invalid hostname print usage
|
|
if (!utils::is_hostname($hostname)) { print_usage(); exit $ERRORS{'UNKNOWN'}; }
|
|
# No BGP peer specified, print usage
|
|
if (!defined($bgppeer)) { print_usage(); exit $ERRORS{'UNKNOWN'}; }
|
|
|
|
# Setup SNMP object
|
|
use Net::SNMP qw(INTEGER OCTET_STRING IPADDRESS OBJECT_IDENTIFIER NULL);
|
|
my ($snmp, $snmperror);
|
|
if ($snmp_version == 2) {
|
|
($snmp, $snmperror) = Net::SNMP->session(
|
|
-hostname => $hostname,
|
|
-version => 'snmpv2c',
|
|
-community => $community
|
|
);
|
|
} elsif ($snmp_version == 3) {
|
|
my ($v3_username,$v3_password,$v3_protocol,$v3_priv_passphrase,$v3_priv_protocol) = split(":",$community);
|
|
my @auth = ();
|
|
if (defined($v3_password)) { push(@auth,($v3_password =~ /^0x/) ? 'authkey' : 'authpassword',$v3_password); }
|
|
if (defined($v3_protocol)) { push(@auth,'authprotocol',$v3_protocol); }
|
|
if (defined($v3_priv_passphrase)) { push(@auth,($v3_priv_passphrase =~ /^0x/) ? 'privkey' : 'privpassword',$v3_priv_passphrase); }
|
|
if (defined($v3_priv_protocol)) { push(@auth,'privprotocol',$v3_priv_protocol); }
|
|
|
|
($snmp, $snmperror) = Net::SNMP->session(
|
|
-hostname => $hostname,
|
|
-version => 'snmpv3',
|
|
-username => $v3_username,
|
|
@auth
|
|
);
|
|
} else {
|
|
($snmp, $snmperror) = Net::SNMP->session(
|
|
-hostname => $hostname,
|
|
-version => 'snmpv1',
|
|
-community => $community
|
|
);
|
|
}
|
|
|
|
if (!defined($snmp)) {
|
|
print ("UNKNOWN - SNMP error: $snmperror\n");
|
|
exit $ERRORS{'UNKNOWN'};
|
|
}
|
|
|
|
my $state = 'UNKNOWN';
|
|
my $output = "$bgppeer status retrieval failed.";
|
|
# Begin plugin check code
|
|
{
|
|
my $bgpPeerState = "1.3.6.1.2.1.15.3.1.2";
|
|
my $bgpPeerAdminStatus = "1.3.6.1.2.1.15.3.1.3";
|
|
my $bgpPeerRemoteAs = "1.3.6.1.2.1.15.3.1.9";
|
|
my $bgpPeerLastError = "1.3.6.1.2.1.15.3.1.14";
|
|
my $bgpPeerFsmEstablishedTime = "1.3.6.1.2.1.15.3.1.16";
|
|
|
|
my %bgpPeerStates = (
|
|
-1 => 'unknown(-1)',
|
|
1 => 'idle(1)',
|
|
2 => 'connect(2)',
|
|
3 => 'active(3)',
|
|
4 => 'opensent(4)',
|
|
5 => 'openconfirm(5)',
|
|
6 => 'established(6)'
|
|
);
|
|
|
|
my %bgpPeerAdminStatuses = (
|
|
1=>'stop(1)',
|
|
2=>'start(2)'
|
|
);
|
|
|
|
my %bgpErrorCodes = (
|
|
'01 00' => 'Message Header Error',
|
|
'01 01' => 'Message Header Error - Connection Not Synchronized',
|
|
'01 02' => 'Message Header Error - Bad Message Length',
|
|
'01 03' => 'Message Header Error - Bad Message Type',
|
|
'02 00' => 'OPEN Message Error',
|
|
'02 01' => 'OPEN Message Error - Unsupported Version Number',
|
|
'02 02' => 'OPEN Message Error - Bad Peer AS',
|
|
'02 03' => 'OPEN Message Error - Bad BGP Identifier',
|
|
'02 04' => 'OPEN Message Error - Unsupported Optional Parameter',
|
|
'02 05' => 'OPEN Message Error', #deprecated
|
|
'02 06' => 'OPEN Message Error - Unacceptable Hold Time',
|
|
'03 00' => 'UPDATE Message Error',
|
|
'03 01' => 'UPDATE Message Error - Malformed Attribute List',
|
|
'03 02' => 'UPDATE Message Error - Unrecognized Well-known Attribute',
|
|
'03 03' => 'UPDATE Message Error - Missing Well-known Attribute',
|
|
'03 04' => 'UPDATE Message Error - Attribute Flags Error',
|
|
'03 05' => 'UPDATE Message Error - Attribute Length Erro',
|
|
'03 06' => 'UPDATE Message Error - Invalid ORIGIN Attribute',
|
|
'03 07' => 'UPDATE Message Error', #deprecated
|
|
'03 08' => 'UPDATE Message Error - Invalid NEXT_HOP Attribute',
|
|
'03 09' => 'UPDATE Message Error - Optional Attribute Error',
|
|
'03 0A' => 'UPDATE Message Error - Invalid Network Field',
|
|
'03 0B' => 'UPDATE Message Error - Malformed AS_PATH',
|
|
'04 00' => 'Hold Timer Expired',
|
|
'05 00' => 'Finite State Machine Error',
|
|
'06 00' => 'Cease',
|
|
'06 01' => 'Cease - Maximum Number of Prefixes Reached',
|
|
'06 02' => 'Cease - Administrative Shutdown',
|
|
'06 03' => 'Cease - Peer De-configured',
|
|
'06 04' => 'Cease - Administrative Reset',
|
|
'06 05' => 'Cease - Connection Rejected',
|
|
'06 06' => 'Cease - Other Configuration Change',
|
|
'06 07' => 'Cease - Connection Collision Resolution',
|
|
'06 08' => 'Cease - Out of Resources'
|
|
);
|
|
|
|
my @snmpoids;
|
|
push (@snmpoids,"$bgpPeerState.$bgppeer");
|
|
push (@snmpoids,"$bgpPeerAdminStatus.$bgppeer");
|
|
push (@snmpoids,"$bgpPeerRemoteAs.$bgppeer");
|
|
push (@snmpoids,"$bgpPeerLastError.$bgppeer");
|
|
push (@snmpoids,"$bgpPeerFsmEstablishedTime.$bgppeer");
|
|
my $result = $snmp->get_request(
|
|
-varbindlist => \@snmpoids
|
|
);
|
|
if (!defined($result)) {
|
|
my $answer = $snmp->error;
|
|
$snmp->close;
|
|
print ("UNKNOWN: SNMP error: $answer\n");
|
|
exit $ERRORS{'UNKNOWN'};
|
|
}
|
|
|
|
if ($result->{"$bgpPeerState.$bgppeer"} ne "noSuchInstance") {
|
|
$output = "$bgppeer (AS".
|
|
$result->{"$bgpPeerRemoteAs.$bgppeer"}.
|
|
") state is ".
|
|
$bgpPeerStates{$result->{"$bgpPeerState.$bgppeer"}};
|
|
|
|
my $lasterror;
|
|
my $lasterrorcode = $result->{"$bgpPeerLastError.$bgppeer"};
|
|
if (hex($lasterrorcode) != 0) {
|
|
$lasterrorcode = substr($lasterrorcode,2,2)." ".substr($lasterrorcode,4,2);
|
|
my ($code,$subcode) = split(" ",$lasterrorcode);
|
|
if (!defined($bgpErrorCodes{$lasterrorcode})) {
|
|
$lasterror = $bgpErrorCodes{"$code 00"};
|
|
} else {
|
|
$lasterror = $bgpErrorCodes{$lasterrorcode};
|
|
}
|
|
if (!defined($lasterror)) {
|
|
$lasterror = "Unknown ($code $subcode)";
|
|
}
|
|
}
|
|
|
|
my $establishedtime = seconds_to_string($result->{"$bgpPeerFsmEstablishedTime.$bgppeer"});
|
|
|
|
if ($result->{"$bgpPeerState.$bgppeer"} == 6) {
|
|
$state = 'OK';
|
|
$output .= ". Established for $establishedtime.";
|
|
} elsif ($result->{"$bgpPeerAdminStatus.$bgppeer"} == 1) { #stop
|
|
$state = 'WARNING'; # admin down do warning
|
|
$output .= " (administratively down). Last established $establishedtime.";
|
|
} else {
|
|
$state = 'CRITICAL';
|
|
$output .= ". Last established $establishedtime.";
|
|
}
|
|
|
|
if (defined($lasterror)) {
|
|
$output .= " Last error \"$lasterror\".";
|
|
}
|
|
}
|
|
}
|
|
print "$state - $output\n";
|
|
exit $ERRORS{$state};
|
|
|
|
sub print_help() {
|
|
print_revision($PROGNAME,'$Revision: 0.4 $ ');
|
|
print "Copyright (c) 2006 Larry Low\n";
|
|
print "This program is licensed under the terms of the\n";
|
|
print "GNU General Public License\n(check source code for details)\n";
|
|
print "\n";
|
|
printf "Check BGP peer status via SNMP.\n";
|
|
print "\n";
|
|
print_usage();
|
|
print "\n";
|
|
print " -H (--hostname) Hostname to query - (required)\n";
|
|
print " -C (--community) SNMP read community or v3 auth (defaults to public)\n";
|
|
print " (v3 specified as username:authpassword:... )\n";
|
|
print " username = SNMPv3 security name\n";
|
|
print " authpassword = SNMPv3 authentication pass phrase (or hexidecimal key)\n";
|
|
print " authprotocol = SNMPv3 authentication protocol (md5 (default) or sha)\n";
|
|
print " privpassword = SNMPv3 privacy pass phrase (or hexidecmal key)\n";
|
|
print " privprotocol = SNMPv3 privacy protocol (des (default) or aes)\n";
|
|
print " -v (--snmp_version) 1 for SNMP v1\n";
|
|
print " 2 for SNMP v2c (default)\n";
|
|
print " 3 for SNMP v3\n";
|
|
print " -p {--peer} IP of BGP Peer\n";
|
|
print " -V (--version) Plugin version\n";
|
|
print " -h (--help) usage help\n";
|
|
print "\n";
|
|
support();
|
|
}
|
|
|
|
sub print_usage() {
|
|
print "Usage: \n";
|
|
print " $PROGNAME -H <HOSTNAME> [-C <community>] -p <bgppeer>\n";
|
|
print " $PROGNAME [-h | --help]\n";
|
|
print " $PROGNAME [-V | --version]\n";
|
|
}
|
|
|
|
sub seconds_to_string($) {
|
|
my $time = shift;
|
|
my $timestr = "";
|
|
if ($time > (365.24225*24*60*60)) {
|
|
my $years = floor($time / (365.24225*24*60*60));
|
|
$time -= $years*365.24225*24*60*60;
|
|
$timestr .= $years."y";
|
|
}
|
|
if ($time > (24*60*60)) {
|
|
my $days = floor($time / (24*60*60));
|
|
$time -= $days*24*60*60;
|
|
$timestr .= $days."d";
|
|
}
|
|
if ($time > (60*60)) {
|
|
my $hours = floor($time / (60*60));
|
|
$time -= $hours*60*60;
|
|
$timestr .= $hours."h";
|
|
}
|
|
if ($time > 60) {
|
|
my $minutes = floor($time / 60);
|
|
$time -= $minutes*60;
|
|
$timestr .= $minutes."m";
|
|
}
|
|
$timestr .= $time."s";
|
|
return $timestr;
|
|
}
|