2013-11-26 22:53:19 +00:00
|
|
|
#!/usr/bin/perl
|
|
|
|
|
|
|
|
use strict;
|
|
|
|
use Getopt::Long;
|
|
|
|
use vars qw($opt_V $opt_h $opt_P $opt_H $opt_w $opt_c $PROGNAME);
|
|
|
|
use lib "/usr/local/nagios/libexec" ;
|
|
|
|
use utils qw(%ERRORS &print_revision &support &usage);
|
|
|
|
|
|
|
|
my $remote_user = "root";
|
|
|
|
my $path_to_ssh = "/usr/bin/ssh";
|
|
|
|
my $path_to_grep = "/usr/bin/grep";
|
|
|
|
my $path_to_awk = "/usr/bin/awk";
|
|
|
|
my $warn = 50000;
|
|
|
|
my $crit = 60000;
|
|
|
|
|
|
|
|
$PROGNAME = "check_pfstate";
|
|
|
|
$ENV{'PATH'}='';
|
|
|
|
$ENV{'BASH_ENV'}='';
|
|
|
|
$ENV{'ENV'}='';
|
|
|
|
|
|
|
|
Getopt::Long::Configure('bundling');
|
|
|
|
GetOptions
|
|
|
|
("V" => \$opt_V, "version" => \$opt_V,
|
|
|
|
"h" => \$opt_h, "help" => \$opt_h,
|
|
|
|
"H=s" => \$opt_H, "hostname=s" => \$opt_H,
|
|
|
|
"w=s" => \$opt_w, "warning=s" => \$opt_w,
|
|
|
|
"c=s" => \$opt_c, "critical=s" => \$opt_c);
|
|
|
|
|
|
|
|
if ($opt_V) {
|
2013-11-26 22:54:42 +00:00
|
|
|
print_revision($PROGNAME,'$Revision: 1112 $');
|
2013-11-26 22:53:19 +00:00
|
|
|
exit $ERRORS{'OK'};
|
|
|
|
}
|
|
|
|
if ($opt_h) {
|
|
|
|
print_help();
|
|
|
|
exit $ERRORS{'OK'};
|
|
|
|
}
|
|
|
|
if ($opt_w) {
|
|
|
|
if ($opt_w =~ /(\d+)/) {
|
|
|
|
$warn = $1;
|
|
|
|
} else {
|
|
|
|
usage("Invalid values: $opt_w\n");
|
|
|
|
exit $ERRORS{'OK'};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if ($opt_c) {
|
|
|
|
if ($opt_c =~ /(\d+)/) {
|
|
|
|
$crit = $1;
|
|
|
|
} else {
|
|
|
|
usage("Invalid values: $opt_c\n");
|
|
|
|
exit $ERRORS{'OK'};
|
|
|
|
}
|
|
|
|
}
|
|
|
|
($opt_H) || usage("Host name/address not specified\n");
|
|
|
|
my $host = $1 if ($opt_H =~ /([-.A-Za-z0-9]+)/);
|
|
|
|
($host) || usage("Invalid host: $opt_H\n");
|
|
|
|
|
|
|
|
my $result = `$path_to_ssh -l $remote_user $host '/sbin/pfctl -s info' | $path_to_grep entries`;
|
|
|
|
chomp $result;
|
|
|
|
$result =~ /(\d+)/;
|
|
|
|
$result = $1;
|
|
|
|
|
|
|
|
print "$result PF state entries\n";
|
|
|
|
|
|
|
|
exit $ERRORS{'CRITICAL'} if ($result >= $crit);
|
|
|
|
exit $ERRORS{'WARNING'} if ($result >= $warn);
|
|
|
|
exit $ERRORS{'OK'};
|
|
|
|
|
|
|
|
|
|
|
|
sub print_help {
|
2013-11-26 22:54:42 +00:00
|
|
|
print_revision($PROGNAME,'$Revision: 1112 $');
|
2013-11-26 22:53:19 +00:00
|
|
|
print "Copyright (c) 2002 Jason Dixon\n\nThis plugin checks the number of state table entries on a PF-enabled OpenBSD system.\n\n";
|
|
|
|
print "Usage:\t-H, --hostname=<HOST> [-w, --warning=<WARNING>] [-c, --critical=<CRITICAL>]\n\n\tDefault warning is 50000 and critical is 60000.\n\n";
|
|
|
|
support();
|
|
|
|
}
|
|
|
|
|