pkg-monitoring-plugins/plugins/check_icmp.c
2006-01-20 18:48:40 +00:00

1200 lines
34 KiB
C

/*
* $Id: check_icmp.c,v 1.5 2005/02/01 07:33:13 stanleyhopcroft Exp $
*
* Author: Andreas Ericsson <ae@op5.se>
*
* License: GNU GPL 2.0 or any later version.
*
* Relevant RFC's: 792 (ICMP), 791 (IP)
*
* This program was modeled somewhat after the check_icmp program,
* which was in turn a hack of fping (www.fping.org) but has been
* completely rewritten since to generate higher precision rta values,
* and support several different modes as well as setting ttl to control.
* redundant routes. The only remainders of fping is currently a few
* function names.
*
*/
#include <sys/time.h>
#include <sys/types.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <unistd.h>
#include <stddef.h>
#include <errno.h>
#include <string.h>
#include <ctype.h>
#include <netdb.h>
#include <sys/socket.h>
#include <netinet/in_systm.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <arpa/inet.h>
#include <signal.h>
/** sometimes undefined system macros (quite a few, actually) **/
#ifndef MAXTTL
# define MAXTTL 255
#endif
#ifndef INADDR_NONE
# define INADDR_NONE 0xffffffU
#endif
#ifndef SOL_IP
#define SOL_IP 0
#endif
/* we bundle these in one #ifndef, since they're all from BSD
* Put individual #ifndef's around those that bother you */
#ifndef ICMP_UNREACH_NET_UNKNOWN
# define ICMP_UNREACH_NET_UNKNOWN 6
# define ICMP_UNREACH_HOST_UNKNOWN 7
# define ICMP_UNREACH_ISOLATED 8
# define ICMP_UNREACH_NET_PROHIB 9
# define ICMP_UNREACH_HOST_PROHIB 10
# define ICMP_UNREACH_TOSNET 11
# define ICMP_UNREACH_TOSHOST 12
#endif
/* tru64 has the ones above, but not these */
#ifndef ICMP_UNREACH_FILTER_PROHIB
# define ICMP_UNREACH_FILTER_PROHIB 13
# define ICMP_UNREACH_HOST_PRECEDENCE 14
# define ICMP_UNREACH_PRECEDENCE_CUTOFF 15
#endif
/** typedefs and such **/
enum states {
STATE_OK = 0,
STATE_WARNING,
STATE_CRITICAL,
STATE_UNKNOWN,
STATE_DEPENDENT,
STATE_OOB
};
typedef unsigned short range_t; /* type for get_range() -- unimplemented */
typedef struct rta_host {
unsigned short id; /* id in **table, and icmp pkts */
char *name; /* arg used for adding this host */
char *msg; /* icmp error message, if any */
struct sockaddr_in saddr_in; /* the address of this host */
struct in_addr error_addr; /* stores address of error replies */
unsigned long long time_waited; /* total time waited, in usecs */
unsigned int icmp_sent, icmp_recv, icmp_lost; /* counters */
unsigned char icmp_type, icmp_code; /* type and code from errors */
unsigned short flags; /* control/status flags */
double rta; /* measured RTA */
unsigned char pl; /* measured packet loss */
struct rta_host *next; /* linked list */
} rta_host;
#define FLAG_LOST_CAUSE 0x01 /* decidedly dead target. */
/* threshold structure. all values are maximum allowed, exclusive */
typedef struct threshold {
unsigned char pl; /* max allowed packet loss in percent */
unsigned int rta; /* roundtrip time average, microseconds */
} threshold;
/* the data structure */
typedef struct icmp_ping_data {
struct timeval stime; /* timestamp (saved in protocol struct as well) */
unsigned short ping_id;
} icmp_ping_data;
/* the different modes of this program are as follows:
* MODE_RTA: send all packets no matter what (mimic check_icmp and check_ping)
* MODE_HOSTCHECK: Return immediately upon any sign of life
* In addition, sends packets to ALL addresses assigned
* to this host (as returned by gethostbyname() or
* gethostbyaddr() and expects one host only to be checked at
* a time. Therefore, any packet response what so ever will
* count as a sign of life, even when received outside
* crit.rta limit. Do not misspell any additional IP's.
* MODE_ALL: Requires packets from ALL requested IP to return OK (default).
* MODE_ICMP: implement something similar to check_icmp (MODE_RTA without
* tcp and udp args does this)
*/
#define MODE_RTA 0
#define MODE_HOSTCHECK 1
#define MODE_ALL 2
#define MODE_ICMP 3
/* the different ping types we can do
* TODO: investigate ARP ping as well */
#define HAVE_ICMP 1
#define HAVE_UDP 2
#define HAVE_TCP 4
#define HAVE_ARP 8
#define MIN_PING_DATA_SIZE sizeof(struct icmp_ping_data)
#define MAX_IP_PKT_SIZE 65536 /* (theoretical) max IP packet size */
#define IP_HDR_SIZE 20
#define MAX_PING_DATA (MAX_IP_PKT_SIZE - IP_HDR_SIZE - ICMP_MINLEN)
#define DEFAULT_PING_DATA_SIZE (MIN_PING_DATA_SIZE + 44)
/* various target states */
#define TSTATE_INACTIVE 0x01 /* don't ping this host anymore */
#define TSTATE_WAITING 0x02 /* unanswered packets on the wire */
#define TSTATE_ALIVE 0x04 /* target is alive (has answered something) */
#define TSTATE_UNREACH 0x08
/** prototypes **/
static void usage(unsigned char, char *);
static u_int get_timevar(const char *);
static u_int get_timevaldiff(struct timeval *, struct timeval *);
static int wait_for_reply(int, u_int);
static int recvfrom_wto(int, char *, unsigned int, struct sockaddr *, u_int *);
static int send_icmp_ping(int, struct rta_host *);
static int get_threshold(char *str, threshold *th);
static void run_checks(void);
static int add_target(char *);
static int add_target_ip(char *, struct in_addr *);
static int handle_random_icmp(struct icmp *, struct sockaddr_in *);
static unsigned short icmp_checksum(unsigned short *, int);
static void finish(int);
static void crash(const char *, ...);
/** external **/
extern int optind, opterr, optopt;
extern char *optarg;
extern char **environ;
/** global variables **/
static char *progname;
static struct rta_host **table, *cursor, *list;
static threshold crit = {80, 500000}, warn = {40, 200000};
static int mode, protocols, sockets, debug = 0, timeout = 10;
static unsigned short icmp_pkt_size, icmp_data_size = DEFAULT_PING_DATA_SIZE;
static unsigned int icmp_sent = 0, icmp_recv = 0, icmp_lost = 0;
#define icmp_pkts_en_route (icmp_sent - (icmp_recv + icmp_lost))
static unsigned short targets_down = 0, targets = 0, packets = 0;
#define targets_alive (targets - targets_down)
static unsigned int retry_interval, pkt_interval, target_interval;
static int icmp_sock, tcp_sock, udp_sock, status = STATE_OK;
static pid_t pid;
static struct timezone tz;
static struct timeval prog_start;
static unsigned long long max_completion_time = 0;
static unsigned char ttl = 0; /* outgoing ttl */
static unsigned int warn_down = 1, crit_down = 1; /* host down threshold values */
float pkt_backoff_factor = 1.5;
float target_backoff_factor = 1.5;
/** code start **/
static void
crash(const char *fmt, ...)
{
va_list ap;
printf("%s: ", progname);
va_start(ap, fmt);
vprintf(fmt, ap);
va_end(ap);
if(errno) printf(": %s", strerror(errno));
puts("");
exit(3);
}
static char *
get_icmp_error_msg(unsigned char icmp_type, unsigned char icmp_code)
{
char *msg = "unreachable";
if(debug > 1) printf("get_icmp_error_msg(%u, %u)\n", icmp_type, icmp_code);
switch(icmp_type) {
case ICMP_UNREACH:
switch(icmp_code) {
case ICMP_UNREACH_NET: msg = "Net unreachable"; break;
case ICMP_UNREACH_HOST: msg = "Host unreachable"; break;
case ICMP_UNREACH_PROTOCOL: msg = "Protocol unreachable (firewall?)"; break;
case ICMP_UNREACH_PORT: msg = "Port unreachable (firewall?)"; break;
case ICMP_UNREACH_NEEDFRAG: msg = "Fragmentation needed"; break;
case ICMP_UNREACH_SRCFAIL: msg = "Source route failed"; break;
case ICMP_UNREACH_ISOLATED: msg = "Source host isolated"; break;
case ICMP_UNREACH_NET_UNKNOWN: msg = "Unknown network"; break;
case ICMP_UNREACH_HOST_UNKNOWN: msg = "Unknown host"; break;
case ICMP_UNREACH_NET_PROHIB: msg = "Network denied (firewall?)"; break;
case ICMP_UNREACH_HOST_PROHIB: msg = "Host denied (firewall?)"; break;
case ICMP_UNREACH_TOSNET: msg = "Bad TOS for network (firewall?)"; break;
case ICMP_UNREACH_TOSHOST: msg = "Bad TOS for host (firewall?)"; break;
case ICMP_UNREACH_FILTER_PROHIB: msg = "Prohibited by filter (firewall)"; break;
case ICMP_UNREACH_HOST_PRECEDENCE: msg = "Host precedence violation"; break;
case ICMP_UNREACH_PRECEDENCE_CUTOFF: msg = "Precedence cutoff"; break;
default: msg = "Invalid code"; break;
}
break;
case ICMP_TIMXCEED:
/* really 'out of reach', or non-existant host behind a router serving
* two different subnets */
switch(icmp_code) {
case ICMP_TIMXCEED_INTRANS: msg = "Time to live exceeded in transit"; break;
case ICMP_TIMXCEED_REASS: msg = "Fragment reassembly time exceeded"; break;
default: msg = "Invalid code"; break;
}
break;
case ICMP_SOURCEQUENCH: msg = "Transmitting too fast"; break;
case ICMP_REDIRECT: msg = "Redirect (change route)"; break;
case ICMP_PARAMPROB: msg = "Bad IP header (required option absent)"; break;
/* the following aren't error messages, so ignore */
case ICMP_TSTAMP:
case ICMP_TSTAMPREPLY:
case ICMP_IREQ:
case ICMP_IREQREPLY:
case ICMP_MASKREQ:
case ICMP_MASKREPLY:
default: msg = ""; break;
}
return msg;
}
static int
handle_random_icmp(struct icmp *p, struct sockaddr_in *addr)
{
struct icmp *sent_icmp = NULL;
struct rta_host *host = NULL;
unsigned char *ptr;
if(p->icmp_type == ICMP_ECHO && p->icmp_id == pid) {
/* echo request from us to us (pinging localhost) */
return 0;
}
ptr = (unsigned char *)p;
if(debug) printf("handle_random_icmp(%p, %p)\n", (void *)p, (void *)addr);
/* only handle a few types, since others can't possibly be replies to
* us in a sane network (if it is anyway, it will be counted as lost
* at summary time, but not as quickly as a proper response */
/* TIMXCEED can be an unreach from a router with multiple IP's which
* serves two different subnets on the same interface and a dead host
* on one net is pinged from the other. The router will respond to
* itself and thus set TTL=0 so as to not loop forever. Even when
* TIMXCEED actually sends a proper icmp response we will have passed
* too many hops to have a hope of reaching it later, in which case it
* indicates overconfidence in the network, poor routing or both. */
if(p->icmp_type != ICMP_UNREACH && p->icmp_type != ICMP_TIMXCEED &&
p->icmp_type != ICMP_SOURCEQUENCH && p->icmp_type != ICMP_PARAMPROB)
{
return 0;
}
/* might be for us. At least it holds the original package (according
* to RFC 792). If it isn't, just ignore it */
sent_icmp = (struct icmp *)(ptr + 28);
if(sent_icmp->icmp_type != ICMP_ECHO || sent_icmp->icmp_id != pid ||
sent_icmp->icmp_seq >= targets)
{
if(debug) printf("Packet is no response to a packet we sent\n");
return 0;
}
/* it is indeed a response for us */
host = table[sent_icmp->icmp_seq];
if(debug) {
printf("Received \"%s\" from %s for ICMP ECHO sent to %s.\n",
get_icmp_error_msg(p->icmp_type, p->icmp_code),
inet_ntoa(addr->sin_addr), host->name);
}
icmp_lost++;
host->icmp_lost++;
/* don't spend time on lost hosts any more */
if(host->flags & FLAG_LOST_CAUSE) return 0;
/* source quench means we're sending too fast, so increase the
* interval and mark this packet lost */
if(p->icmp_type == ICMP_SOURCEQUENCH) {
pkt_interval *= pkt_backoff_factor;
target_interval *= target_backoff_factor;
}
else {
targets_down++;
host->flags |= FLAG_LOST_CAUSE;
}
host->icmp_type = p->icmp_type;
host->icmp_code = p->icmp_code;
host->error_addr.s_addr = addr->sin_addr.s_addr;
return 0;
}
int
main(int argc, char **argv)
{
int i;
char *ptr;
long int arg;
int icmp_sockerrno, udp_sockerrno, tcp_sockerrno;
int result;
struct rta_host *host;
/* we only need to be setsuid when we get the sockets, so do
* that before pointer magic (esp. on network data) */
icmp_sockerrno = udp_sockerrno = tcp_sockerrno = sockets = 0;
if((icmp_sock = socket(PF_INET, SOCK_RAW, IPPROTO_ICMP)) != -1)
sockets |= HAVE_ICMP;
else icmp_sockerrno = errno;
/* if((udp_sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP)) != -1) */
/* sockets |= HAVE_UDP; */
/* else udp_sockerrno = errno; */
/* if((tcp_sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP)) != -1) */
/* sockets |= HAVE_TCP; */
/* else tcp_sockerrno = errno; */
/* now drop privileges (no effect if not setsuid or geteuid() == 0) */
setuid(getuid());
/* POSIXLY_CORRECT might break things, so unset it (the portable way) */
environ = NULL;
/* use the pid to mark packets as ours */
pid = getpid();
/* printf("pid = %u\n", pid); */
/* get calling name the old-fashioned way for portability instead
* of relying on the glibc-ism __progname */
ptr = strrchr(argv[0], '/');
if(ptr) progname = &ptr[1];
else progname = argv[0];
/* now set defaults. Use progname to set them initially (allows for
* superfast check_host program when target host is up */
cursor = list = NULL;
table = NULL;
mode = MODE_RTA;
crit.rta = 500000;
crit.pl = 80;
warn.rta = 200000;
warn.pl = 40;
protocols = HAVE_ICMP | HAVE_UDP | HAVE_TCP;
pkt_interval = 80000; /* 80 msec packet interval by default */
packets = 5;
if(!strcmp(progname, "check_icmp") || !strcmp(progname, "check_ping")) {
mode = MODE_ICMP;
protocols = HAVE_ICMP;
}
else if(!strcmp(progname, "check_host")) {
mode = MODE_HOSTCHECK;
pkt_interval = 1000000;
packets = 5;
crit.rta = warn.rta = 1000000;
crit.pl = warn.pl = 100;
}
else if(!strcmp(progname, "check_rta_multi")) {
mode = MODE_ALL;
target_interval = 0;
pkt_interval = 50000;
packets = 5;
}
/* parse the arguments */
for(i = 1; i < argc; i++) {
while((arg = getopt(argc, argv, "vhVw:c:n:p:t:H:i:b:I:l:")) != EOF) {
switch(arg) {
case 'v':
debug++;
break;
case 'b':
/* silently ignored for now */
break;
case 'i':
pkt_interval = get_timevar(optarg);
break;
case 'I':
target_interval = get_timevar(optarg);
break;
case 'w':
get_threshold(optarg, &warn);
break;
case 'c':
get_threshold(optarg, &crit);
break;
case 'n':
case 'p':
packets = strtoul(optarg, NULL, 0);
break;
case 't':
timeout = strtoul(optarg, NULL, 0);
if(!timeout) timeout = 10;
break;
case 'H':
add_target(optarg);
break;
case 'l':
ttl = (unsigned char)strtoul(optarg, NULL, 0);
break;
case 'd': /* implement later, for cluster checks */
warn_down = (unsigned char)strtoul(optarg, &ptr, 0);
if(ptr) {
crit_down = (unsigned char)strtoul(ptr + 1, NULL, 0);
}
break;
case 'h': case 'V': default:
usage(arg, NULL);
break;
}
}
}
argv = &argv[optind];
while(*argv) {
add_target(*argv);
argv++;
}
if(!targets) {
errno = 0;
crash("No hosts to check");
exit(3);
}
if(!sockets) {
if(icmp_sock == -1) {
errno = icmp_sockerrno;
crash("Failed to obtain ICMP socket");
return -1;
}
/* if(udp_sock == -1) { */
/* errno = icmp_sockerrno; */
/* crash("Failed to obtain UDP socket"); */
/* return -1; */
/* } */
/* if(tcp_sock == -1) { */
/* errno = icmp_sockerrno; */
/* crash("Failed to obtain TCP socker"); */
/* return -1; */
/* } */
}
if(!ttl) ttl = 64;
if(icmp_sock) {
result = setsockopt(icmp_sock, SOL_IP, IP_TTL, &ttl, sizeof(ttl));
if(debug) {
if(result == -1) printf("setsockopt failed\n");
else printf("ttl set to %u\n", ttl);
}
}
/* stupid users should be able to give whatever thresholds they want
* (nothing will break if they do), but some anal plugin maintainer
* will probably add some printf() thing here later, so it might be
* best to at least show them where to do it. ;) */
if(warn.pl > crit.pl) warn.pl = crit.pl;
if(warn.rta > crit.rta) warn.rta = crit.rta;
if(warn_down > crit_down) crit_down = warn_down;
signal(SIGINT, finish);
signal(SIGHUP, finish);
signal(SIGTERM, finish);
signal(SIGALRM, finish);
if(debug) printf("Setting alarm timeout to %u seconds\n", timeout);
alarm(timeout);
/* make sure we don't wait any longer than necessary */
gettimeofday(&prog_start, &tz);
max_completion_time =
((targets * packets * pkt_interval) + (targets * target_interval)) +
(targets * packets * crit.rta) + crit.rta;
if(debug) {
printf("packets: %u, targets: %u\n"
"target_interval: %0.3f, pkt_interval %0.3f\n"
"crit.rta: %0.3f\n"
"max_completion_time: %0.3f\n",
packets, targets,
(float)target_interval / 1000, (float)pkt_interval / 1000,
(float)crit.rta / 1000,
(float)max_completion_time / 1000);
}
if(debug) {
if(max_completion_time > (u_int)timeout * 1000000) {
printf("max_completion_time: %llu timeout: %u\n",
max_completion_time, timeout);
printf("Timout must be at lest %llu\n",
max_completion_time / 1000000 + 1);
}
}
icmp_pkt_size = icmp_data_size + ICMP_MINLEN;
if(debug > 2) printf("icmp_pkt_size = %u\n", icmp_pkt_size);
if(icmp_pkt_size < sizeof(struct icmp) + sizeof(struct icmp_ping_data)) {
icmp_pkt_size = sizeof(struct icmp) + sizeof(struct icmp_ping_data);
}
if(debug > 2) printf("icmp_pkt_size = %u\n", icmp_pkt_size);
if(debug) {
printf("crit = {%u, %u%%}, warn = {%u, %u%%}\n",
crit.rta, crit.pl, warn.rta, warn.pl);
printf("pkt_interval: %u target_interval: %u retry_interval: %u\n",
pkt_interval, target_interval, retry_interval);
printf("icmp_pkt_size: %u timeout: %u\n",
icmp_pkt_size, timeout);
}
if(packets > 20) {
errno = 0;
crash("packets is > 20 (%d)", packets);
}
host = list;
table = malloc(sizeof(struct rta_host **) * (argc - 1));
i = 0;
while(host) {
host->id = i;
table[i] = host;
host = host->next;
i++;
}
run_checks();
errno = 0;
finish(0);
return(0);
}
static void
run_checks()
{
u_int i, t, result;
u_int final_wait, time_passed;
/* this loop might actually violate the pkt_interval or target_interval
* settings, but only if there aren't any packets on the wire which
* indicates that the target can handle an increased packet rate */
for(i = 0; i < packets; i++) {
for(t = 0; t < targets; t++) {
/* don't send useless packets */
if(!targets_alive) finish(0);
if(table[t]->flags & FLAG_LOST_CAUSE) {
if(debug) printf("%s is a lost cause. not sending any more\n",
table[t]->name);
continue;
}
/* we're still in the game, so send next packet */
(void)send_icmp_ping(icmp_sock, table[t]);
result = wait_for_reply(icmp_sock, target_interval);
}
result = wait_for_reply(icmp_sock, pkt_interval * targets);
}
if(icmp_pkts_en_route && targets_alive) {
time_passed = get_timevaldiff(NULL, NULL);
final_wait = max_completion_time - time_passed;
if(debug) {
printf("time_passed: %u final_wait: %u max_completion_time: %llu\n",
time_passed, final_wait, max_completion_time);
}
if(time_passed > max_completion_time) {
if(debug) printf("Time passed. Finishing up\n");
finish(0);
}
/* catch the packets that might come in within the timeframe, but
* haven't yet */
if(debug) printf("Waiting for %u micro-seconds (%0.3f msecs)\n",
final_wait, (float)final_wait / 1000);
result = wait_for_reply(icmp_sock, final_wait);
}
}
/* response structure:
* ip header : 20 bytes
* icmp header : 28 bytes
* icmp echo reply : the rest
*/
static int
wait_for_reply(int sock, u_int t)
{
int n, hlen;
static char buf[4096];
struct sockaddr_in resp_addr;
struct ip *ip;
struct icmp *icp, *sent_icmp;
struct rta_host *host;
struct icmp_ping_data *data;
struct timeval wait_start, now;
u_int tdiff, i, per_pkt_wait;
/* if we can't listen or don't have anything to listen to, just return */
if(!t || !icmp_pkts_en_route) return 0;
gettimeofday(&wait_start, &tz);
i = t;
per_pkt_wait = t / icmp_pkts_en_route;
while(icmp_pkts_en_route && get_timevaldiff(&wait_start, NULL) < i) {
t = per_pkt_wait;
/* wrap up if all targets are declared dead */
if(!targets_alive ||
get_timevaldiff(&prog_start, NULL) >= max_completion_time ||
(mode == MODE_HOSTCHECK && targets_down))
{
finish(0);
}
/* reap responses until we hit a timeout */
n = recvfrom_wto(sock, buf, sizeof(buf),
(struct sockaddr *)&resp_addr, &t);
if(!n) {
if(debug > 1) {
printf("recvfrom_wto() timed out during a %u usecs wait\n",
per_pkt_wait);
}
continue; /* timeout for this one, so keep trying */
}
if(n < 0) {
if(debug) printf("recvfrom_wto() returned errors\n");
return n;
}
ip = (struct ip *)buf;
if(debug > 1) printf("received %u bytes from %s\n",
ntohs(ip->ip_len), inet_ntoa(resp_addr.sin_addr));
/* obsolete. alpha on tru64 provides the necessary defines, but isn't broken */
/* #if defined( __alpha__ ) && __STDC__ && !defined( __GLIBC__ ) */
/* alpha headers are decidedly broken. Using an ansi compiler,
* they provide ip_vhl instead of ip_hl and ip_v, so we mask
* off the bottom 4 bits */
/* hlen = (ip->ip_vhl & 0x0f) << 2; */
/* #else */
hlen = ip->ip_hl << 2;
/* #endif */
if(n < (hlen + ICMP_MINLEN)) {
crash("received packet too short for ICMP (%d bytes, expected %d) from %s\n",
n, hlen + icmp_pkt_size, inet_ntoa(resp_addr.sin_addr));
}
/* else if(debug) { */
/* printf("ip header size: %u, packet size: %u (expected %u, %u)\n", */
/* hlen, ntohs(ip->ip_len) - hlen, */
/* sizeof(struct ip), icmp_pkt_size); */
/* } */
/* check the response */
icp = (struct icmp *)(buf + hlen);
sent_icmp = (struct icmp *)(buf + hlen + ICMP_MINLEN);
/* printf("buf: %p, icp: %p, distance: %u (expected %u)\n", */
/* buf, icp, */
/* (u_int)icp - (u_int)buf, hlen); */
/* printf("buf: %p, sent_icmp: %p, distance: %u (expected %u)\n", */
/* buf, sent_icmp, */
/* (u_int)sent_icmp - (u_int)buf, hlen + ICMP_MINLEN); */
if(icp->icmp_id != pid) {
handle_random_icmp(icp, &resp_addr);
continue;
}
if(icp->icmp_type != ICMP_ECHOREPLY || icp->icmp_seq >= targets) {
if(debug > 2) printf("not a proper ICMP_ECHOREPLY\n");
handle_random_icmp(icp, &resp_addr);
continue;
}
/* this is indeed a valid response */
data = (struct icmp_ping_data *)(icp->icmp_data);
host = table[icp->icmp_seq];
gettimeofday(&now, &tz);
tdiff = get_timevaldiff(&data->stime, &now);
host->time_waited += tdiff;
host->icmp_recv++;
icmp_recv++;
if(debug) {
printf("%0.3f ms rtt from %s, outgoing ttl: %u, incoming ttl: %u\n",
(float)tdiff / 1000, inet_ntoa(resp_addr.sin_addr),
ttl, ip->ip_ttl);
}
/* if we're in hostcheck mode, exit with limited printouts */
if(mode == MODE_HOSTCHECK) {
printf("OK - %s responds to ICMP. Packet %u, rta %0.3fms|"
"pkt=%u;;0;%u rta=%0.3f;%0.3f;%0.3f;;\n",
host->name, icmp_recv, (float)tdiff / 1000,
icmp_recv, packets, (float)tdiff / 1000,
(float)warn.rta / 1000, (float)crit.rta / 1000);
exit(STATE_OK);
}
}
return 0;
}
/* the ping functions */
static int
send_icmp_ping(int sock, struct rta_host *host)
{
static char *buf = NULL; /* re-use so we prevent leaks */
long int len;
struct icmp *icp;
struct icmp_ping_data *data;
struct timeval tv;
struct sockaddr *addr;
if(sock == -1) {
errno = 0;
crash("Attempt to send on bogus socket");
return -1;
}
addr = (struct sockaddr *)&host->saddr_in;
if(!buf) {
buf = (char *)malloc(icmp_pkt_size + sizeof(struct ip));
if(!buf) {
crash("send_icmp_ping(): failed to malloc %d bytes for send buffer",
icmp_pkt_size);
return -1; /* might be reached if we're in debug mode */
}
}
memset(buf, 0, icmp_pkt_size + sizeof(struct ip));
if((gettimeofday(&tv, &tz)) == -1) return -1;
icp = (struct icmp *)buf;
icp->icmp_type = ICMP_ECHO;
icp->icmp_code = 0;
icp->icmp_cksum = 0;
icp->icmp_id = pid;
icp->icmp_seq = host->id;
data = (struct icmp_ping_data *)icp->icmp_data;
data->ping_id = 10; /* host->icmp.icmp_sent; */
memcpy(&data->stime, &tv, sizeof(struct timeval));
icp->icmp_cksum = icmp_checksum((u_short *)icp, icmp_pkt_size);
len = sendto(sock, buf, icmp_pkt_size, 0, (struct sockaddr *)addr,
sizeof(struct sockaddr));
if(len < 0 || (unsigned int)len != icmp_pkt_size) {
if(debug) printf("Failed to send ping to %s\n",
inet_ntoa(host->saddr_in.sin_addr));
return -1;
}
icmp_sent++;
host->icmp_sent++;
return 0;
}
static int
recvfrom_wto(int sock, char *buf, unsigned int len, struct sockaddr *saddr,
u_int *timo)
{
u_int slen;
int n;
struct timeval to, then, now;
fd_set rd, wr;
if(!*timo) {
if(debug) printf("*timo is not\n");
return 0;
}
to.tv_sec = *timo / 1000000;
to.tv_usec = (*timo - (to.tv_sec * 1000000));
FD_ZERO(&rd);
FD_ZERO(&wr);
FD_SET(sock, &rd);
errno = 0;
gettimeofday(&then, &tz);
n = select(sock + 1, &rd, &wr, NULL, &to);
if(n < 0) crash("select() in recvfrom_wto");
gettimeofday(&now, &tz);
*timo = get_timevaldiff(&then, &now);
if(!n) return 0; /* timeout */
slen = sizeof(struct sockaddr);
return recvfrom(sock, buf, len, 0, saddr, &slen);
}
static void
finish(int sig)
{
u_int i = 0;
unsigned char pl;
double rta;
struct rta_host *host;
char *status_string[] =
{"OK", "WARNING", "CRITICAL", "UNKNOWN", "DEPENDENT"};
alarm(0);
if(debug > 1) printf("finish(%d) called\n", sig);
if(icmp_sock != -1) close(icmp_sock);
if(udp_sock != -1) close(udp_sock);
if(tcp_sock != -1) close(tcp_sock);
if(debug) {
printf("icmp_sent: %u icmp_recv: %u icmp_lost: %u\n",
icmp_sent, icmp_recv, icmp_lost);
printf("targets: %u targets_alive: %u\n", targets, targets_alive);
}
/* iterate thrice to calculate values, give output, and print perfparse */
host = list;
while(host) {
if(!host->icmp_recv) {
/* rta 0 is ofcourse not entirely correct, but will still show up
* conspicuosly as missing entries in perfparse and cacti */
pl = 100;
rta = 0;
status = STATE_CRITICAL;
/* up the down counter if not already counted */
if(!(host->flags & FLAG_LOST_CAUSE) && targets_alive) targets_down++;
}
else {
pl = ((host->icmp_sent - host->icmp_recv) * 100) / host->icmp_sent;
rta = (double)host->time_waited / host->icmp_recv;
}
host->pl = pl;
host->rta = rta;
if(!status && (pl >= warn.pl || rta >= warn.rta)) status = STATE_WARNING;
if(pl >= crit.pl || rta >= crit.rta) status = STATE_CRITICAL;
host = host->next;
}
/* this is inevitable */
if(!targets_alive) status = STATE_CRITICAL;
printf("%s - ", status_string[status]);
host = list;
while(host) {
if(debug) puts("");
if(i) {
if(i < targets) printf(" :: ");
else printf("\n");
}
i++;
if(!host->icmp_recv) {
status = STATE_CRITICAL;
if(host->flags & FLAG_LOST_CAUSE) {
printf("%s: %s @ %s. rta nan, lost %d%%",
host->name,
get_icmp_error_msg(host->icmp_type, host->icmp_code),
inet_ntoa(host->error_addr),
100);
}
else { /* not marked as lost cause, so we have no flags for it */
printf("%s: rta nan, lost 100%%", host->name);
}
}
else { /* !icmp_recv */
printf("%s: rta %0.3fms, lost %u%%",
host->name, host->rta / 1000, host->pl);
}
host = host->next;
}
/* iterate once more for pretty perfparse output */
printf("|");
i = 0;
host = list;
while(host) {
if(debug) puts("");
printf("%srta=%0.3fms;%0.3f;%0.3f;0; %spl=%u%%;%u;%u;; ",
(targets > 1) ? host->name : "",
host->rta / 1000, (float)warn.rta / 1000, (float)crit.rta / 1000,
(targets > 1) ? host->name : "",
host->pl, warn.pl, crit.pl);
host = host->next;
}
/* finish with an empty line */
puts("");
if(debug) printf("targets: %u, targets_alive: %u\n",
targets, targets_alive);
exit(status);
}
static u_int
get_timevaldiff(struct timeval *early, struct timeval *later)
{
u_int ret;
struct timeval now;
if(!later) {
gettimeofday(&now, &tz);
later = &now;
}
if(!early) early = &prog_start;
/* if early > later we return 0 so as to indicate a timeout */
if(early->tv_sec > early->tv_sec ||
(early->tv_sec == later->tv_sec && early->tv_usec > later->tv_usec))
{
return 0;
}
ret = (later->tv_sec - early->tv_sec) * 1000000;
ret += later->tv_usec - early->tv_usec;
return ret;
}
static int
add_target_ip(char *arg, struct in_addr *in)
{
struct rta_host *host;
/* disregard obviously stupid addresses */
if(in->s_addr == INADDR_NONE || in->s_addr == INADDR_ANY)
return -1;
/* no point in adding two identical IP's, so don't. ;) */
host = list;
while(host) {
if(host->saddr_in.sin_addr.s_addr == in->s_addr) {
if(debug) printf("Identical IP already exists. Not adding %s\n", arg);
return -1;
}
host = host->next;
}
/* add the fresh ip */
host = malloc(sizeof(struct rta_host));
if(!host) {
crash("add_target_ip(%s, %s): malloc(%d) failed",
arg, inet_ntoa(*in), sizeof(struct rta_host));
}
memset(host, 0, sizeof(struct rta_host));
/* set the values. use calling name for output */
host->name = strdup(arg);
/* fill out the sockaddr_in struct */
host->saddr_in.sin_family = AF_INET;
host->saddr_in.sin_addr.s_addr = in->s_addr;
if(!list) list = cursor = host;
else cursor->next = host;
cursor = host;
targets++;
return 0;
}
/* wrapper for add_target_ip */
static int
add_target(char *arg)
{
int i;
struct hostent *he;
struct in_addr *in, ip;
/* don't resolve if we don't have to */
if((ip.s_addr = inet_addr(arg)) != INADDR_NONE) {
/* don't add all ip's if we were given a specific one */
return add_target_ip(arg, &ip);
/* he = gethostbyaddr((char *)in, sizeof(struct in_addr), AF_INET); */
/* if(!he) return add_target_ip(arg, in); */
}
else {
errno = 0;
he = gethostbyname(arg);
if(!he) {
errno = 0;
crash("Failed to resolve %s", arg);
return -1;
}
}
/* possibly add all the IP's as targets */
for(i = 0; he->h_addr_list[i]; i++) {
in = (struct in_addr *)he->h_addr_list[i];
add_target_ip(arg, in);
/* this is silly, but it works */
if(mode == MODE_HOSTCHECK || mode == MODE_ALL) {
printf("mode: %d\n", mode);
continue;
}
break;
}
return 0;
}
/*
* u = micro
* m = milli
* s = seconds
* return value is in microseconds
*/
static u_int
get_timevar(const char *str)
{
char p, u, *ptr;
unsigned int len;
u_int i, d; /* integer and decimal, respectively */
u_int factor = 1000; /* default to milliseconds */
if(!str) return 0;
len = strlen(str);
if(!len) return 0;
/* unit might be given as ms|m (millisec),
* us|u (microsec) or just plain s, for seconds */
u = p = '\0';
u = str[len - 1];
if(len >= 2 && !isdigit((int)str[len - 2])) p = str[len - 2];
if(p && u == 's') u = p;
else if(!p) p = u;
if(debug > 2) printf("evaluating %s, u: %c, p: %c\n", str, u, p);
if(u == 'u') factor = 1; /* microseconds */
else if(u == 'm') factor = 1000; /* milliseconds */
else if(u == 's') factor = 1000000; /* seconds */
if(debug > 2) printf("factor is %u\n", factor);
i = strtoul(str, &ptr, 0);
if(!ptr || *ptr != '.' || strlen(ptr) < 2 || factor == 1)
return i * factor;
/* time specified in usecs can't have decimal points, so ignore them */
if(factor == 1) return i;
d = strtoul(ptr + 1, NULL, 0);
/* d is decimal, so get rid of excess digits */
while(d >= factor) d /= 10;
/* the last parenthesis avoids floating point exceptions. */
return ((i * factor) + (d * (factor / 10)));
}
/* not too good at checking errors, but it'll do (main() should barfe on -1) */
static int
get_threshold(char *str, threshold *th)
{
char *p = NULL, i = 0;
if(!str || !strlen(str) || !th) return -1;
/* pointer magic slims code by 10 lines. i is bof-stop on stupid libc's */
p = &str[strlen(str) - 1];
while(p != &str[1]) {
if(*p == '%') *p = '\0';
else if(*p == ',' && i) {
*p = '\0'; /* reset it so get_timevar(str) works nicely later */
th->pl = (unsigned char)strtoul(p+1, NULL, 0);
break;
}
i = 1;
p--;
}
th->rta = get_timevar(str);
if(!th->rta) return -1;
if(th->rta > MAXTTL * 1000000) th->rta = MAXTTL * 1000000;
if(th->pl > 100) th->pl = 100;
return 0;
}
unsigned short
icmp_checksum(unsigned short *p, int n)
{
register unsigned short cksum;
register long sum = 0;
while(n > 1) {
sum += *p++;
n -= 2;
}
/* mop up the occasional odd byte */
if(n == 1) sum += (unsigned char)*p;
sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
sum += (sum >> 16); /* add carry */
cksum = ~sum; /* ones-complement, trunc to 16 bits */
return cksum;
}
/* make core plugin developers happy (silly, really) */
static void
usage(unsigned char arg, char *msg)
{
if(msg) printf("%s: %s\n", progname, msg);
if(arg == 'V') {
printf("$Id: check_icmp.c,v 1.5 2005/02/01 07:33:13 stanleyhopcroft Exp $\n");
exit(STATE_UNKNOWN);
}
printf("Usage: %s [options] [-H] host1 host2 hostn\n\n", progname);
if(arg != 'h') exit(3);
printf("Where options are any combination of:\n"
" * -H | --host specify a target\n"
" * -w | --warn warning threshold (currently %0.3fms,%u%%)\n"
" * -c | --crit critical threshold (currently %0.3fms,%u%%)\n"
" * -n | --packets number of packets to send (currently %u)\n"
" * -i | --interval max packet interval (currently %0.3fms)\n"
" * -I | --hostint max target interval (currently %0.3fms)\n"
" * -l | --ttl TTL on outgoing packets (currently %u)\n"
" * -t | --timeout timeout value (seconds, currently %u)\n"
" * -b | --bytes icmp packet size (currenly ignored)\n"
" -v | --verbose verbosity++\n"
" -h | --help this cruft\n",
(float)warn.rta / 1000, warn.pl, (float)crit.rta / 1000, crit.pl,
packets,
(float)pkt_interval / 1000, (float)target_interval / 1000,
ttl, timeout);
puts("\nThe -H switch is optional. Naming a host (or several) to check is not.\n\n"
"Threshold format for -w and -c is 200.25,60% for 200.25 msec RTA and 60%\n"
"packet loss. The default values should work well for most users.\n"
"You can specify different RTA factors using the standardized abbreviations\n"
"us (microseconds), ms (milliseconds, default) or just plain s for seconds.\n\n"
"Threshold format for -d is warn,crit. 12,14 means WARNING if >= 12 hops\n"
"are spent and CRITICAL if >= 14 hops are spent.\n"
"NOTE: Some systems decrease TTL when forming ICMP_ECHOREPLY, others do not.\n\n"
"The -v switch can be specified several times for increased verbosity.\n\n"
"Long options are currently unsupported.\n\n"
"Options marked with * require an argument\n");
puts("The latest version of this plugin can be found at http://oss.op5.se/nagios\n"
"or https://devel.op5.se/oss until the day it is included in the official\n"
"plugin distribution.\n");
exit(3);
}