diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index 6121af025edbf6315d70b2ade03dcb347c780c43..9ab001f7eea61cdcf8ef5a61e2012f5d374210b2 100644 (file)
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
/******************************************************************************
- *
- * CHECK_DNS.C
- *
- * Program: DNS plugin for Nagios
- * License: GPL
- * Copyright (c) 1999 Ethan Galstad (nagios@nagios.org)
- *
- * Last Modified: $Date$
- *
- * Notes:
- * - Safe popen added by Karl DeBisschop 9-11-99
- * - expected-address parameter added by Alex Chaffee - 7 Oct 2002
- *
- * Command line: (see print_usage)
- *
- * Description:
- *
- * This program will use the nslookup program to obtain the IP address
- * for a given host name. A optional DNS server may be specified. If
- * no DNS server is specified, the default server(s) for the system
- * are used.
- *
- * Return Values:
- * OK The DNS query was successful (host IP address was returned).
- * WARNING The DNS server responded, but could not fulfill the request.
- * CRITICAL The DNS server is not responding or encountered an error.
- *
- * License Information:
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- *
- *****************************************************************************/
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+ LIMITATION: nslookup on Solaris 7 can return output over 2 lines, which will not
+ be picked up by this plugin
+
+ $Id$
+
+******************************************************************************/
#include "common.h"
#include "popen.h"
const char *progname = "check_dns";
const char *revision = "$Revision$";
-const char *copyright = "2000-2003";
+const char *copyright = "2000-2004";
const char *email = "nagiosplug-devel@lists.sourceforge.net";
-void
-print_usage (void)
-{
- printf (_("\
-Usage: %s -H host [-s server] [-a expected-address] [-t timeout]\n\
- %s --help\n\
- %s --version\n"),
- progname, progname, progname);
-}
-
-void
-print_help (void)
-{
- print_revision (progname, revision);
-
- printf (_(COPYRIGHT), copyright, email);
-
- print_usage ();
-
- printf (_(HELP_VRSN));
-
- printf (_("\
--H, --hostname=HOST\n\
- The name or address you want to query\n\
--s, --server=HOST\n\
- Optional DNS server you want to use for the lookup\n\
--a, --expected-address=IP-ADDRESS\n\
- Optional IP address you expect the DNS server to return\n"));
-
- printf (_(TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
-
- printf (_("\n\
-This plugin uses the nslookup program to obtain the IP address\n\
-for the given host/domain query. A optional DNS server to use may\n\
-be specified. If no DNS server is specified, the default server(s)\n\
-specified in /etc/resolv.conf will be used.\n"));
-}
-
int process_arguments (int, char **);
int validate_arguments (void);
int error_scan (char *);
+void print_help (void);
+void print_usage (void);
#define ADDRESS_LENGTH 256
char query_address[ADDRESS_LENGTH] = "";
int verbose = FALSE;
char expected_address[ADDRESS_LENGTH] = "";
int match_expected_address = FALSE;
+int expect_authority = FALSE;
int
main (int argc, char **argv)
char *output = NULL;
char *address = NULL;
char *temp_buffer = NULL;
+ int non_authoritative = FALSE;
int result = STATE_UNKNOWN;
double elapsed_time;
+ long microsec;
struct timeval tv;
int multi_address;
+ int parse_address = FALSE; /* This flag scans for Address: but only after Name: */
+
+ setlocale (LC_ALL, "");
+ bindtextdomain (PACKAGE, LOCALEDIR);
+ textdomain (PACKAGE);
/* Set signal handling and alarm */
if (signal (SIGALRM, popen_timeout_alarm_handler) == SIG_ERR) {
}
if (process_arguments (argc, argv) != OK) {
- print_usage ();
+ usage (_("check_dns: could not parse arguments\n"));
return STATE_UNKNOWN;
}
/* get the command to run */
- asprintf (&command_line, "%s %s %s", NSLOOKUP_COMMAND, query_address, dns_server);
+ asprintf (&command_line, "%s %s %s", NSLOOKUP_COMMAND, query_address, dns_server);
alarm (timeout_interval);
gettimeofday (&tv, NULL);
if (verbose)
printf ("%s\n", command_line);
+
/* run the command */
child_process = spopen (command_line);
if (child_process == NULL) {
while (fgets (input_buffer, MAX_INPUT_BUFFER - 1, child_process)) {
if (verbose)
- printf ("%s\n", input_buffer);
+ printf ("%s", input_buffer);
if (strstr (input_buffer, ".in-addr.arpa")) {
if ((temp_buffer = strstr (input_buffer, "name = ")))
- address = strscpy (address, temp_buffer + 7);
+ address = strdup (temp_buffer + 7);
else {
- output = strscpy (output, _("Unknown error (plugin)"));
+ output = strdup (_("Warning plugin error"));
result = STATE_WARNING;
}
}
/* the server is responding, we just got the host name... */
- if (strstr (input_buffer, "Name:")) {
-
- /* get the host address */
- if (!fgets (input_buffer, MAX_INPUT_BUFFER - 1, child_process))
- break;
-
- if (verbose)
- printf ("%s\n", input_buffer);
+ if (strstr (input_buffer, "Name:"))
+ parse_address = TRUE;
+ else if (parse_address == TRUE && (strstr (input_buffer, "Address:") ||
+ strstr (input_buffer, "Addresses:"))) {
+ temp_buffer = index (input_buffer, ':');
+ temp_buffer++;
+
+ /* Strip leading spaces */
+ for (; *temp_buffer != '\0' && *temp_buffer == ' '; temp_buffer++)
+ /* NOOP */;
+
+ strip(temp_buffer);
+ if (temp_buffer==NULL || strlen(temp_buffer)==0) {
+ die (STATE_CRITICAL,
+ _("DNS CRITICAL - '%s' returned empty host name string\n"),
+ NSLOOKUP_COMMAND);
+ }
- if ((temp_buffer = index (input_buffer, ':'))) {
- temp_buffer++;
- /* Strip leading spaces */
- for (; *temp_buffer != '\0' && *temp_buffer == ' '; temp_buffer++)
- /* NOOP */;
+ if (address == NULL)
address = strdup (temp_buffer);
- strip (address);
- if (address==NULL || strlen(address)==0)
- terminate (STATE_CRITICAL,
- _("DNS CRITICAL - '%s' returned empty host name string\n"),
- NSLOOKUP_COMMAND);
- result = STATE_OK;
- }
- else {
- output = strdup (_("Unknown error (plugin)"));
- result = STATE_WARNING;
- }
+ else
+ asprintf(&address, "%s,%s", address, temp_buffer);
+ }
- break;
+ else if (strstr (input_buffer, "Non-authoritative answer:")) {
+ non_authoritative = TRUE;
}
result = error_scan (input_buffer);
if (result != STATE_OK) {
- output = strscpy (output, 1 + index (input_buffer, ':'));
+ output = strdup (1 + index (input_buffer, ':'));
strip (output);
break;
}
while (fgets (input_buffer, MAX_INPUT_BUFFER - 1, child_stderr)) {
if (error_scan (input_buffer) != STATE_OK) {
result = max_state (result, error_scan (input_buffer));
- output = strscpy (output, 1 + index (input_buffer, ':'));
+ output = strdup (1 + index (input_buffer, ':'));
strip (output);
}
}
if (spclose (child_process)) {
result = max_state (result, STATE_WARNING);
if (!strcmp (output, ""))
- output = strscpy (output, _("nslookup returned error status"));
+ output = strdup (_("nslookup returned error status"));
}
/* If we got here, we should have an address string,
and we can segfault if we do not */
if (address==NULL || strlen(address)==0)
- terminate (STATE_CRITICAL,
- _("DNS CRITICAL - '%s' output parsing exited with no address\n"),
- NSLOOKUP_COMMAND);
+ die (STATE_CRITICAL,
+ _("DNS CRITICAL - '%s' output parsing exited with no address\n"),
+ NSLOOKUP_COMMAND);
/* compare to expected address */
if (result == STATE_OK && match_expected_address && strcmp(address, expected_address)) {
result = STATE_CRITICAL;
asprintf(&output, _("expected %s but got %s"), expected_address, address);
}
-
- elapsed_time = delta_time (tv);
+
+ /* check if authoritative */
+ if (result == STATE_OK && expect_authority && non_authoritative) {
+ result = STATE_CRITICAL;
+ asprintf(&output, _("server %s is not authoritative for %s"), dns_server, query_address);
+ }
+
+ microsec = deltime (tv);
+ elapsed_time = (double)microsec / 1.0e6;
if (result == STATE_OK) {
if (strchr (address, ',') == NULL)
else
multi_address = TRUE;
- printf (_("DNS ok - %.3f seconds response time, address%s %s|time=%.3f\n"),
- elapsed_time, (multi_address==TRUE ? "es are" : " is"), address, elapsed_time);
+ printf ("DNS %s: ", _("OK"));
+ printf (ngettext("%.3f second response time, ", "%.3f seconds response time, ", elapsed_time), elapsed_time);
+ printf (_("%s returns %s"), query_address, address);
+ printf ("|%s\n", fperfdata ("time", elapsed_time, "s", FALSE, 0, FALSE, 0, TRUE, 0, FALSE, 0));
}
else if (result == STATE_WARNING)
printf (_("DNS WARNING - %s\n"),
- !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
+ !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
else if (result == STATE_CRITICAL)
printf (_("DNS CRITICAL - %s\n"),
- !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
+ !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
else
- printf (_("DNS problem - %s\n"),
- !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
+ printf (_("DNS UNKNOW - %s\n"),
+ !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
return result;
}
+
+
int
error_scan (char *input_buffer)
{
/* the DNS lookup timed out */
- if (strstr (input_buffer, "Note: nslookup is deprecated and may be removed from future releases.") ||
+ if (strstr (input_buffer, "Note: nslookup is deprecated and may be removed from future releases.") ||
strstr (input_buffer, "Consider using the `dig' or `host' programs instead. Run nslookup with") ||
strstr (input_buffer, "the `-sil[ent]' option to prevent this message from appearing."))
return STATE_OK;
- /* the DNS lookup timed out */
- else if (strstr (input_buffer, "Timed out"))
- return STATE_WARNING;
-
/* DNS server is not running... */
else if (strstr (input_buffer, "No response from server"))
- return STATE_CRITICAL;
+ die (STATE_CRITICAL, _("No response from DNS %s\n"), dns_server);
/* Host name is valid, but server doesn't have records... */
else if (strstr (input_buffer, "No records"))
- return STATE_WARNING;
-
- /* Host or domain name does not exist */
- else if (strstr (input_buffer, "Non-existent"))
- return STATE_CRITICAL;
- else if (strstr (input_buffer, "** server can't find"))
- return STATE_CRITICAL;
- else if(strstr(input_buffer,"NXDOMAIN")) /* 9.x */
- return STATE_CRITICAL;
+ die (STATE_CRITICAL, _("DNS %s has no records\n"), dns_server);
/* Connection was refused */
- else if (strstr (input_buffer, "Connection refused"))
- return STATE_CRITICAL;
+ else if (strstr (input_buffer, "Connection refused") ||
+ strstr (input_buffer, "Refused") ||
+ (strstr (input_buffer, "** server can't find") &&
+ strstr (input_buffer, ": REFUSED")))
+ die (STATE_CRITICAL, _("Connection to DNS %s was refused\n"), dns_server);
+
+ /* Host or domain name does not exist */
+ else if (strstr (input_buffer, "Non-existent") ||
+ strstr (input_buffer, "** server can't find") ||
+ strstr (input_buffer,"NXDOMAIN"))
+ die (STATE_CRITICAL, _("Domain %s was not found by the server\n"), query_address);
/* Network is unreachable */
else if (strstr (input_buffer, "Network is unreachable"))
- return STATE_CRITICAL;
+ die (STATE_CRITICAL, _("Network is unreachable\n"));
/* Internal server failure */
else if (strstr (input_buffer, "Server failure"))
- return STATE_CRITICAL;
+ die (STATE_CRITICAL, _("DNS failure for %s\n"), dns_server);
- /* DNS server refused to service request */
- else if (strstr (input_buffer, "Refused"))
- return STATE_CRITICAL;
-
- /* Request error */
- else if (strstr (input_buffer, "Format error"))
+ /* Request error or the DNS lookup timed out */
+ else if (strstr (input_buffer, "Format error") ||
+ strstr (input_buffer, "Timed out"))
return STATE_WARNING;
- else
- return STATE_OK;
+ return STATE_OK;
}
+
+
/* process command-line arguments */
int
process_arguments (int argc, char **argv)
{"server", required_argument, 0, 's'},
{"reverse-server", required_argument, 0, 'r'},
{"expected-address", required_argument, 0, 'a'},
+ {"expect-authority", no_argument, 0, 'A'},
{0, 0, 0, 0}
};
strcpy (argv[c], "-t");
while (1) {
- c = getopt_long (argc, argv, "hVvt:H:s:r:a:", long_opts, &opt_index);
+ c = getopt_long (argc, argv, "hVvAt:H:s:r:a:", long_opts, &opt_index);
if (c == -1 || c == EOF)
break;
break;
case 'H': /* hostname */
if (strlen (optarg) >= ADDRESS_LENGTH)
- terminate (STATE_UNKNOWN, _("Input buffer overflow\n"));
+ die (STATE_UNKNOWN, _("Input buffer overflow\n"));
strcpy (query_address, optarg);
break;
case 's': /* server name */
- /* TODO: this is_host check is probably unnecessary. Better to confirm nslookup
- response matches */
+ /* TODO: this is_host check is probably unnecessary. */
+ /* Better to confirm nslookup response matches */
if (is_host (optarg) == FALSE) {
- printf (_("Invalid server name/address\n\n"));
+ printf (_("Invalid hostname/address\n\n"));
print_usage ();
exit (STATE_UNKNOWN);
}
if (strlen (optarg) >= ADDRESS_LENGTH)
- terminate (STATE_UNKNOWN, _("Input buffer overflow\n"));
+ die (STATE_UNKNOWN, _("Input buffer overflow\n"));
strcpy (dns_server, optarg);
break;
case 'r': /* reverse server name */
/* TODO: Is this is_host necessary? */
if (is_host (optarg) == FALSE) {
- printf (_("Invalid host name/address\n\n"));
- print_usage ();
- exit (STATE_UNKNOWN);
+ usage2 (_("Invalid hostname/address"), optarg);
}
if (strlen (optarg) >= ADDRESS_LENGTH)
- terminate (STATE_UNKNOWN, _("Input buffer overflow\n"));
+ die (STATE_UNKNOWN, _("Input buffer overflow\n"));
strcpy (ptr_server, optarg);
break;
case 'a': /* expected address */
if (strlen (optarg) >= ADDRESS_LENGTH)
- terminate (STATE_UNKNOWN, _("Input buffer overflow\n"));
+ die (STATE_UNKNOWN, _("Input buffer overflow\n"));
strcpy (expected_address, optarg);
match_expected_address = TRUE;
break;
+ case 'A': /* expect authority */
+ expect_authority = TRUE;
+ break;
}
}
c = optind;
if (strlen(query_address)==0 && c<argc) {
if (strlen(argv[c])>=ADDRESS_LENGTH)
- terminate (STATE_UNKNOWN, _("Input buffer overflow\n"));
+ die (STATE_UNKNOWN, _("Input buffer overflow\n"));
strcpy (query_address, argv[c++]);
}
if (strlen(dns_server)==0 && c<argc) {
/* TODO: See -s option */
if (is_host(argv[c]) == FALSE) {
- printf (_("Invalid name/address: %s\n\n"), argv[c]);
+ printf (_("Invalid hostname/address: %s\n\n"), argv[c]);
return ERROR;
}
if (strlen(argv[c]) >= ADDRESS_LENGTH)
- terminate (STATE_UNKNOWN, _("Input buffer overflow\n"));
+ die (STATE_UNKNOWN, _("Input buffer overflow\n"));
strcpy (dns_server, argv[c++]);
}
return validate_arguments ();
}
+
+
int
validate_arguments ()
{
else
return OK;
}
+
+
+
+void
+print_help (void)
+{
+ print_revision (progname, revision);
+
+ printf ("Copyright (c) 1999 Ethan Galstad <nagios@nagios.org>\n");
+ printf (COPYRIGHT, copyright, email);
+
+ print_usage ();
+
+ printf (_(UT_HELP_VRSN));
+
+ printf (_("\
+-H, --hostname=HOST\n\
+ The name or address you want to query\n\
+-s, --server=HOST\n\
+ Optional DNS server you want to use for the lookup\n\
+-a, --expected-address=IP-ADDRESS\n\
+ Optional IP address you expect the DNS server to return\n\
+-A, --expect-authority\n\
+ Optionally expect the DNS server to be authoritative for the lookup\n"));
+
+ printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
+
+ printf (_("\n\
+This plugin uses the nslookup program to obtain the IP address\n\
+for the given host/domain query. A optional DNS server to use may\n\
+be specified. If no DNS server is specified, the default server(s)\n\
+specified in /etc/resolv.conf will be used.\n"));
+
+ printf (_(UT_SUPPORT));
+}
+
+
+
+void
+print_usage (void)
+{
+ printf (_("\
+Usage: %s -H host [-s server] [-a expected-address] [-A] [-t timeout]\n\
+ %s --help\n\
+ %s --version\n"), progname, progname, progname);
+}