X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;ds=sidebyside;f=plugins-scripts%2Fcheck_ifstatus.pl;h=22638234155115df299d6ce133a6f4715ada4085;hb=5b801b81a963d33c1733c524dc8ce11452a5bbbc;hp=bae3ffa71af67ed9d322ce82083a962e7f40b49e;hpb=6fbd14fea5c111a23d9074d25499991cbfa58f79;p=nagiosplug.git

diff --git a/plugins-scripts/check_ifstatus.pl b/plugins-scripts/check_ifstatus.pl
index bae3ffa..2263823 100755
--- a/plugins-scripts/check_ifstatus.pl
+++ b/plugins-scripts/check_ifstatus.pl
@@ -42,7 +42,8 @@ Getopt::Long::Configure('bundling');
 my $PROGNAME = "check_ifstatus";
 
 sub print_help ();
-sub usage ();
+sub usage ($);
+sub print_usage ();
 sub process_arguments ();
 
 
@@ -63,7 +64,7 @@ my $snmpoid=0;
 my $key=0;
 my $community = "public";
 my $maxmsgsize = 1472 ; # Net::SNMP default is 1472
-my ($seclevel, $authproto, $secname, $authpass, $privpass, $auth, $priv, $context);
+my ($seclevel, $authproto, $secname, $authpass, $privpass, $privproto, $auth, $priv, $context);
 my $port = 161;
 my @snmpoids;
 my $snmpIfAdminStatus = '1.3.6.1.2.1.2.2.1.7';
@@ -92,6 +93,7 @@ my $opt_u;
 my $opt_x ;
 my %excluded ;
 my @unused_ports ;
+my %session_opts;
 
 
 
@@ -115,6 +117,15 @@ if ($status != 0)
 
 
 alarm($timeout);
+($session, $error) = Net::SNMP->session(%session_opts);
+		
+if (!defined($session)) {
+			$state='UNKNOWN';
+			$answer=$error;
+			print ("$state: $answer\n");
+			exit $ERRORS{$state};
+}
+
 
 push(@snmpoids,$snmpIfOperStatus);
 push(@snmpoids,$snmpIfAdminStatus);
@@ -209,19 +220,25 @@ my $perfdata = sprintf("up=%d,down=%d,dormant=%d,excluded=%d,unused=%d",$ifup,$i
 print ("$state: $answer |$perfdata\n");
 exit $ERRORS{$state};
 
+sub usage($) {
+	print "$_[0]\n";
+	print_usage();
+	exit $ERRORS{"UNKNOWN"};
+}
 
-sub usage (){
-	printf "\nMissing arguments!\n";
+sub print_usage() {
 	printf "\n";
+	printf "usage: \n";
 	printf "check_ifstatus -C <READCOMMUNITY> -p <PORT> -H <HOSTNAME>\n";
 	printf "Copyright (C) 2000 Christoph Kron\n";
 	printf "Updates 5/2002 Subhendu Ghosh\n";
-	printf "\n\n";
 	support();
-	exit $ERRORS{"UNKNOWN"};
+	printf "\n\n";
 }
 
-sub print_help (){
+sub print_help() {
+	print_revision($PROGNAME, '@NP_VERSION@');
+	print_usage();
 	printf "check_ifstatus plugin for Nagios monitors operational \n";
 	printf "status of each network interface on the target host\n";
 	printf "\nUsage:\n";
@@ -242,14 +259,15 @@ sub print_help (){
 	printf "                     See the IANAifType-MIB for a list of interface types.\n";
 	printf "   -L (--seclevel)   choice of \"noAuthNoPriv\", \"authNoPriv\", or	\"authPriv\"\n";
 	printf "   -U (--secname)    username for SNMPv3 context\n";
-	printf "   -c (--context)    SNMPv3 context name (default is empty	string)";
+	printf "   -c (--context)    SNMPv3 context name (default is empty string)\n";
 	printf "   -A (--authpass)   authentication password (cleartext ascii or localized key\n";
-	printf "                     in hex with 0x prefix generated by using	\"snmpkey\" utility\n"; 
+	printf "                     in hex with 0x prefix generated by using \"snmpkey\" utility\n"; 
 	printf "                     auth password and authEngineID\n";
-	printf "   -a (--authproto)  Authentication protocol ( MD5 or SHA1)\n";
+	printf "   -a (--authproto)  Authentication protocol (MD5 or SHA1)\n";
 	printf "   -X (--privpass)   privacy password (cleartext ascii or localized key\n";
-	printf "                     in hex with 0x prefix generated by using	\"snmpkey\" utility\n"; 
+	printf "                     in hex with 0x prefix generated by using \"snmpkey\" utility\n"; 
 	printf "                     privacy password and authEngineID\n";
+	printf "   -P (--privproto)  privacy protocol (DES or AES; default: DES)\n";
 	printf "   -M (--maxmsgsize) Max message size - usefull only for v1 or v2c\n";
 	printf "   -t (--timeout)    seconds before the plugin times out (default=$TIMEOUT)\n";
 	printf "   -V (--version)    Plugin version\n";
@@ -269,6 +287,7 @@ sub process_arguments() {
 		"U=s" => \$secname,   "secname=s"   => \$secname,
 		"A=s" => \$authpass,  "authpass=s"  => \$authpass,
 		"X=s" => \$privpass,  "privpass=s"  => \$privpass,
+		"P=s" => \$privproto,  "privproto=s"  => \$privproto,
 		"c=s" => \$context,   "context=s"   => \$context,
 		"p=i" =>\$port, "port=i" => \$port,
 		"H=s" => \$hostname, "hostname=s" => \$hostname,
@@ -280,9 +299,10 @@ sub process_arguments() {
 		);
 		
 	if ($status == 0){
-		print_help() ;
+		print_help();
 		exit $ERRORS{'OK'};
 	}
+
 	if ($opt_V) {
 		print_revision($PROGNAME,'@NP_VERSION@');
 		exit $ERRORS{'OK'};
@@ -297,68 +317,75 @@ sub process_arguments() {
 		$timeout = $TIMEOUT;
 	}
 
+	if ($snmp_version !~ /[123]/){
+		$state='UNKNOWN';
+		print ("$state: No support for SNMP v$snmp_version yet\n");
+		exit $ERRORS{$state};
+	}
+
+	%session_opts = (
+		-hostname   => $hostname,
+		-port       => $port,
+		-version    => $snmp_version,
+		-maxmsgsize => $maxmsgsize
+	);
+
+	$session_opts{'-community'} = $community if (defined $community && $snmp_version =~ /[12]/);
+
 	if ($snmp_version =~ /3/ ) {
 		# Must define a security level even though default is noAuthNoPriv
 		# v3 requires a security username
-		if (defined $seclevel  && defined $secname) {
+		if (defined $seclevel && defined $secname) {
+			$session_opts{'-username'} = $secname;
 		
 			# Must define a security level even though defualt is noAuthNoPriv
-			unless ($seclevel eq ('noAuthNoPriv' || 'authNoPriv' || 'authPriv' ) ) {
-				usage();
-				exit $ERRORS{"UNKNOWN"};
+			unless ( grep /^$seclevel$/, qw(noAuthNoPriv authNoPriv authPriv) ) {
+				usage("Must define a valid security level even though default is noAuthNoPriv");
 			}
 			
 			# Authentication wanted
-			if ($seclevel eq ('authNoPriv' || 'authPriv') ) {
-		
-				unless ($authproto eq ('MD5' || 'SHA1') ) {
-					usage();
-					exit $ERRORS{"UNKNOWN"};
+			if ( $seclevel eq 'authNoPriv' || $seclevel eq 'authPriv' ) {
+				if (defined $authproto && $authproto ne 'MD5' && $authproto ne 'SHA1') {
+					usage("Auth protocol can be either MD5 or SHA1");
 				}
+				$session_opts{'-authprotocol'} = $authproto if(defined $authproto);
 
 				if ( !defined $authpass) {
-					usage();
-					exit $ERRORS{"UNKNOWN"};
+					usage("Auth password/key is not defined");
 				}else{
 					if ($authpass =~ /^0x/ ) {
-						$auth = "-authkey => $authpass" ;
+						$session_opts{'-authkey'} = $authpass ;
 					}else{
-						$auth = "-authpassword => $authpass";
+						$session_opts{'-authpassword'} = $authpass ;
 					}
 				}
-					
 			}
 			
 			# Privacy (DES encryption) wanted
-			if ($seclevel eq  'authPriv' ) {
+			if ($seclevel eq 'authPriv' ) {
 				if (! defined $privpass) {
-					usage();
-					exit $ERRORS{"UNKNOWN"};
+					usage("Privacy passphrase/key is not defined");
 				}else{
 					if ($privpass =~ /^0x/){
-						$priv = "-privkey => $privpass";
+						$session_opts{'-privkey'} = $privpass;
 					}else{
-						$priv = "-privpassword => $privpass";
+						$session_opts{'-privpassword'} = $privpass;
 					}
 				}
+
+				$session_opts{'-privprotocol'} = $privproto if(defined $privproto);
 			}
 
 			# Context name defined or default
-
 			unless ( defined $context) {
 				$context = "";
 			}
 		
-		
-		
 		}else {
-					usage();
-					exit $ERRORS{'UNKNOWN'}; ;
+			usage("Security level or name is not defined");
 		}
 	} # end snmpv3
 
-	# for snmp v1 & v2c we default to community = "public"
-	
 	# Excluded interfaces types (ifType) (backup interfaces, dial-on demand interfaces, PPP interfaces
 	if (defined $opt_x) {
 		my @x = split(/,/, $opt_x);
@@ -380,79 +407,16 @@ sub process_arguments() {
 	}
 
 	if (! utils::is_hostname($hostname)){
-		usage();
+		usage("Hostname invalid or not given");
 		exit $ERRORS{"UNKNOWN"};
 	}
 
-	# create SNMP session handle based on options passed.
-
-	if ( ! $snmp_version ) {
-		$snmp_version =1 ;
-	}else{
-		if ( $snmp_version =~ /[12]/ ) {
-	
-			($session, $error) = Net::SNMP->session(
-						-hostname  => $hostname,
-						-community => $community,
-						-port      => $port,
-						-version	=> $snmp_version,
-						-maxmsgsize => $maxmsgsize
-			 );
-
-		if (!defined($session)) {
-					$state='UNKNOWN';
-					$answer=$error;
-					print ("$state: $answer");
-					exit $ERRORS{$state};
-		}
-
 		
-	}elsif ( $snmp_version =~ /3/ ) {
-
-		if ($seclevel eq 'noAuthNoPriv') {
-			($session, $error) = Net::SNMP->session(
-				-hostname  => $hostname,
-				-port      => $port,
-				-version  => $snmp_version,
-				-username => $secname,
-			);
-
-		}elsif ( $seclevel eq 'authNoPriv' ) {
-			($session, $error) = Net::SNMP->session(
-				-hostname  => $hostname,
-				-port      => $port,
-				-version  => $snmp_version,
-				-username => $secname,
-				-authprotocol => $authproto,
-				$auth
-			);	
-		}elsif ($seclevel eq 'authPriv' ) {
-			($session, $error) = Net::SNMP->session(
-				-hostname  => $hostname,
-				-port      => $port,
-				-version  => $snmp_version,
-				-username => $secname,
-				-authprotocol => $authproto,
-				$auth,
-				$priv
-			);
-		}
-					
-					
-		if (!defined($session)) {
-					$state='UNKNOWN';
-					$answer=$error;
-					print ("$state: $answer");
-					exit $ERRORS{$state};
-		}
-			
-	}else{
+	if ($snmp_version !~ /[123]/) {
 		$state='UNKNOWN';
 		print ("$state: No support for SNMP v$snmp_version yet\n");
 		exit $ERRORS{$state};
 	}
-}
 
 return $ERRORS{"OK"};
-				
 }