X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fcheck_snmp.c;h=b943379d4770bbc67d220ec258c9d6019f5abd9f;hb=831d03cd768cb4d1f96d3cabd6262a0a55f904e7;hp=13e12ff8f567459c63b4a55bb29d7b2d6c09bf9f;hpb=c43abafb9465849a21c5b723c3048d9c8cbba523;p=nagiosplug.git diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 13e12ff..b943379 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -1,19 +1,7 @@ /****************************************************************************** - * - * CHECK_SNMP.C * * Program: SNMP plugin for Nagios * License: GPL - * Copyright (c) 1999 Ethan Galstad (nagios@nagios.org) - * - * Last Modified: $Date$ - * - * Description: - * - * This plugin uses the 'snmpget' command included with the UCD-SNMP - * package. If you don't have the package installed you will need to - * download it from http://ucd-snmp.ucdavis.edu before you can use - * this plugin. * * License Information: * @@ -30,15 +18,109 @@ * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * *./plugins/check_snmp 127.0.0.1 -c public -o .1.3.6.1.4.1.2021.9.1.2.1 + * *****************************************************************************/ +const char *progname = "check_snmp"; +#define REVISION "$Revision$" +#define COPYRIGHT "1999-2002" +#define AUTHOR "Ethan Galstad" +#define EMAIL "nagios@nagios.org" +#define SUMMARY "Check status of remote machines using SNMP.\n" + +#define OPTIONS "\ +-H -o [-w warn_range] [-c crit_range] \n\ + [-C community] [-s string] [-r regex] [-R regexi] [-t timeout]\n\ + [-l label] [-u units] [-p port-number] [-d delimiter]\n\ + [-D output-delimiter] [-m miblist] [-P snmp version]\n\ + [-L seclevel] [-U secname] [-a authproto] [-A authpasswd]\n\ + [-X privpasswd]\n" + +#define LONGOPTIONS "\ + -H, --hostname=HOST\n\ + Name or IP address of the device you wish to query\n\ + -o, --oid=OID(s)\n\ + Object identifier(s) whose value you wish to query\n\ + -w, --warning=INTEGER_RANGE(s)\n\ + Range(s) which will not result in a WARNING status\n\ + -c, --critical=INTEGER_RANGE(s)\n\ + Range(s) which will not result in a CRITICAL status\n\ + -C, --community=STRING\n\ + Optional community string for SNMP communication\n\ + (default is \"%s\")\n\ + -u, --units=STRING\n\ + Units label(s) for output data (e.g., 'sec.').\n\ + -p, --port=STRING\n\ + UDP port number target is listening on. Default is \"%s\"\n\ + -P, --protocol=[1|3]\n\ + SNMP protocol version\n\ + -L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]\n\ + SNMPv3 securityLevel\n\ + -U, --secname=USERNAME\n\ + SNMPv3 username\n\ + -a, --authproto=[MD5|SHA]\n\ + SNMPv3 auth proto\n\ + -A, --authpassword=PASSWORD\n\ + SNMPv3 authentication password\n\ + -X, --privpasswd=PASSWORD\n\ + SNMPv3 crypt passwd (DES)\n\ + -d, --delimiter=STRING\n\ + Delimiter to use when parsing returned data. Default is \"%s\"\n\ + Any data on the right hand side of the delimiter is considered\n\ + to be the data that should be used in the evaluation.\n\ + -t, --timeout=INTEGER\n\ + Seconds to wait before plugin times out (see also nagios server timeout).\n\ + Default is %d seconds\n\ + -D, --output-delimiter=STRING\n\ + Separates output on multiple OID requests\n\ + -s, --string=STRING\n\ + Return OK state (for that OID) if STRING is an exact match\n\ + -r, --ereg=REGEX\n\ + Return OK state (for that OID) if extended regular expression REGEX matches\n\ + -R, --eregi=REGEX\n\ + Return OK state (for that OID) if case-insensitive extended REGEX matches\n\ + -l, --label=STRING\n\ + Prefix label for output from plugin (default -s 'SNMP')\n\ + -v, --verbose\n\ + Debugging the output\n\ + -m, --miblist=STRING\n\ + List of MIBS to be loaded (default = ALL)\n" + +#define NOTES "\ +- This plugin uses the 'snmpget' command included with the NET-SNMP package.\n\ + If you don't have the package installed, you will need to download it from\n\ + http://net-snmp.sourceforge.net before you can use this plugin.\n\ +- Multiple OIDs may be indicated by a comma- or space-delimited list (lists with\n\ + internal spaces must be quoted) [max 8 OIDs]\n\ +- Ranges are inclusive and are indicated with colons. When specified as\n\ + 'min:max' a STATE_OK will be returned if the result is within the indicated\n\ + range or is equal to the upper or lower bound. A non-OK state will be\n\ + returned if the result is outside the specified range.\n\ +- If specified in the order 'max:min' a non-OK state will be returned if the\n\ + result is within the (inclusive) range.\n\ +- Upper or lower bounds may be omitted to skip checking the respective limit.\n\ +- Bare integers are interpreted as upper limits.\n\ +- When checking multiple OIDs, separate ranges by commas like '-w 1:10,1:,:20'\n\ +- Note that only one string and one regex may be checked at present\n\ +- All evaluation methods other than PR, STR, and SUBSTR expect that the value\n\ + returned from the SNMP query is an unsigned integer.\n" + +#define DESCRIPTION "\ +This plugin gets system information on a remote server via snmp.\n" + +#define DEFAULT_COMMUNITY "public" +#define DEFAULT_PORT "161" +#define DEFAULT_TIMEOUT 10 +#define DEFAULT_MIBLIST "ALL" +#define DEFAULT_PROTOCOL "1" +#define DEFAULT_AUTH_PROTOCOL "MD5" + #include "common.h" #include "utils.h" #include "popen.h" -#define PROGNAME check_snmp - #define mark(a) ((a)!=0?"*":"") #define CHECK_UNDEF 0 @@ -69,9 +151,9 @@ #define DEFAULT_OUTPUT_DELIMITER " " void print_usage (void); -void print_help (char *); +void print_help (void); int process_arguments (int, char **); -int call_getopt (int, char **); +int validate_arguments (void); int check_num (int); char *clarify_message (char *); int lu_getll (unsigned long *, char *); @@ -93,11 +175,18 @@ int errcode, excode; #endif char *server_address = NULL; -char *community = NULL; -char oid[MAX_INPUT_BUFFER] = ""; -char *label = NULL; -char *units = NULL; -char *port = NULL; +char *community = DEFAULT_COMMUNITY; +char *authpriv = NULL; +char *proto = NULL; +char *seclevel = NULL; +char *secname = NULL; +char *authproto = NULL; +char *authpasswd = NULL; +char *privpasswd = NULL; +char *oid = ""; +char *label = "SNMP"; +char *units = ""; +char *port = DEFAULT_PORT; char string_value[MAX_INPUT_BUFFER] = ""; char **labels = NULL; char **unitv = NULL; @@ -105,6 +194,7 @@ int nlabels = 0; int labels_size = 8; int nunits = 0; int unitv_size = 8; +int verbose = FALSE; unsigned long lower_warn_lim[MAX_OIDS]; unsigned long upper_warn_lim[MAX_OIDS]; unsigned long lower_crit_lim[MAX_OIDS]; @@ -113,8 +203,9 @@ unsigned long response_value[MAX_OIDS]; int check_warning_value = FALSE; int check_critical_value = FALSE; int eval_method[MAX_OIDS]; -char *delimiter = NULL; -char *output_delim = NULL; +char *delimiter = DEFAULT_DELIMITER; +char *output_delim = DEFAULT_OUTPUT_DELIMITER; +char *miblist = DEFAULT_MIBLIST; int @@ -127,15 +218,14 @@ main (int argc, char **argv) char input_buffer[MAX_INPUT_BUFFER]; char *command_line = NULL; char *response = NULL; - char *outbuff = NULL; - char *output = NULL; + char *outbuff = ""; + char *output = ""; char *ptr = NULL; char *p2 = NULL; char *show = NULL; labels = malloc (labels_size); unitv = malloc (unitv_size); - outbuff = strscpy (outbuff, ""); for (i = 0; i < MAX_OIDS; i++) eval_method[i] = CHECK_UNDEF; i = 0; @@ -144,10 +234,10 @@ main (int argc, char **argv) usage ("Incorrect arguments supplied\n"); /* create the command line to execute */ - command_line = ssprintf - (command_line, - "%s -p %s -m ALL -v 1 %s -c %s %s", - PATH_TO_SNMPGET, port, server_address, community, oid); + asprintf (&command_line, "%s -m %s -v %s %s %s:%s %s", + PATH_TO_SNMPGET, miblist, proto, authpriv, server_address, port, oid); + if (verbose) + printf ("%s\n", command_line); /* run the command */ child_process = spopen (command_line); @@ -162,7 +252,10 @@ main (int argc, char **argv) } while (fgets (input_buffer, MAX_INPUT_BUFFER - 1, child_process)) - output = strscat (output, input_buffer); + asprintf (&output, "%s%s", output, input_buffer); + + if (verbose) + printf ("%s\n", output); ptr = output; @@ -199,32 +292,45 @@ main (int argc, char **argv) } } + /* We strip out the datatype indicator for PHBs */ if (strstr (response, "Gauge: ")) show = strstr (response, "Gauge: ") + 7; else if (strstr (response, "Gauge32: ")) show = strstr (response, "Gauge32: ") + 9; + else if (strstr (response, "Counter32: ")) + show = strstr (response, "Counter32: ") + 11; + else if (strstr (response, "INTEGER: ")) + show = strstr (response, "INTEGER: ") + 9; + else if (strstr (response, "STRING: ")) + show = strstr (response, "STRING: ") + 8; else show = response; p2 = show; + iresult = STATE_DEPENDENT; + + /* Process this block for integer comparisons */ if (eval_method[i] & CRIT_GT || - eval_method[i] & CRIT_LT || - eval_method[i] & CRIT_GE || - eval_method[i] & CRIT_LE || - eval_method[i] & CRIT_EQ || - eval_method[i] & CRIT_NE || - eval_method[i] & WARN_GT || - eval_method[i] & WARN_LT || - eval_method[i] & WARN_GE || - eval_method[i] & WARN_LE || - eval_method[i] & WARN_EQ || eval_method[i] & WARN_NE) { + eval_method[i] & CRIT_LT || + eval_method[i] & CRIT_GE || + eval_method[i] & CRIT_LE || + eval_method[i] & CRIT_EQ || + eval_method[i] & CRIT_NE || + eval_method[i] & WARN_GT || + eval_method[i] & WARN_LT || + eval_method[i] & WARN_GE || + eval_method[i] & WARN_LE || + eval_method[i] & WARN_EQ || + eval_method[i] & WARN_NE) { p2 = strpbrk (p2, "0123456789"); + if (p2 == NULL) + terminate (STATE_UNKNOWN,"No valid data returned"); response_value[i] = strtoul (p2, NULL, 10); iresult = check_num (i); - /*For consistency- full SNMP response every time */ - show = ssprintf (show, "%d", response); + asprintf (&show, "%lu", response_value[i]); } + /* Process this block for string matching */ else if (eval_method[i] & CRIT_STRING) { if (strcmp (response, string_value)) iresult = STATE_CRITICAL; @@ -232,6 +338,7 @@ main (int argc, char **argv) iresult = STATE_OK; } + /* Process this block for regex matching */ else if (eval_method[i] & CRIT_REGEX) { #ifdef HAVE_REGEX_H excode = regexec (&preg, response, 10, pmatch, eflags); @@ -247,42 +354,40 @@ main (int argc, char **argv) iresult = STATE_CRITICAL; } #else - printf ("SNMP UNKNOWN: call for regex which was not a compiled option"); + printf ("%s UNKNOWN: call for regex which was not a compiled option", label); exit (STATE_UNKNOWN); #endif } + /* Process this block for existence-nonexistence checks */ else { - if (response) - iresult = STATE_OK; - else if (eval_method[i] & CRIT_PRESENT) + if (eval_method[i] & CRIT_PRESENT) iresult = STATE_CRITICAL; - else + else if (eval_method[i] & WARN_PRESENT) iresult = STATE_WARNING; + else if (response && iresult == STATE_DEPENDENT) + iresult = STATE_OK; } - result = max (result, iresult); + /* Result is the worst outcome of all the OIDs tested */ + result = max_state (result, iresult); + /* Prepend a label for this OID if there is one */ if (nlabels > 1 && i < nlabels && labels[i] != NULL) - outbuff = ssprintf - (outbuff, - "%s%s%s %s%s%s", - outbuff, - (i == 0) ? " " : output_delim, - labels[i], mark (iresult), show, mark (iresult)); + asprintf (&outbuff, "%s%s%s %s%s%s", outbuff, + (i == 0) ? " " : output_delim, + labels[i], mark (iresult), show, mark (iresult)); else - outbuff = ssprintf - (outbuff, - "%s%s%s%s%s", - outbuff, - (i == 0) ? " " : output_delim, mark (iresult), show, mark (iresult)); + asprintf (&outbuff, "%s%s%s%s%s", outbuff, (i == 0) ? " " : output_delim, + mark (iresult), show, mark (iresult)); - if (nunits > 0 && i < nunits) - outbuff = ssprintf (outbuff, "%s %s", outbuff, unitv[i]); + /* Append a unit string for this OID if there is one */ + if (nunits > 0 && i < nunits && unitv[i] != NULL) + asprintf (&outbuff, "%s %s", outbuff, unitv[i]); i++; - } /* end while */ + } /* end while (ptr) */ if (found == 0) terminate @@ -292,19 +397,19 @@ main (int argc, char **argv) /* WARNING if output found on stderr */ if (fgets (input_buffer, MAX_INPUT_BUFFER - 1, child_stderr)) - result = max (result, STATE_WARNING); + result = max_state (result, STATE_WARNING); /* close stderr */ (void) fclose (child_stderr); /* close the pipe */ if (spclose (child_process)) - result = max (result, STATE_WARNING); + result = max_state (result, STATE_WARNING); - if (nunits > 0) - printf ("%s %s -%s\n", label, state_text (result), outbuff); - else - printf ("%s %s -%s %s\n", label, state_text (result), outbuff, units); +/* if (nunits == 1 || i == 1) */ +/* printf ("%s %s -%s %s\n", label, state_text (result), outbuff, units); */ +/* else */ + printf ("%s %s -%s\n", label, state_text (result), outbuff); return result; } @@ -312,66 +417,14 @@ main (int argc, char **argv) /* process command-line arguments */ int process_arguments (int argc, char **argv) -{ - int c; - - if (argc < 2) - return ERROR; - - for (c = 1; c < argc; c++) { - if (strcmp ("-to", argv[c]) == 0) - strcpy (argv[c], "-t"); - if (strcmp ("-wv", argv[c]) == 0) - strcpy (argv[c], "-w"); - if (strcmp ("-cv", argv[c]) == 0) - strcpy (argv[c], "-c"); - } - - c = 0; - while (c += (call_getopt (argc - c, &argv[c]))) { - if (argc <= c) - break; - if (server_address == NULL) - server_address = strscpy (NULL, argv[c]); - } - - if (community == NULL) - community = strscpy (NULL, "public"); - - if (delimiter == NULL) - delimiter = strscpy (NULL, DEFAULT_DELIMITER); - - if (output_delim == NULL) - output_delim = strscpy (NULL, DEFAULT_OUTPUT_DELIMITER); - - if (label == NULL) - label = strscpy (NULL, "SNMP"); - - if (units == NULL) - units = strscpy (NULL, ""); - - if (port == NULL) - port = strscpy(NULL,"161"); - - return c; -} - -int -call_getopt (int argc, char **argv) { char *ptr; - int c, i = 1; - int j = 0, jj = 0; + int c = 1; + int j = 0, jj = 0, ii = 0; -#ifdef HAVE_GETOPT_H int option_index = 0; static struct option long_options[] = { - {"help", no_argument, 0, 'h'}, - {"version", no_argument, 0, 'V'}, - {"timeout", required_argument, 0, 't'}, - {"critical", required_argument, 0, 'c'}, - {"warning", required_argument, 0, 'w'}, - {"hostname", required_argument, 0, 'H'}, + STD_LONG_OPTS, {"community", required_argument, 0, 'C'}, {"oid", required_argument, 0, 'o'}, {"object", required_argument, 0, 'o'}, @@ -384,68 +437,94 @@ call_getopt (int argc, char **argv) {"label", required_argument, 0, 'l'}, {"units", required_argument, 0, 'u'}, {"port", required_argument, 0, 'p'}, + {"miblist", required_argument, 0, 'm'}, + {"protocol", required_argument, 0, 'P'}, + {"seclevel", required_argument, 0, 'L'}, + {"secname", required_argument, 0, 'U'}, + {"authproto", required_argument, 0, 'a'}, + {"authpasswd", required_argument, 0, 'A'}, + {"privpasswd", required_argument, 0, 'X'}, {0, 0, 0, 0} }; -#endif + + if (argc < 2) + return ERROR; + + /* reverse compatibility for very old non-POSIX usage forms */ + for (c = 1; c < argc; c++) { + if (strcmp ("-to", argv[c]) == 0) + strcpy (argv[c], "-t"); + if (strcmp ("-wv", argv[c]) == 0) + strcpy (argv[c], "-w"); + if (strcmp ("-cv", argv[c]) == 0) + strcpy (argv[c], "-c"); + } while (1) { -#ifdef HAVE_GETOPT_H - c = - getopt_long (argc, argv, "+?hVt:c:w:H:C:o:d:D:s:R:r:l:u:p:", + c = getopt_long (argc, argv, "hvVt:c:w:H:C:o:e:E:d:D:s:R:r:l:u:p:m:P:L:U:a:A:X:", long_options, &option_index); -#else - c = getopt (argc, argv, "+?hVt:c:w:H:C:o:d:D:s:R:r:l:u:p:"); -#endif if (c == -1 || c == EOF) break; - i++; - switch (c) { - case 't': - case 'c': - case 'w': - case 'H': - case 'C': - case 'o': - case 'd': - case 'D': - case 's': - case 'R': - case 'r': - case 'l': - case 'u': - case 'p': - i++; - } - switch (c) { - case '?': /* help */ - printf ("%s: Unknown argument: %s\n\n", my_basename (argv[0]), optarg); - print_usage (); - exit (STATE_UNKNOWN); - case 'h': /* help */ - print_help (my_basename (argv[0])); - exit (STATE_OK); - case 'V': /* version */ - print_revision (my_basename (argv[0]), "$Revision$"); + case '?': /* usage */ + usage3 ("Unknown argument", optopt); + case 'h': /* help */ + print_help (); + exit (STATE_OK); + case 'V': /* version */ + print_revision (progname, REVISION); exit (STATE_OK); - case 't': /* timeout period */ - if (!is_integer (optarg)) { - printf ("%s: Timeout Interval must be an integer!\n\n", - my_basename (argv[0])); - print_usage (); - exit (STATE_UNKNOWN); - } + case 'v': /* verbose */ + verbose = TRUE; + break; + + /* Connection info */ + case 'C': /* group or community */ + community = strscpy (community, optarg); + break; + case 'H': /* Host or server */ + server_address = strscpy (server_address, optarg); + break; + case 'p': /* TCP port number */ + port = strscpy(port, optarg); + break; + case 'm': /* List of MIBS */ + miblist = strscpy(miblist, optarg); + break; + case 'P': /* SNMP protocol version */ + proto = strscpy(proto, optarg); + break; + case 'L': /* security level */ + seclevel = strscpy(seclevel,optarg); + break; + case 'U': /* security username */ + secname = strscpy(secname, optarg); + break; + case 'a': /* auth protocol */ + asprintf (&authproto, optarg); + break; + case 'A': /* auth passwd */ + authpasswd = strscpy(authpasswd, optarg); + break; + case 'X': /* priv passwd */ + privpasswd = strscpy(privpasswd, optarg); + break; + case 't': /* timeout period */ + if (!is_integer (optarg)) + usage2 ("Timeout Interval must be an integer", optarg); timeout_interval = atoi (optarg); break; + + /* Test parameters */ case 'c': /* critical time threshold */ if (strspn (optarg, "0123456789:,") < strlen (optarg)) { printf ("Invalid critical threshold: %s\n", optarg); print_usage (); exit (STATE_UNKNOWN); } - for (ptr = optarg, jj = 0; ptr && jj < MAX_OIDS; jj++) { + for (ptr = optarg; ptr && jj < MAX_OIDS; jj++) { if (lu_getll (&lower_crit_lim[jj], ptr) == 1) eval_method[jj] |= CRIT_LT; if (lu_getul (&upper_crit_lim[jj], ptr) == 1) @@ -459,38 +538,36 @@ call_getopt (int argc, char **argv) print_usage (); exit (STATE_UNKNOWN); } - for (ptr = optarg, jj = 0; ptr && jj < MAX_OIDS; jj++) { - if (lu_getll (&lower_warn_lim[jj], ptr) == 1) - eval_method[jj] |= WARN_LT; - if (lu_getul (&upper_warn_lim[jj], ptr) == 1) - eval_method[jj] |= WARN_GT; + for (ptr = optarg; ptr && ii < MAX_OIDS; ii++) { + if (lu_getll (&lower_warn_lim[ii], ptr) == 1) + eval_method[ii] |= WARN_LT; + if (lu_getul (&upper_warn_lim[ii], ptr) == 1) + eval_method[ii] |= WARN_GT; (ptr = index (ptr, ',')) ? ptr++ : ptr; } break; - case 'H': /* Host or server */ - server_address = strscpy (server_address, optarg); - break; - case 'C': /* group or community */ - community = strscpy (community, optarg); - break; case 'o': /* object identifier */ + case 'e': /* PRELIMINARY - may change */ + case 'E': /* PRELIMINARY - may change */ for (ptr = optarg; (ptr = index (ptr, ',')); ptr++) - ptr[0] = ' '; - strncpy (oid, optarg, sizeof (oid) - 1); - oid[sizeof (oid) - 1] = 0; - for (ptr = optarg, j = 1; (ptr = index (ptr, ' ')); ptr++) - j++; - break; - case 'd': /* delimiter */ - delimiter = strscpy (delimiter, optarg); - break; - case 'D': /* output-delimiter */ - output_delim = strscpy (output_delim, optarg); + ptr[0] = ' '; /* relpace comma with space */ + for (ptr = optarg; (ptr = index (ptr, ' ')); ptr++) + j++; /* count OIDs */ + asprintf (&oid, "%s %s", (oid?oid:""), optarg); + if (c == 'E' || c == 'e') { + jj++; + ii++; + } + if (c == 'E') + eval_method[j+1] |= WARN_PRESENT; + else if (c == 'e') + eval_method[j+1] |= CRIT_PRESENT; break; case 's': /* string or substring */ strncpy (string_value, optarg, sizeof (string_value) - 1); string_value[sizeof (string_value) - 1] = 0; eval_method[jj++] = CRIT_STRING; + ii++; break; case 'R': /* regex */ #ifdef HAVE_REGEX_H @@ -508,11 +585,20 @@ call_getopt (int argc, char **argv) return ERROR; } eval_method[jj++] = CRIT_REGEX; + ii++; #else - printf ("SNMP UNKNOWN: call for regex which was not a compiled option"); + printf ("%s UNKNOWN: call for regex which was not a compiled option", label); exit (STATE_UNKNOWN); #endif break; + + /* Format */ + case 'd': /* delimiter */ + delimiter = strscpy (delimiter, optarg); + break; + case 'D': /* output-delimiter */ + output_delim = strscpy (output_delim, optarg); + break; case 'l': /* label */ label = optarg; nlabels++; @@ -575,87 +661,118 @@ call_getopt (int argc, char **argv) unitv[nunits - 1] = ptr; } break; - case 'p': /* TCP port number */ - port = strscpy(port, optarg); - break; } } - return i; + + if (server_address == NULL) + asprintf (&server_address, argv[optind]); + + return validate_arguments (); } +/****************************************************************************** + +@@- + +validate_arguments + +&PROTO_validate_arguments; + +Given a database name, this function returns TRUE if the string +is a valid PostgreSQL database name, and returns false if it is +not. + +Valid PostgreSQL database names are less than &NAMEDATALEN; +characters long and consist of letters, numbers, and underscores. The +first character cannot be a number, however. + + +-@@ +******************************************************************************/ + +int +validate_arguments () +{ + + /* Need better checks to verify seclevel and authproto choices */ + + if (seclevel == NULL) + asprintf (&seclevel, "noAuthNoPriv"); + + + if (authproto == NULL ) + asprintf(&authproto, DEFAULT_AUTH_PROTOCOL); + + + + if (proto == NULL || (strcmp(proto,DEFAULT_PROTOCOL) == 0) ) { /* default protocol version */ + asprintf(&proto, DEFAULT_PROTOCOL); + asprintf(&authpriv, "%s%s", "-c ", community); + } + else if ( strcmp (proto, "3") == 0 ) { /* snmpv3 args */ + asprintf(&proto, "%s", "3"); + + if ( (strcmp(seclevel, "noAuthNoPriv") == 0) || seclevel == NULL ) { + asprintf(&authpriv, "%s", "-l noAuthNoPriv" ); + } + else if ( strcmp(seclevel, "authNoPriv") == 0 ) { + if ( secname == NULL || authpasswd == NULL) { + printf ("Missing secname (%s) or authpassword (%s) ! \n",secname, authpasswd ); + print_usage (); + exit (STATE_UNKNOWN); + } + asprintf(&authpriv, "-l authNoPriv -a %s -u %s -A %s ", authproto, secname, authpasswd); + } + else if ( strcmp(seclevel, "authPriv") == 0 ) { + if ( secname == NULL || authpasswd == NULL || privpasswd == NULL ) { + printf ("Missing secname (%s), authpassword (%s), or privpasswd (%s)! \n",secname, authpasswd,privpasswd ); + print_usage (); + exit (STATE_UNKNOWN); + } + asprintf(&authpriv, "-l authPriv -a %s -u %s -A %s -x DES -X %s ", authproto, secname, authpasswd, privpasswd); + } + + + } + else { + printf ("Invalid SNMP version: %s\n", proto); + print_usage (); + exit (STATE_UNKNOWN); + } + + + + + return OK; +} + + + void -print_usage (void) +print_help (void) { + print_revision (progname, REVISION); + printf + ("Copyright (c) %s %s <%s>\n\n%s\n", COPYRIGHT, AUTHOR, EMAIL, SUMMARY); + print_usage (); printf - ("Usage: check_snmp -H -o [-w warn_range] [-c crit_range] \n" - " [-C community] [-s string] [-r regex] [-R regexi] [-t timeout]\n" - " [-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n" - " check_snmp --help\n" " check_snmp --version\n"); + ("\nOptions:\n" LONGOPTIONS "\n" DESCRIPTION "\n" NOTES "\n", + DEFAULT_COMMUNITY, DEFAULT_PORT, DEFAULT_DELIMITER, DEFAULT_TIMEOUT); + support (); } void -print_help (char *cmd) +print_usage (void) { - printf ("Copyright (c) 1999 Ethan Galstad (nagios@nagios.org)\n" - "License: GPL\n\n"); - print_usage (); printf - ("\nOptions:\n" - " -h, --help\n" - " Print detailed help screen\n" - " -V, --version\n" - " Print version information\n" - " -H, --hostname=HOST\n" - " Name or IP address of the device you wish to query\n" - " -o, --oid=OID(s)\n" - " Object identifier(s) whose value you wish to query\n" - " -w, --warning=INTEGER_RANGE(s)\n" - " Range(s) which will not result in a WARNING status\n" - " -c, --critical=INTEGER_RANGE(s)\n" - " Range(s) which will not result in a CRITICAL status\n" - " -C, --community=STRING\n" - " Optional community string for SNMP communication\n" - " (default is \"public\")\n" - " -u, --units=STRING\n" - " Units label(s) for output data (e.g., 'sec.').\n" - " -p, --port=STRING\n" - " UDP port number target is listening on.\n" - " -d, --delimiter=STRING\n" - " Delimiter to use when parsing returned data. Default is \"%s\"\n" - " Any data on the right hand side of the delimiter is considered\n" - " to be the data that should be used in the evaluation.\n" - " -t, --timeout=INTEGER\n" - " Seconds to wait before plugin times out (see also nagios server timeout)\n" - " -D, --output-delimiter=STRING\n" - " Separates output on multiple OID requests\n" - " -s, --string=STRING\n" - " Return OK state (for that OID) if STRING is an exact match\n" - " -r, --ereg=REGEX\n" - " Return OK state (for that OID) if extended regular expression REGEX matches\n" - " -R, --eregi=REGEX\n" - " Return OK state (for that OID) if case-insensitive extended REGEX matches\n" - " -l, --label=STRING\n" - " Prefix label for output from plugin (default -s 'SNMP')\n\n" - "- This plugin uses the 'snmpget' command included with the UCD-SNMP package.\n" - " If you don't have the package installed, you will need to download it from\n" - " http://ucd-snmp.ucdavis.edu before you can use this plugin.\n" - "- Multiple OIDs may be indicated by a comma- or space-delimited list (lists with\n" - " internal spaces must be quoted)\n" - "- Ranges are inclusive and are indicated with colons. When specified as\n" - " 'min:max' a STATE_OK will be returned if the result is within the indicated\n" - " range or is equal to the upper or lower bound. A non-OK state will be\n" - " returned if the result is outside the specified range.\n" - "- If spcified in the order 'max:min' a non-OK state will be returned if the\n" - " result is within the (inclusive) range.\n" - "- Upper or lower bounds may be omitted to skip checking the respective limit.\n" - "- Bare integers are interpreted as upper limits.\n" - "- When checking multiple OIDs, separate ranges by commas like '-w 1:10,1:,:20'\n" - "- Note that only one string and one regex may be checked at present\n" - "- All evaluation methods other than PR, STR, and SUBSTR expect that the value\n" - " returned from the SNMP query is an unsigned integer.\n\n", - DEFAULT_DELIMITER); + ("Usage:\n" " %s %s\n" + " %s (-h | --help) for detailed help\n" + " %s (-V | --version) for version information\n", + progname, OPTIONS, progname, progname); } + + char * clarify_message (char *msg)