X-Git-Url: https://git.tokkee.org/?a=blobdiff_plain;f=plugins%2Fcheck_snmp.c;h=f04ca85fa2e9fb76f93b8550495c680909b55c50;hb=25d1ee331dbe4977a4a1a756c67f32bd51d9b070;hp=6f187113b79e61afe993b708ebf660f65907afe7;hpb=62291c185489730733ac0902484bf7d385da0806;p=nagiosplug.git diff --git a/plugins/check_snmp.c b/plugins/check_snmp.c index 6f18711..f04ca85 100644 --- a/plugins/check_snmp.c +++ b/plugins/check_snmp.c @@ -1,104 +1,51 @@ -/****************************************************************************** - * - * Program: SNMP plugin for Nagios - * License: GPL - * - * License Information: - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - * - *./plugins/check_snmp 127.0.0.1 -c public -o .1.3.6.1.4.1.2021.9.1.2.1 - * - *****************************************************************************/ - -#define PROGNAME "check_snmp" -#define REVISION "$Revision$" -#define COPYRIGHT "1999-2002" -#define AUTHOR "Ethan Galstad" -#define EMAIL "nagios@nagios.org" -#define SUMMARY "Check status of remote machines using SNMP.\n" - -#define OPTIONS "\ --H -o [-w warn_range] [-c crit_range] \n\ - [-C community] [-s string] [-r regex] [-R regexi] [-t timeout]\n\ - [-l label] [-u units] [-p port-number] [-d delimiter]\n\ - [-D output-delimiter]" - -#define LONGOPTIONS "\ - -H, --hostname=HOST\n\ - Name or IP address of the device you wish to query\n\ - -o, --oid=OID(s)\n\ - Object identifier(s) whose value you wish to query\n\ - -w, --warning=INTEGER_RANGE(s)\n\ - Range(s) which will not result in a WARNING status\n\ - -c, --critical=INTEGER_RANGE(s)\n\ - Range(s) which will not result in a CRITICAL status\n\ - -C, --community=STRING\n\ - Optional community string for SNMP communication\n\ - (default is \"%s\")\n\ - -u, --units=STRING\n\ - Units label(s) for output data (e.g., 'sec.').\n\ - -p, --port=STRING\n\ - UDP port number target is listening on. Default is \"%s\"\n\ - -d, --delimiter=STRING\n\ - Delimiter to use when parsing returned data. Default is \"%s\"\n\ - Any data on the right hand side of the delimiter is considered\n\ - to be the data that should be used in the evaluation.\n\ - -t, --timeout=INTEGER\n\ - Seconds to wait before plugin times out (see also nagios server timeout).\n\ - Default is %d seconds\n\ - -D, --output-delimiter=STRING\n\ - Separates output on multiple OID requests\n\ - -s, --string=STRING\n\ - Return OK state (for that OID) if STRING is an exact match\n\ - -r, --ereg=REGEX\n\ - Return OK state (for that OID) if extended regular expression REGEX matches\n\ - -R, --eregi=REGEX\n\ - Return OK state (for that OID) if case-insensitive extended REGEX matches\n\ - -l, --label=STRING\n\ - Prefix label for output from plugin (default -s 'SNMP')\n" - -#define NOTES "\ -- This plugin uses the 'snmpget' command included with the UCD-SNMP package.\n\ - If you don't have the package installed, you will need to download it from\n\ - http://ucd-snmp.ucdavis.edu before you can use this plugin.\n\ -- Multiple OIDs may be indicated by a comma- or space-delimited list (lists with\n\ - internal spaces must be quoted)\n\ -- Ranges are inclusive and are indicated with colons. When specified as\n\ - 'min:max' a STATE_OK will be returned if the result is within the indicated\n\ - range or is equal to the upper or lower bound. A non-OK state will be\n\ - returned if the result is outside the specified range.\n\ -- If spcified in the order 'max:min' a non-OK state will be returned if the\n\ - result is within the (inclusive) range.\n\ -- Upper or lower bounds may be omitted to skip checking the respective limit.\n\ -- Bare integers are interpreted as upper limits.\n\ -- When checking multiple OIDs, separate ranges by commas like '-w 1:10,1:,:20'\n\ -- Note that only one string and one regex may be checked at present\n\ -- All evaluation methods other than PR, STR, and SUBSTR expect that the value\n\ - returned from the SNMP query is an unsigned integer.\n" - -#define DESCRIPTION "\ -This plugin gets system information on a remote server via snmp.\n" - -#define DEFAULT_COMMUNITY "public" -#define DEFAULT_PORT "161" -#define DEFAULT_TIMEOUT 10 +/***************************************************************************** +* +* Nagios check_snmp plugin +* +* License: GPL +* Copyright (c) 1999-2007 Nagios Plugins Development Team +* +* Description: +* +* This file contains the check_snmp plugin +* +* Check status of remote machines and obtain system information via SNMP +* +* +* This program is free software: you can redistribute it and/or modify +* it under the terms of the GNU General Public License as published by +* the Free Software Foundation, either version 3 of the License, or +* (at your option) any later version. +* +* This program is distributed in the hope that it will be useful, +* but WITHOUT ANY WARRANTY; without even the implied warranty of +* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +* GNU General Public License for more details. +* +* You should have received a copy of the GNU General Public License +* along with this program. If not, see . +* +* +*****************************************************************************/ + +const char *progname = "check_snmp"; +const char *copyright = "1999-2007"; +const char *email = "nagiosplug-devel@lists.sourceforge.net"; #include "common.h" #include "utils.h" -#include "popen.h" +#include "utils_cmd.h" + +#define DEFAULT_COMMUNITY "public" +#define DEFAULT_PORT "161" +#define DEFAULT_MIBLIST "ALL" +#define DEFAULT_PROTOCOL "1" +#define DEFAULT_TIMEOUT 1 +#define DEFAULT_RETRIES 5 +#define DEFAULT_AUTH_PROTOCOL "MD5" +#define DEFAULT_PRIV_PROTOCOL "DES" +#define DEFAULT_DELIMITER "=" +#define DEFAULT_OUTPUT_DELIMITER " " #define mark(a) ((a)!=0?"*":"") @@ -106,285 +53,336 @@ This plugin gets system information on a remote server via snmp.\n" #define CRIT_PRESENT 1 #define CRIT_STRING 2 #define CRIT_REGEX 4 -#define CRIT_GT 8 -#define CRIT_LT 16 -#define CRIT_GE 32 -#define CRIT_LE 64 -#define CRIT_EQ 128 -#define CRIT_NE 256 -#define CRIT_RANGE 512 -#define WARN_PRESENT 1024 -#define WARN_STRING 2048 -#define WARN_REGEX 4096 -#define WARN_GT 8192 -#define WARN_LT 16384 -#define WARN_GE 32768 -#define WARN_LE 65536 -#define WARN_EQ 131072 -#define WARN_NE 262144 -#define WARN_RANGE 524288 +#define WARN_PRESENT 8 +#define WARN_STRING 16 +#define WARN_REGEX 32 #define MAX_OIDS 8 -#define MAX_DELIM_LENGTH 8 -#define DEFAULT_DELIMITER "=" -#define DEFAULT_OUTPUT_DELIMITER " " -void print_usage (void); -void print_help (void); int process_arguments (int, char **); int validate_arguments (void); -int check_num (int); -char *clarify_message (char *); -int lu_getll (unsigned long *, char *); -int lu_getul (unsigned long *, char *); char *thisarg (char *str); char *nextarg (char *str); +void print_usage (void); +void print_help (void); -#ifdef HAVE_REGEX_H -#include +#include "regex.h" char regex_expect[MAX_INPUT_BUFFER] = ""; regex_t preg; regmatch_t pmatch[10]; -char timestamp[10] = ""; -char regex[MAX_INPUT_BUFFER]; -char errbuf[MAX_INPUT_BUFFER]; +char errbuf[MAX_INPUT_BUFFER] = ""; +char perfstr[MAX_INPUT_BUFFER] = "| "; int cflags = REG_EXTENDED | REG_NOSUB | REG_NEWLINE; int eflags = 0; int errcode, excode; -#endif char *server_address = NULL; char *community = NULL; -char *oid = ""; -char *label = NULL; -char *units = NULL; -char *port = DEFAULT_PORT; +char **authpriv = NULL; +char *proto = NULL; +char *seclevel = NULL; +char *secname = NULL; +char *authproto = NULL; +char *privproto = NULL; +char *authpasswd = NULL; +char *privpasswd = NULL; +char **oids = NULL; +char *label; +char *units; +char *port; +char *snmpcmd; char string_value[MAX_INPUT_BUFFER] = ""; char **labels = NULL; char **unitv = NULL; -int nlabels = 0; -int labels_size = 8; -int nunits = 0; -int unitv_size = 8; -int verbose = FALSE; -unsigned long lower_warn_lim[MAX_OIDS]; -unsigned long upper_warn_lim[MAX_OIDS]; -unsigned long lower_crit_lim[MAX_OIDS]; -unsigned long upper_crit_lim[MAX_OIDS]; -unsigned long response_value[MAX_OIDS]; -int check_warning_value = FALSE; -int check_critical_value = FALSE; +size_t nlabels = 0; +size_t labels_size = 8; +size_t nunits = 0; +size_t unitv_size = 8; +int numoids = 0; +int numauthpriv = 0; +int verbose = 0; +int usesnmpgetnext = FALSE; +char *warning_thresholds = NULL; +char *critical_thresholds = NULL; +thresholds *thlds[MAX_OIDS]; +double response_value[MAX_OIDS]; +int retries = 0; int eval_method[MAX_OIDS]; -char *delimiter = NULL; -char *output_delim = NULL; +char *delimiter; +char *output_delim; +char *miblist = NULL; +int needmibs = FALSE; int main (int argc, char **argv) { - int i = 0; + int i, len; int iresult = STATE_UNKNOWN; - int found = 0; - int result = STATE_DEPENDENT; - char input_buffer[MAX_INPUT_BUFFER]; - char *command_line = NULL; + int result = STATE_UNKNOWN; + int return_code = 0; + int external_error = 0; + char **command_line = NULL; + char *cl_hidden_auth = NULL; + char *oidname = NULL; char *response = NULL; - char *outbuff = ""; - char *output = NULL; + char *outbuff; char *ptr = NULL; - char *p2 = NULL; char *show = NULL; + char *th_warn=NULL; + char *th_crit=NULL; + char type[8] = ""; + output chld_out, chld_err; + + setlocale (LC_ALL, ""); + bindtextdomain (PACKAGE, LOCALEDIR); + textdomain (PACKAGE); labels = malloc (labels_size); unitv = malloc (unitv_size); for (i = 0; i < MAX_OIDS; i++) eval_method[i] = CHECK_UNDEF; - i = 0; + + label = strdup ("SNMP"); + units = strdup (""); + port = strdup (DEFAULT_PORT); + outbuff = strdup (""); + delimiter = strdup (" = "); + output_delim = strdup (DEFAULT_OUTPUT_DELIMITER); + timeout_interval = DEFAULT_TIMEOUT; + retries = DEFAULT_RETRIES; + + /* Parse extra opts if any */ + argv=np_extra_opts (&argc, argv, progname); if (process_arguments (argc, argv) == ERROR) - usage ("Incorrect arguments supplied\n"); + usage4 (_("Could not parse arguments")); + + /* Populate the thresholds */ + th_warn=warning_thresholds; + th_crit=critical_thresholds; + for (i=0; i 0) { + printf (_("External command error: %s\n"), chld_err.line[0]); + for (i = 1; i < chld_err.lines; i++) { + printf ("%s\n", chld_err.line[i]); + } + } else { + printf(_("External command error with no output (return code: %d)\n"), return_code); + } + exit (STATE_UNKNOWN); + } - ptr = output; + if (verbose) { + for (i = 0; i < chld_out.lines; i++) { + printf ("%s\n", chld_out.line[i]); + } + } - while (ptr) { + for (i = 0; i < chld_out.lines; i++) { + const char *conv = "%.0f"; - ptr = strstr (ptr, delimiter); - if (ptr == NULL) + ptr = chld_out.line[i]; + oidname = strpcpy (oidname, ptr, delimiter); + response = strstr (ptr, delimiter); + if (response == NULL) break; - ptr += strlen (delimiter); - ptr += strspn (ptr, " "); - - found++; - - if (ptr[0] == '"') { - ptr++; - response = strpcpy (response, ptr, "\""); - ptr = strpbrk (ptr, "\""); - ptr += strspn (ptr, "\"\n"); - } - else { - response = strpcpy (response, ptr, "\n"); - ptr = strpbrk (ptr, "\n"); - ptr += strspn (ptr, "\n"); - while - (strstr (ptr, delimiter) && - strstr (ptr, "\n") && strstr (ptr, "\n") < strstr (ptr, delimiter)) { - response = strpcat (response, ptr, "\n"); - ptr = strpbrk (ptr, "\n"); - } - if (ptr && strstr (ptr, delimiter) == NULL) { - response = strscat (response, ptr); - ptr = NULL; - } + if (verbose > 2) { + printf("Processing line %i\n oidname: %s\n response: %s\n", i+1, oidname, response); } + /* Clean up type array - Sol10 does not necessarily zero it out */ + bzero(type, sizeof(type)); + + /* We strip out the datatype indicator for PHBs */ if (strstr (response, "Gauge: ")) show = strstr (response, "Gauge: ") + 7; else if (strstr (response, "Gauge32: ")) show = strstr (response, "Gauge32: ") + 9; + else if (strstr (response, "Counter32: ")) { + show = strstr (response, "Counter32: ") + 11; + strcpy(type, "c"); + } + else if (strstr (response, "Counter64: ")) { + show = strstr (response, "Counter64: ") + 11; + strcpy(type, "c"); + } + else if (strstr (response, "INTEGER: ")) + show = strstr (response, "INTEGER: ") + 9; + else if (strstr (response, "STRING: ")) { + show = strstr (response, "STRING: ") + 8; + conv = "%.10g"; + } + else if (strstr (response, "Timeticks: ")) + show = strstr (response, "Timeticks: "); else show = response; - p2 = show; iresult = STATE_DEPENDENT; - if (eval_method[i] & CRIT_PRESENT) { - iresult = STATE_CRITICAL; - } else if (eval_method[i] & WARN_PRESENT) { - iresult = STATE_WARNING; - } - - if (eval_method[i] & CRIT_GT || - eval_method[i] & CRIT_LT || - eval_method[i] & CRIT_GE || - eval_method[i] & CRIT_LE || - eval_method[i] & CRIT_EQ || - eval_method[i] & CRIT_NE || - eval_method[i] & WARN_GT || - eval_method[i] & WARN_LT || - eval_method[i] & WARN_GE || - eval_method[i] & WARN_LE || - eval_method[i] & WARN_EQ || eval_method[i] & WARN_NE) { - p2 = strpbrk (p2, "0123456789"); - response_value[i] = strtoul (p2, NULL, 10); - iresult = check_num (i); - asprintf (&show, "%lu", response_value[i]); - /*asprintf (&show, "%s", response); */ + /* Process this block for integer comparisons */ + if (thlds[i]->warning || thlds[i]->critical) { + ptr = strpbrk (show, "0123456789"); + if (ptr == NULL) + die (STATE_UNKNOWN,_("No valid data returned")); + response_value[i] = strtod (ptr, NULL); + iresult = get_status(response_value[i], thlds[i]); + asprintf (&show, conv, response_value[i]); } + /* Process this block for string matching */ else if (eval_method[i] & CRIT_STRING) { - if (strcmp (response, string_value)) + if (strcmp (show, string_value)) iresult = STATE_CRITICAL; else iresult = STATE_OK; } + /* Process this block for regex matching */ else if (eval_method[i] & CRIT_REGEX) { -#ifdef HAVE_REGEX_H excode = regexec (&preg, response, 10, pmatch, eflags); if (excode == 0) { iresult = STATE_OK; } else if (excode != REG_NOMATCH) { regerror (excode, &preg, errbuf, MAX_INPUT_BUFFER); - printf ("Execute Error: %s\n", errbuf); + printf (_("Execute Error: %s\n"), errbuf); exit (STATE_CRITICAL); } else { iresult = STATE_CRITICAL; } -#else - printf ("SNMP UNKNOWN: call for regex which was not a compiled option"); - exit (STATE_UNKNOWN); -#endif } - if (response && iresult == STATE_DEPENDENT) - iresult = STATE_OK; - else if (eval_method[i] & CRIT_PRESENT) - iresult = STATE_CRITICAL; - else - iresult = STATE_WARNING; + /* Process this block for existence-nonexistence checks */ + else { + if (eval_method[i] & CRIT_PRESENT) + iresult = STATE_CRITICAL; + else if (eval_method[i] & WARN_PRESENT) + iresult = STATE_WARNING; + else if (response && iresult == STATE_DEPENDENT) + iresult = STATE_OK; + } + /* Result is the worst outcome of all the OIDs tested */ result = max_state (result, iresult); - if (nlabels > 1 && i < nlabels && labels[i] != NULL) + /* Prepend a label for this OID if there is one */ + if (nlabels > (size_t)1 && (size_t)i < nlabels && labels[i] != NULL) asprintf (&outbuff, "%s%s%s %s%s%s", outbuff, - (i == 0) ? " " : output_delim, - labels[i], mark (iresult), show, mark (iresult)); + (i == 0) ? " " : output_delim, + labels[i], mark (iresult), show, mark (iresult)); else asprintf (&outbuff, "%s%s%s%s%s", outbuff, (i == 0) ? " " : output_delim, - mark (iresult), show, mark (iresult)); + mark (iresult), show, mark (iresult)); - if (nunits > 0 && i < nunits) + /* Append a unit string for this OID if there is one */ + if (nunits > (size_t)0 && (size_t)i < nunits && unitv[i] != NULL) asprintf (&outbuff, "%s %s", outbuff, unitv[i]); - i++; - - } /* end while */ - - if (found == 0) - terminate - (STATE_UNKNOWN, - "%s problem - No data recieved from host\nCMD: %s\n", - label, command_line); - - /* WARNING if output found on stderr */ - if (fgets (input_buffer, MAX_INPUT_BUFFER - 1, child_stderr)) - result = max_state (result, STATE_WARNING); - - /* close stderr */ - (void) fclose (child_stderr); - - /* close the pipe */ - if (spclose (child_process)) - result = max_state (result, STATE_WARNING); + /* Write perfdata with whatever can be parsed by strtod, if possible */ + ptr = NULL; + strtod(show, &ptr); + if (ptr > show) { + strncat(perfstr, oidname, sizeof(perfstr)-strlen(perfstr)-1); + strncat(perfstr, "=", sizeof(perfstr)-strlen(perfstr)-1); + len = sizeof(perfstr)-strlen(perfstr)-1; + strncat(perfstr, show, len>ptr-show ? ptr-show : len); + + if (type) + strncat(perfstr, type, sizeof(perfstr)-strlen(perfstr)-1); + strncat(perfstr, " ", sizeof(perfstr)-strlen(perfstr)-1); + } + } - if (nunits > 0) - printf ("%s %s -%s %s\n", label, state_text (result), outbuff, units); - else - printf ("%s %s -%s\n", label, state_text (result), outbuff); + printf ("%s %s -%s %s \n", label, state_text (result), outbuff, perfstr); return result; } + + /* process command-line arguments */ int process_arguments (int argc, char **argv) { char *ptr; int c = 1; - int j = 0, jj = 0; + int j = 0, jj = 0, ii = 0; -#ifdef HAVE_GETOPT_H - int option_index = 0; - static struct option long_options[] = { + int option = 0; + static struct option longopts[] = { STD_LONG_OPTS, {"community", required_argument, 0, 'C'}, {"oid", required_argument, 0, 'o'}, @@ -392,15 +390,25 @@ process_arguments (int argc, char **argv) {"delimiter", required_argument, 0, 'd'}, {"output-delimiter", required_argument, 0, 'D'}, {"string", required_argument, 0, 's'}, + {"timeout", required_argument, 0, 't'}, {"regex", required_argument, 0, 'r'}, {"ereg", required_argument, 0, 'r'}, {"eregi", required_argument, 0, 'R'}, {"label", required_argument, 0, 'l'}, {"units", required_argument, 0, 'u'}, {"port", required_argument, 0, 'p'}, + {"retries", required_argument, 0, 'e'}, + {"miblist", required_argument, 0, 'm'}, + {"protocol", required_argument, 0, 'P'}, + {"seclevel", required_argument, 0, 'L'}, + {"secname", required_argument, 0, 'U'}, + {"authproto", required_argument, 0, 'a'}, + {"privproto", required_argument, 0, 'x'}, + {"authpasswd", required_argument, 0, 'A'}, + {"privpasswd", required_argument, 0, 'X'}, + {"next", no_argument, 0, 'n'}, {0, 0, 0, 0} }; -#endif if (argc < 2) return ERROR; @@ -416,122 +424,134 @@ process_arguments (int argc, char **argv) } while (1) { -#ifdef HAVE_GETOPT_H - c = - getopt_long (argc, argv, "hVt:c:w:H:C:o:e:E:d:D:s:R:r:l:u:p:", - long_options, &option_index); -#else - c = getopt (argc, argv, "hVt:c:w:H:C:o:e:E:d:D:s:R:r:l:u:p:"); -#endif + c = getopt_long (argc, argv, "nhvVt:c:w:H:C:o:e:E:d:D:s:t:R:r:l:u:p:m:P:L:U:a:x:A:X:", + longopts, &option); if (c == -1 || c == EOF) break; switch (c) { case '?': /* usage */ - usage3 ("Unknown argument", optopt); + usage5 (); case 'h': /* help */ print_help (); exit (STATE_OK); case 'V': /* version */ - print_revision (PROGNAME, REVISION); + print_revision (progname, NP_VERSION); exit (STATE_OK); case 'v': /* verbose */ - verbose = TRUE; + verbose++; break; - case 't': /* timeout period */ - if (!is_integer (optarg)) - usage2 ("Timeout Interval must be an integer", optarg); - timeout_interval = atoi (optarg); + + /* Connection info */ + case 'C': /* group or community */ + community = optarg; break; - case 'e': /* PRELIMINARY - may change */ - eval_method[j] |= WARN_PRESENT; - for (ptr = optarg; (ptr = index (ptr, ',')); ptr++) - ptr[0] = ' '; /* relpace comma with space */ - for (ptr = optarg; (ptr = index (ptr, ' ')); ptr++) - eval_method[++j] |= WARN_PRESENT; - asprintf (&oid, "%s %s", (oid?oid:""), optarg); + case 'H': /* Host or server */ + server_address = optarg; break; - case 'E': /* PRELIMINARY - may change */ - eval_method[j] |= WARN_PRESENT; - for (ptr = optarg; (ptr = index (ptr, ',')); ptr++) - ptr[0] = ' '; /* relpace comma with space */ - for (ptr = optarg; (ptr = index (ptr, ' ')); ptr++) - eval_method[++j] |= CRIT_PRESENT; - asprintf (&oid, "%s %s", (oid?oid:""), optarg); + case 'p': /* TCP port number */ + port = optarg; break; - case 'c': /* critical time threshold */ - if (strspn (optarg, "0123456789:,") < strlen (optarg)) { - printf ("Invalid critical threshold: %s\n", optarg); - print_usage (); - exit (STATE_UNKNOWN); - } - for (ptr = optarg, jj = 0; ptr && jj < MAX_OIDS; jj++) { - if (lu_getll (&lower_crit_lim[jj], ptr) == 1) - eval_method[jj] |= CRIT_LT; - if (lu_getul (&upper_crit_lim[jj], ptr) == 1) - eval_method[jj] |= CRIT_GT; - (ptr = index (ptr, ',')) ? ptr++ : ptr; - } + case 'm': /* List of MIBS */ + miblist = optarg; break; - case 'w': /* warning time threshold */ - if (strspn (optarg, "0123456789:,") < strlen (optarg)) { - printf ("Invalid warning threshold: %s\n", optarg); - print_usage (); - exit (STATE_UNKNOWN); - } - for (ptr = optarg, jj = 0; ptr && jj < MAX_OIDS; jj++) { - if (lu_getll (&lower_warn_lim[jj], ptr) == 1) - eval_method[jj] |= WARN_LT; - if (lu_getul (&upper_warn_lim[jj], ptr) == 1) - eval_method[jj] |= WARN_GT; - (ptr = index (ptr, ',')) ? ptr++ : ptr; - } + case 'n': /* usesnmpgetnext */ + usesnmpgetnext = TRUE; break; - case 'H': /* Host or server */ - server_address = strscpy (server_address, optarg); + case 'P': /* SNMP protocol version */ + proto = optarg; break; - case 'C': /* group or community */ - community = strscpy (community, optarg); + case 'L': /* security level */ + seclevel = optarg; break; - case 'o': /* object identifier */ - for (ptr = optarg; (ptr = index (ptr, ',')); ptr++) - ptr[0] = ' '; /* relpace comma with space */ - for (ptr = optarg; (ptr = index (ptr, ' ')); ptr++) - j++; /* count OIDs */ - asprintf (&oid, "%s %s", (oid?oid:""), optarg); + case 'U': /* security username */ + secname = optarg; break; - case 'd': /* delimiter */ - delimiter = strscpy (delimiter, optarg); + case 'a': /* auth protocol */ + authproto = optarg; break; - case 'D': /* output-delimiter */ - output_delim = strscpy (output_delim, optarg); + case 'x': /* priv protocol */ + privproto = optarg; + break; + case 'A': /* auth passwd */ + authpasswd = optarg; + break; + case 'X': /* priv passwd */ + privpasswd = optarg; + break; + case 't': /* timeout period */ + if (!is_integer (optarg)) + usage2 (_("Timeout interval must be a positive integer"), optarg); + else + timeout_interval = atoi (optarg); + break; + + /* Test parameters */ + case 'c': /* critical threshold */ + critical_thresholds = optarg; + break; + case 'w': /* warning threshold */ + warning_thresholds = optarg; + break; + case 'e': /* PRELIMINARY - may change */ + case 'E': /* PRELIMINARY - may change */ + if (!is_integer (optarg)) + usage2 (_("Retries interval must be a positive integer"), optarg); + else + retries = atoi(optarg); + break; + case 'o': /* object identifier */ + if ( strspn( optarg, "0123456789.," ) != strlen( optarg ) ) { + /* + * we have something other than digits, periods and comas, + * so we have a mib variable, rather than just an SNMP OID, + * so we have to actually read the mib files + */ + needmibs = TRUE; + } + if (!oids) oids = calloc(MAX_OIDS, sizeof (char *)); + for (ptr = strtok(optarg, ", "); ptr != NULL && j < MAX_OIDS; ptr = strtok(NULL, ", "), j++) { + oids[j] = strdup(ptr); + } + numoids = j; + if (c == 'E' || c == 'e') { + jj++; + ii++; + } + if (c == 'E') + eval_method[j+1] |= WARN_PRESENT; + else if (c == 'e') + eval_method[j+1] |= CRIT_PRESENT; break; case 's': /* string or substring */ strncpy (string_value, optarg, sizeof (string_value) - 1); string_value[sizeof (string_value) - 1] = 0; eval_method[jj++] = CRIT_STRING; + ii++; break; case 'R': /* regex */ -#ifdef HAVE_REGEX_H cflags = REG_ICASE; -#endif case 'r': /* regex */ -#ifdef HAVE_REGEX_H cflags |= REG_EXTENDED | REG_NOSUB | REG_NEWLINE; strncpy (regex_expect, optarg, sizeof (regex_expect) - 1); regex_expect[sizeof (regex_expect) - 1] = 0; errcode = regcomp (&preg, regex_expect, cflags); if (errcode != 0) { regerror (errcode, &preg, errbuf, MAX_INPUT_BUFFER); - printf ("Could Not Compile Regular Expression"); + printf (_("Could Not Compile Regular Expression")); return ERROR; } eval_method[jj++] = CRIT_REGEX; -#else - printf ("SNMP UNKNOWN: call for regex which was not a compiled option"); - exit (STATE_UNKNOWN); -#endif + ii++; + break; + + /* Format */ + case 'd': /* delimiter */ + delimiter = strscpy (delimiter, optarg); + break; + case 'D': /* output-delimiter */ + output_delim = strscpy (output_delim, optarg); break; case 'l': /* label */ label = optarg; @@ -540,21 +560,19 @@ process_arguments (int argc, char **argv) labels_size += 8; labels = realloc (labels, labels_size); if (labels == NULL) - terminate (STATE_UNKNOWN, - "Could not realloc() labels[%d]", nlabels); + die (STATE_UNKNOWN, _("Could not reallocate labels[%d]"), (int)nlabels); } labels[nlabels - 1] = optarg; ptr = thisarg (optarg); + labels[nlabels - 1] = ptr; if (strstr (ptr, "'") == ptr) labels[nlabels - 1] = ptr + 1; - else - labels[nlabels - 1] = ptr; while (ptr && (ptr = nextarg (ptr))) { if (nlabels >= labels_size) { labels_size += 8; labels = realloc (labels, labels_size); if (labels == NULL) - terminate (STATE_UNKNOWN, "Could not realloc() labels\n"); + die (STATE_UNKNOWN, _("Could not reallocate labels\n")); } labels++; ptr = thisarg (ptr); @@ -571,21 +589,19 @@ process_arguments (int argc, char **argv) unitv_size += 8; unitv = realloc (unitv, unitv_size); if (unitv == NULL) - terminate (STATE_UNKNOWN, - "Could not realloc() units [%d]\n", nunits); + die (STATE_UNKNOWN, _("Could not reallocate units [%d]\n"), (int)nunits); } unitv[nunits - 1] = optarg; ptr = thisarg (optarg); + unitv[nunits - 1] = ptr; if (strstr (ptr, "'") == ptr) unitv[nunits - 1] = ptr + 1; - else - unitv[nunits - 1] = ptr; while (ptr && (ptr = nextarg (ptr))) { if (nunits >= unitv_size) { unitv_size += 8; unitv = realloc (unitv, unitv_size); if (units == NULL) - terminate (STATE_UNKNOWN, "Could not realloc() units\n"); + die (STATE_UNKNOWN, _("Could not realloc() units\n")); } nunits++; ptr = thisarg (ptr); @@ -595,19 +611,20 @@ process_arguments (int argc, char **argv) unitv[nunits - 1] = ptr; } break; - case 'p': /* TCP port number */ - port = strscpy(port, optarg); - break; } } if (server_address == NULL) - asprintf (&server_address, argv[optind]); + server_address = argv[optind]; + + if (community == NULL) + community = strdup (DEFAULT_COMMUNITY); return validate_arguments (); } + /****************************************************************************** @@- @@ -616,178 +633,115 @@ process_arguments (int argc, char **argv) &PROTO_validate_arguments; -Given a database name, this function returns TRUE if the string -is a valid PostgreSQL database name, and returns false if it is -not. +Checks to see if the default miblist needs to be loaded. Also verifies +the authentication and authorization combinations based on protocol version +selected. -Valid PostgreSQL database names are less than &NAMEDATALEN; -characters long and consist of letters, numbers, and underscores. The -first character cannot be a number, however. + -@@ ******************************************************************************/ + + int validate_arguments () { + /* check whether to load locally installed MIBS (CPU/disk intensive) */ + if (miblist == NULL) { + if ( needmibs == TRUE ) { + miblist = strdup (DEFAULT_MIBLIST); + }else{ + miblist = ""; /* don't read any mib files for numeric oids */ + } + } - if (community == NULL) - asprintf (&community, DEFAULT_COMMUNITY); - - if (delimiter == NULL) - asprintf (&delimiter, DEFAULT_DELIMITER); - - if (output_delim == NULL) - asprintf (&output_delim, DEFAULT_OUTPUT_DELIMITER); - - if (label == NULL) - asprintf (&label, "SNMP"); - - if (units == NULL) - asprintf (&units, ""); - - return OK; -} - - - -void -print_help (void) -{ - print_revision (PROGNAME, REVISION); - printf - ("Copyright (c) %s %s <%s>\n\n%s\n", - COPYRIGHT, AUTHOR, EMAIL, SUMMARY); - print_usage (); - printf - ("\nOptions:\n" LONGOPTIONS "\n" DESCRIPTION "\n" NOTES "\n", - DEFAULT_COMMUNITY, DEFAULT_PORT, DEFAULT_DELIMITER, DEFAULT_TIMEOUT); - support (); -} + /* Check server_address is given */ + if (server_address == NULL) + die(STATE_UNKNOWN, _("No host specified\n")); -void -print_usage (void) -{ - printf - ("Usage:\n" " %s %s\n" - " %s (-h | --help) for detailed help\n" - " %s (-V | --version) for version information\n", - PROGNAME, OPTIONS, PROGNAME, PROGNAME); -} - + /* Check oid is given */ + if (numoids == 0) + die(STATE_UNKNOWN, _("No OIDs specified\n")); + if (proto == NULL) + asprintf(&proto, DEFAULT_PROTOCOL); -char * -clarify_message (char *msg) -{ - int i = 0; - int foo; - char tmpmsg_c[MAX_INPUT_BUFFER]; - char *tmpmsg = (char *) &tmpmsg_c; - tmpmsg = strcpy (tmpmsg, msg); - if (!strncmp (tmpmsg, " Hex:", 5)) { - tmpmsg = strtok (tmpmsg, ":"); - while ((tmpmsg = strtok (NULL, " "))) { - foo = strtol (tmpmsg, NULL, 16); - /* Translate chars that are not the same value in the printers - * character set. - */ - switch (foo) { - case 208: - { - foo = 197; - break; - } - case 216: - { - foo = 196; - break; - } - } - msg[i] = foo; - i++; - } - msg[i] = 0; + if ((strcmp(proto,"1") == 0) || (strcmp(proto, "2c")==0)) { /* snmpv1 or snmpv2c */ + numauthpriv = 2; + authpriv = calloc (numauthpriv, sizeof (char *)); + authpriv[0] = strdup ("-c"); + authpriv[1] = strdup (community); } - return (msg); -} - + else if ( strcmp (proto, "3") == 0 ) { /* snmpv3 args */ + if (seclevel == NULL) + asprintf(&seclevel, "noAuthNoPriv"); + + if (strcmp(seclevel, "noAuthNoPriv") == 0) { + numauthpriv = 2; + authpriv = calloc (numauthpriv, sizeof (char *)); + authpriv[0] = strdup ("-l"); + authpriv[1] = strdup ("noAuthNoPriv"); + } else { + if (! ( (strcmp(seclevel, "authNoPriv")==0) || (strcmp(seclevel, "authPriv")==0) ) ) { + usage2 (_("Invalid seclevel"), seclevel); + } -int -check_num (int i) -{ - int result; - result = STATE_OK; - if (eval_method[i] & WARN_GT && eval_method[i] & WARN_LT && - lower_warn_lim[i] > upper_warn_lim[i]) { - if (response_value[i] <= lower_warn_lim[i] && - response_value[i] >= upper_warn_lim[i]) { - result = STATE_WARNING; + if (authproto == NULL ) + asprintf(&authproto, DEFAULT_AUTH_PROTOCOL); + + if (secname == NULL) + die(STATE_UNKNOWN, _("Required parameter: %s\n"), "secname"); + + if (authpasswd == NULL) + die(STATE_UNKNOWN, _("Required parameter: %s\n"), "authpasswd"); + + if ( strcmp(seclevel, "authNoPriv") == 0 ) { + numauthpriv = 8; + authpriv = calloc (numauthpriv, sizeof (char *)); + authpriv[0] = strdup ("-l"); + authpriv[1] = strdup ("authNoPriv"); + authpriv[2] = strdup ("-a"); + authpriv[3] = strdup (authproto); + authpriv[4] = strdup ("-u"); + authpriv[5] = strdup (secname); + authpriv[6] = strdup ("-A"); + authpriv[7] = strdup (authpasswd); + } else if ( strcmp(seclevel, "authPriv") == 0 ) { + if (privproto == NULL ) + asprintf(&privproto, DEFAULT_PRIV_PROTOCOL); + + if (privpasswd == NULL) + die(STATE_UNKNOWN, _("Required parameter: %s\n"), "privpasswd"); + + numauthpriv = 12; + authpriv = calloc (numauthpriv, sizeof (char *)); + authpriv[0] = strdup ("-l"); + authpriv[1] = strdup ("authPriv"); + authpriv[2] = strdup ("-a"); + authpriv[3] = strdup (authproto); + authpriv[4] = strdup ("-u"); + authpriv[5] = strdup (secname); + authpriv[6] = strdup ("-A"); + authpriv[7] = strdup (authpasswd); + authpriv[8] = strdup ("-x"); + authpriv[9] = strdup (privproto); + authpriv[10] = strdup ("-X"); + authpriv[11] = strdup (privpasswd); + } } - } - else if - ((eval_method[i] & WARN_GT && response_value[i] > upper_warn_lim[i]) || - (eval_method[i] & WARN_GE && response_value[i] >= upper_warn_lim[i]) || - (eval_method[i] & WARN_LT && response_value[i] < lower_warn_lim[i]) || - (eval_method[i] & WARN_LE && response_value[i] <= lower_warn_lim[i]) || - (eval_method[i] & WARN_EQ && response_value[i] == upper_warn_lim[i]) || - (eval_method[i] & WARN_NE && response_value[i] != upper_warn_lim[i])) { - result = STATE_WARNING; - } - if (eval_method[i] & CRIT_GT && eval_method[i] & CRIT_LT && - lower_warn_lim[i] > upper_warn_lim[i]) { - if (response_value[i] <= lower_crit_lim[i] && - response_value[i] >= upper_crit_lim[i]) { - result = STATE_CRITICAL; - } } - else if - ((eval_method[i] & CRIT_GT && response_value[i] > upper_crit_lim[i]) || - (eval_method[i] & CRIT_GE && response_value[i] >= upper_crit_lim[i]) || - (eval_method[i] & CRIT_LT && response_value[i] < lower_crit_lim[i]) || - (eval_method[i] & CRIT_LE && response_value[i] <= lower_crit_lim[i]) || - (eval_method[i] & CRIT_EQ && response_value[i] == upper_crit_lim[i]) || - (eval_method[i] & CRIT_NE && response_value[i] != upper_crit_lim[i])) { - result = STATE_CRITICAL; + else { + usage2 (_("Invalid SNMP version"), proto); } - return result; -} - - -int -lu_getll (unsigned long *ll, char *str) -{ - char tmp[100]; - if (strchr (str, ':') == NULL) - return 0; - if (strchr (str, ',') != NULL && (strchr (str, ',') < strchr (str, ':'))) - return 0; - if (sscanf (str, "%lu%[:]", ll, tmp) == 2) - return 1; - return 0; -} - -int -lu_getul (unsigned long *ul, char *str) -{ - char tmp[100]; - if (sscanf (str, "%lu%[^,]", ul, tmp) == 1) - return 1; - if (sscanf (str, ":%lu%[^,]", ul, tmp) == 1) - return 1; - if (sscanf (str, "%*u:%lu%[^,]", ul, tmp) == 1) - return 1; - return 0; + return OK; } - - - /* trim leading whitespace if there is a leading quote, make sure it balances */ @@ -797,12 +751,13 @@ thisarg (char *str) str += strspn (str, " \t\r\n"); /* trim any leading whitespace */ if (strstr (str, "'") == str) { /* handle SIMPLE quoted strings */ if (strlen (str) == 1 || !strstr (str + 1, "'")) - terminate (STATE_UNKNOWN, "Unbalanced quotes\n"); + die (STATE_UNKNOWN, _("Unbalanced quotes\n")); } return str; } + /* if there's a leading quote, advance to the trailing quote set the trailing quote to '\x0' if the string continues, advance beyond the comma */ @@ -811,23 +766,21 @@ char * nextarg (char *str) { if (strstr (str, "'") == str) { + str[0] = 0; if (strlen (str) > 1) { str = strstr (str + 1, "'"); - str[0] = 0; return (++str); } else { - str[0] = 0; return NULL; } } if (strstr (str, ",") == str) { + str[0] = 0; if (strlen (str) > 1) { - str[0] = 0; return (++str); } else { - str[0] = 0; return NULL; } } @@ -837,3 +790,121 @@ nextarg (char *str) } return NULL; } + + + +void +print_help (void) +{ + print_revision (progname, NP_VERSION); + + printf (COPYRIGHT, copyright, email); + + printf ("%s\n", _("Check status of remote machines and obtain system information via SNMP")); + + printf ("\n\n"); + + print_usage (); + + printf (UT_HELP_VRSN); + printf (UT_EXTRA_OPTS); + + printf (UT_HOST_PORT, 'p', DEFAULT_PORT); + + /* SNMP and Authentication Protocol */ + printf (" %s\n", "-n, --next"); + printf (" %s\n", _("Use SNMP GETNEXT instead of SNMP GET")); + printf (" %s\n", "-P, --protocol=[1|2c|3]"); + printf (" %s\n", _("SNMP protocol version")); + printf (" %s\n", "-L, --seclevel=[noAuthNoPriv|authNoPriv|authPriv]"); + printf (" %s\n", _("SNMPv3 securityLevel")); + printf (" %s\n", "-a, --authproto=[MD5|SHA]"); + printf (" %s\n", _("SNMPv3 auth proto")); + printf (" %s\n", "-x, --privproto=[DES|AES]"); + printf (" %s\n", _("SNMPv3 priv proto (default DES)")); + + /* Authentication Tokens*/ + printf (" %s\n", "-C, --community=STRING"); + printf (" %s ", _("Optional community string for SNMP communication")); + printf ("(%s \"%s\")\n", _("default is") ,DEFAULT_COMMUNITY); + printf (" %s\n", "-U, --secname=USERNAME"); + printf (" %s\n", _("SNMPv3 username")); + printf (" %s\n", "-A, --authpassword=PASSWORD"); + printf (" %s\n", _("SNMPv3 authentication password")); + printf (" %s\n", "-X, --privpasswd=PASSWORD"); + printf (" %s\n", _("SNMPv3 privacy password")); + + /* OID Stuff */ + printf (" %s\n", "-o, --oid=OID(s)"); + printf (" %s\n", _("Object identifier(s) or SNMP variables whose value you wish to query")); + printf (" %s\n", "-m, --miblist=STRING"); + printf (" %s\n", _("List of MIBS to be loaded (default = none if using numeric OIDs or 'ALL'")); + printf (" %s\n", _("for symbolic OIDs.)")); + printf (" %s\n", "-d, --delimiter=STRING"); + printf (" %s \"%s\"\n", _("Delimiter to use when parsing returned data. Default is"), DEFAULT_DELIMITER); + printf (" %s\n", _("Any data on the right hand side of the delimiter is considered")); + printf (" %s\n", _("to be the data that should be used in the evaluation.")); + + /* Tests Against Integers */ + printf (" %s\n", "-w, --warning=THRESHOLD(s)"); + printf (" %s\n", _("Warning threshold range(s)")); + printf (" %s\n", "-c, --critical=THRESHOLD(s)"); + printf (" %s\n", _("Critical threshold range(s)")); + + /* Tests Against Strings */ + printf (" %s\n", "-s, --string=STRING"); + printf (" %s\n", _("Return OK state (for that OID) if STRING is an exact match")); + printf (" %s\n", "-r, --ereg=REGEX"); + printf (" %s\n", _("Return OK state (for that OID) if extended regular expression REGEX matches")); + printf (" %s\n", "-R, --eregi=REGEX"); + printf (" %s\n", _("Return OK state (for that OID) if case-insensitive extended REGEX matches")); + printf (" %s\n", "-l, --label=STRING"); + printf (" %s\n", _("Prefix label for output from plugin (default -s 'SNMP')")); + + /* Output Formatting */ + printf (" %s\n", "-u, --units=STRING"); + printf (" %s\n", _("Units label(s) for output data (e.g., 'sec.').")); + printf (" %s\n", "-D, --output-delimiter=STRING"); + printf (" %s\n", _("Separates output on multiple OID requests")); + + printf (UT_TIMEOUT, DEFAULT_SOCKET_TIMEOUT); + printf (" %s\n", "-e, --retries=INTEGER"); + printf (" %s\n", _("Number of retries to be used in the requests")); + + printf (UT_VERBOSE); + + printf ("\n"); + printf ("%s\n", _("This plugin uses the 'snmpget' command included with the NET-SNMP package.")); + printf ("%s\n", _("if you don't have the package installed, you will need to download it from")); + printf ("%s\n", _("http://net-snmp.sourceforge.net before you can use this plugin.")); + + printf ("\n"); + printf ("%s\n", _("Notes:")); + printf (" %s\n", _("- Multiple OIDs may be indicated by a comma- or space-delimited list (lists with")); + printf (" %s\n", _("internal spaces must be quoted) [max 8 OIDs]")); + + printf(" -%s", UT_THRESHOLDS_NOTES); + + printf (" %s\n", _("- When checking multiple OIDs, separate ranges by commas like '-w 1:10,1:,:20'")); + printf (" %s\n", _("- Note that only one string and one regex may be checked at present")); + printf (" %s\n", _("- All evaluation methods other than PR, STR, and SUBSTR expect that the value")); + printf (" %s\n", _("returned from the SNMP query is an unsigned integer.")); +#ifdef NP_EXTRA_OPTS + printf (" -%s", UT_EXTRA_OPTS_NOTES); +#endif + + printf (UT_SUPPORT); +} + + + +void +print_usage (void) +{ + printf (_("Usage:")); + printf ("%s -H -o [-w warn_range] [-c crit_range]\n",progname); + printf ("[-C community] [-s string] [-r regex] [-R regexi] [-t timeout] [-e retries]\n"); + printf ("[-l label] [-u units] [-p port-number] [-d delimiter] [-D output-delimiter]\n"); + printf ("[-m miblist] [-P snmp version] [-L seclevel] [-U secname] [-a authproto]\n"); + printf ("[-A authpasswd] [-x privproto] [-X privpasswd]\n"); +}