![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: aff6140)
raw | patch | inline | side by side (parent: aff6140)
| author | Matthias Eble <psychotrahe@gmx.de> | |
| Wed, 10 Jun 2009 23:17:58 +0000 (01:17 +0200) | ||
| committer | Matthias Eble <psychotrahe@gmx.de> | |
| Wed, 10 Jun 2009 23:17:58 +0000 (01:17 +0200) |
check_ifoperstatus didn't function correctly with SNMPv3. This is fixed now.
Created argument-hash for SNMP session creation. This removes redundant code.
Session creation was moved out of process_arguments() and now takes place
after setting the timeout handler.
Additionally the -x argument was added to specify the privprotocol.
Created argument-hash for SNMP session creation. This removes redundant code.
Session creation was moved out of process_arguments() and now takes place
after setting the timeout handler.
Additionally the -x argument was added to specify the privprotocol.
| NEWS | patch | blob | history | |
| plugins-scripts/check_ifoperstatus.pl | patch | blob | history |
index ecfd67e2eb69c6e111073d8567787dfaca74da0e..768a1cc3ef51a087d7f7b2000fee339b2ccfe1bd 100644 (file)
--- a/NEWS
+++ b/NEWS
Fixed check_by_ssh interpretation of quotes in -C parameter (#1985246, #2268675)
check_snmp now supports standard threshold ranges and doubles (floating numbers) in thresholds
check_fping now supports passing target timeout and interval to fping (#2347686 - Martin Foster)
+ Fixed SNMPv3 behaviour of check_ifoperstatus. Added -x to define privprotocol (#2343438 - Robin Schroeder)
1.4.13 25th Sept 2008
Fix Debian bug #460097: check_http --max-age broken (Hilko Bengen)
index d0a1655a20ac58faa87c909b85b940a8138cb57d..503f1e41acd75c9b512b52dbc7ceccbe8171b36b 100755 (executable)
my $snmpkey = 0;
my $community = "public";
my $maxmsgsize = 1472 ; # Net::SNMP default is 1472
-my ($seclevel, $authproto, $secname, $authpass, $privpass, $auth, $priv, $context);
+my ($seclevel, $authproto, $secname, $authpass, $privpass, $privproto, $auth, $priv, $context);
my $port = 161;
my @snmpoids;
my $sysUptime = '1.3.6.1.2.1.1.3.0';
my $dormantWarn;
my $adminWarn;
my $name;
+my %session_opts;
### Validate Arguments
$status = process_arguments();
+use Data::Dumper;
# Just in case of problems, let's not hang Nagios
$SIG{'ALRM'} = sub {
print ("ERROR: No snmp response from $hostname (alarm)\n");
alarm($timeout);
+print Dumper(\%session_opts);
+($session, $error) = Net::SNMP->session(%session_opts);
+
+
+if (!defined($session)) {
+ $state='UNKNOWN';
+ $answer=$error;
+ print ("$state: $answer\n");
+ exit $ERRORS{$state};
+}
## map ifdescr to ifindex - should look at being able to cache this value
printf " -X (--privpass) privacy password (cleartext ascii or localized key\n";
printf " in hex with 0x prefix generated by using \"snmpkey\" utility\n";
printf " privacy password and authEngineID\n";
+ printf " -x (--privproto) privacy protocol (DES or AES; default: DES)\n";
printf " -k (--key) SNMP IfIndex value\n";
printf " -d (--descr) SNMP ifDescr value\n";
printf " -T (--type) SNMP ifType integer value (see http://www.iana.org/assignments/ianaiftype-mib)\n";
"U=s" => \$secname, "secname=s" => \$secname,
"A=s" => \$authpass, "authpass=s" => \$authpass,
"X=s" => \$privpass, "privpass=s" => \$privpass,
+ "x=s" => \$privproto, "privproto=s" => \$privproto,
"c=s" => \$context, "context=s" => \$context,
"k=i" => \$snmpkey, "key=i",\$snmpkey,
"d=s" => \$ifdescr, "descr=s" => \$ifdescr,
$timeout = $TIMEOUT;
}
+
+ if ($snmp_version !~ /[123]/){
+ $state='UNKNOWN';
+ print ("$state: No support for SNMP v$snmp_version yet\n");
+ exit $ERRORS{$state};
+ }
+
+ %session_opts = (
+ -hostname => $hostname,
+ -port => $port,
+ -version => $snmp_version,
+ -maxmsgsize => $maxmsgsize
+ );
+
+ $session_opts{'-community'} = $community if (defined $community && $snmp_version =~ /[12]/);
+
if ($snmp_version =~ /3/ ) {
# Must define a security level even though default is noAuthNoPriv
# v3 requires a security username
if (defined $seclevel && defined $secname) {
+ $session_opts{'-username'} = $secname;
# Must define a security level even though defualt is noAuthNoPriv
unless ( grep /^$seclevel$/, qw(noAuthNoPriv authNoPriv authPriv) ) {
# Authentication wanted
if ( $seclevel eq 'authNoPriv' || $seclevel eq 'authPriv' ) {
-
unless ( $authproto eq 'MD5' || $authproto eq 'SHA1' ) {
usage();
exit $ERRORS{"UNKNOWN"};
}
+ $session_opts{'-authprotocol'} = $authproto if(defined $authproto);
if ( !defined $authpass) {
usage();
exit $ERRORS{"UNKNOWN"};
}else{
if ($authpass =~ /^0x/ ) {
- $auth = "-authkey => $authpass" ;
+ $session_opts{'-authkey'} = $authpass ;
}else{
- $auth = "-authpassword => $authpass";
+ $session_opts{'-authpassword'} = $authpass ;
}
}
-
}
# Privacy (DES encryption) wanted
exit $ERRORS{"UNKNOWN"};
}else{
if ($privpass =~ /^0x/){
- $priv = "-privkey => $privpass";
+ $session_opts{'-privkey'} = $privpass;
}else{
- $priv = "-privpassword => $privpass";
+ $session_opts{'-privpassword'} = $privpass;
}
}
+
+ $session_opts{'-privprotocol'} = $privproto if(defined $privproto);
}
# Context name defined or default
-
unless ( defined $context) {
$context = "";
}
-
-
}else {
usage();
exit $ERRORS{'UNKNOWN'}; ;
} # end snmpv3
- if ( $snmp_version =~ /[12]/ ) {
- ($session, $error) = Net::SNMP->session(
- -hostname => $hostname,
- -community => $community,
- -port => $port,
- -version => $snmp_version,
- -maxmsgsize => $maxmsgsize
- );
-
- if (!defined($session)) {
- $state='UNKNOWN';
- $answer=$error;
- print ("$state: $answer\n");
- exit $ERRORS{$state};
- }
-
- }elsif ( $snmp_version =~ /3/ ) {
-
- if ($seclevel eq 'noAuthNoPriv') {
- ($session, $error) = Net::SNMP->session(
- -hostname => $hostname,
- -port => $port,
- -version => $snmp_version,
- -username => $secname,
- );
-
- }elsif ( $seclevel eq 'authNoPriv' ) {
- ($session, $error) = Net::SNMP->session(
- -hostname => $hostname,
- -port => $port,
- -version => $snmp_version,
- -username => $secname,
- $auth,
- -authprotocol => $authproto,
- );
- }elsif ($seclevel eq 'authPriv' ) {
- ($session, $error) = Net::SNMP->session(
- -hostname => $hostname,
- -port => $port,
- -version => $snmp_version,
- -username => $secname,
- $auth,
- -authprotocol => $authproto,
- $priv
- );
- }
-
-
- if (!defined($session)) {
- $state='UNKNOWN';
- $answer=$error;
- print ("$state: $answer\n");
- exit $ERRORS{$state};
- }
-
- }else{
- $state='UNKNOWN';
- print ("$state: No support for SNMP v$snmp_version yet\n");
- exit $ERRORS{$state};
- }
-
}
## End validation