![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7616b1b)
raw | patch | inline | side by side (parent: 7616b1b)
| author | Karl DeBisschop <kdebisschop@users.sourceforge.net> | |
| Wed, 25 Feb 2004 08:51:03 +0000 (08:51 +0000) | ||
| committer | Karl DeBisschop <kdebisschop@users.sourceforge.net> | |
| Wed, 25 Feb 2004 08:51:03 +0000 (08:51 +0000) |
git-svn-id: https://nagiosplug.svn.sourceforge.net/svnroot/nagiosplug/nagiosplug/trunk@826 f882894a-f735-0410-b71e-b25c423dba1c
| AUTHORS | patch | blob | history | |
| plugins/check_dns.c | patch | blob | history |
index a6f069f54bd6c326718372586e6686a11cb50ebb..5c8844f4a9a02845b0da987e28aa23df01f5416e 100644 (file)
--- a/AUTHORS
+++ b/AUTHORS
Matt Pounsett
Shawn Wills
Ralph Rye
-Jason Martin
\ No newline at end of file
+Jason Martin
+Jon Hallett
\ No newline at end of file
diff --git a/plugins/check_dns.c b/plugins/check_dns.c
index 242052947e9739397d170fbc6f12a39865aa1211..14d4306cdaf59ac6ce45652ea82a8caa704b1a98 100644 (file)
--- a/plugins/check_dns.c
+++ b/plugins/check_dns.c
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
int verbose = FALSE;
char expected_address[ADDRESS_LENGTH] = "";
int match_expected_address = FALSE;
+int expect_authority = FALSE;
int
main (int argc, char **argv)
char *output = NULL;
char *address = NULL;
char *temp_buffer = NULL;
+ int non_authoritative = FALSE;
int result = STATE_UNKNOWN;
double elapsed_time;
long microsec;
struct timeval tv;
int multi_address;
- int parse_address = FALSE; /* This flag scans for Address: but only after Name: */
+ int parse_address = FALSE; /* This flag scans for Address: but only after Name: */
setlocale (LC_ALL, "");
bindtextdomain (PACKAGE, LOCALEDIR);
}
/* get the command to run */
- asprintf (&command_line, "%s %s %s", NSLOOKUP_COMMAND, query_address, dns_server);
+ asprintf (&command_line, "%s %s %s", NSLOOKUP_COMMAND, query_address, dns_server);
alarm (timeout_interval);
gettimeofday (&tv, NULL);
/* the server is responding, we just got the host name... */
if (strstr (input_buffer, "Name:"))
parse_address = TRUE;
- else if (parse_address == TRUE && (strstr (input_buffer, "Address:") || strstr (input_buffer, "Addresses:"))) {
+ else if (parse_address == TRUE && (strstr (input_buffer, "Address:") ||
+ strstr (input_buffer, "Addresses:"))) {
temp_buffer = index (input_buffer, ':');
temp_buffer++;
strip(temp_buffer);
if (temp_buffer==NULL || strlen(temp_buffer)==0) {
- die (STATE_CRITICAL, _("DNS CRITICAL - '%s' returned empty host name string\n"),
- NSLOOKUP_COMMAND);
+ die (STATE_CRITICAL,
+ _("DNS CRITICAL - '%s' returned empty host name string\n"),
+ NSLOOKUP_COMMAND);
}
if (address == NULL)
asprintf(&address, "%s,%s", address, temp_buffer);
}
+ else if (strstr (input_buffer, "Non-authoritative answer:")) {
+ non_authoritative = TRUE;
+ }
+
result = error_scan (input_buffer);
if (result != STATE_OK) {
output = strdup (1 + index (input_buffer, ':'));
and we can segfault if we do not */
if (address==NULL || strlen(address)==0)
die (STATE_CRITICAL,
- _("DNS CRITICAL - '%s' output parsing exited with no address\n"),
- NSLOOKUP_COMMAND);
+ _("DNS CRITICAL - '%s' output parsing exited with no address\n"),
+ NSLOOKUP_COMMAND);
/* compare to expected address */
if (result == STATE_OK && match_expected_address && strcmp(address, expected_address)) {
asprintf(&output, _("expected %s but got %s"), expected_address, address);
}
+ /* check if authoritative */
+ if (result == STATE_OK && expect_authority && non_authoritative) {
+ result = STATE_CRITICAL;
+ asprintf(&output, _("server %s is not authoritative for %s"), dns_server, query_address);
+ }
+
microsec = deltime (tv);
elapsed_time = (double)microsec / 1.0e6;
}
else if (result == STATE_WARNING)
printf (_("DNS WARNING - %s\n"),
- !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
+ !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
else if (result == STATE_CRITICAL)
printf (_("DNS CRITICAL - %s\n"),
- !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
+ !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
else
printf (_("DNS problem - %s\n"),
- !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
+ !strcmp (output, "") ? _(" Probably a non-existent host/domain") : output);
return result;
}
{
/* the DNS lookup timed out */
- if (strstr (input_buffer, "Note: nslookup is deprecated and may be removed from future releases.") ||
+ if (strstr (input_buffer, "Note: nslookup is deprecated and may be removed from future releases.") ||
strstr (input_buffer, "Consider using the `dig' or `host' programs instead. Run nslookup with") ||
strstr (input_buffer, "the `-sil[ent]' option to prevent this message from appearing."))
return STATE_OK;
/* Connection was refused */
else if (strstr (input_buffer, "Connection refused") ||
+ strstr (input_buffer, "Refused") ||
(strstr (input_buffer, "** server can't find") &&
- strstr (input_buffer, ": REFUSED")) ||
- (strstr (input_buffer, "Refused")))
+ strstr (input_buffer, ": REFUSED")))
die (STATE_CRITICAL, _("Connection to name server %s was refused\n"), dns_server);
/* Host or domain name does not exist */
{"server", required_argument, 0, 's'},
{"reverse-server", required_argument, 0, 'r'},
{"expected-address", required_argument, 0, 'a'},
+ {"expect-authority", no_argument, 0, 'A'},
{0, 0, 0, 0}
};
strcpy (argv[c], "-t");
while (1) {
- c = getopt_long (argc, argv, "hVvt:H:s:r:a:", long_opts, &opt_index);
+ c = getopt_long (argc, argv, "hVvAt:H:s:r:a:", long_opts, &opt_index);
if (c == -1 || c == EOF)
break;
strcpy (query_address, optarg);
break;
case 's': /* server name */
- /* TODO: this is_host check is probably unnecessary. Better to confirm nslookup
- response matches */
+ /* TODO: this is_host check is probably unnecessary. */
+ /* Better to confirm nslookup response matches */
if (is_host (optarg) == FALSE) {
printf (_("Invalid server name/address\n\n"));
print_usage ();
strcpy (expected_address, optarg);
match_expected_address = TRUE;
break;
+ case 'A': /* expect authority */
+ expect_authority = TRUE;
+ break;
}
}
-s, --server=HOST\n\
Optional DNS server you want to use for the lookup\n\
-a, --expected-address=IP-ADDRESS\n\
- Optional IP address you expect the DNS server to return\n"));
+ Optional IP address you expect the DNS server to return\n\
+-A, --expect-authority\n\
+ Optionally expect the DNS server to be authoritative for the lookup\n"));
printf (_(UT_TIMEOUT), DEFAULT_SOCKET_TIMEOUT);
print_usage (void)
{
printf (_("\
-Usage: %s -H host [-s server] [-a expected-address] [-t timeout]\n\
+Usage: %s -H host [-s server] [-a expected-address] [-A] [-t timeout]\n\
%s --help\n\
- %s --version\n"),
- progname, progname, progname);
+ %s --version\n"), progname, progname, progname);
}