diff --git a/nagixsc_http2nagios.py b/nagixsc_http2nagios.py
index dd05e62e90c554559cf0b0144c94bfa94ccd6635..ce448c0cf93a591dddb39e30e527b5e5ac28f2fa 100755 (executable)
--- a/nagixsc_http2nagios.py
+++ b/nagixsc_http2nagios.py
#!/usr/bin/python
+#
+# Nag(ix)SC -- nagixsc_http2nagios.py
+#
+# Copyright (C) 2009-2010 Sven Velt <sv@teamix.net>
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the
+# Free Software Foundation; either version 2 of the License, or (at your
+# option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
import ConfigParser
import base64
config = {
'ip': '0.0.0.0',
- 'port': '15666',
+ 'port': '15667',
'ssl': False,
'sslcert': None,
'conf_dir': '',
- 'pidfile': '/var/run/nagixsc_conf2http.pid'
+ 'pidfile': '/var/run/nagixsc_conf2http.pid',
+ 'acl': False,
}
-if 'ip' in cfgread.items('server'):
+if 'ip' in cfgread.options('server'):
config['ip'] = cfgread.get('server', 'ip')
-if 'port' in cfgread.items('server'):
+if 'port' in cfgread.options('server'):
config['port'] = cfgread.get('server', 'port')
try:
config['port'] = int(config['port'])
print 'Port "%s" not an integer!' % config['port']
sys.exit(127)
-if 'ssl' in cfgread.items('server'):
+if 'ssl' in cfgread.options('server'):
try:
config['ssl'] = cfgread.getboolean('server', 'ssl')
except ValueError:
- print 'Value for "ssl" ("%s") not boolean!' % config['ssl']
+ print 'Value for "ssl" ("%s") not boolean!' % cfgread.get('server', 'ssl')
sys.exit(127)
if config['ssl']:
- if 'sslcert' in cfgread.items('server'):
+ if 'sslcert' in cfgread.options('server'):
config['sslcert'] = cfgread.get('server', 'sslcert')
else:
print 'SSL but no certificate file specified!'
elif config['mode']=='passive':
try:
- config['mode_pipe'] = cfgread.get('mode_passive','pipe')
+ config['pipe'] = cfgread.get('mode_passive','pipe')
except ConfigParser.NoOptionError:
print 'No "pipe" in section "mode_passive" specified!'
sys.exit(127)
print 'Mode "%s" is neither "checkresult" nor "passive"!'
sys.exit(127)
+acls = { 'a_hl':{}, 'a_hr':{}, }
+if 'acl' in cfgread.options('server'):
+ try:
+ config['acl'] = cfgread.getboolean('server', 'acl')
+ except ValueError:
+ print 'Value for "acl" ("%s") not boolean!' % cfgread.get('server', 'acl')
+ sys.exit(127)
+if config['acl']:
+ if cfgread.has_section('acl_allowed_hosts_list'):
+ for user in cfgread.options('acl_allowed_hosts_list'):
+ acls['a_hl'][user] = [ah.lstrip().rstrip() for ah in cfgread.get('acl_allowed_hosts_list',user).split(',')]
+ if cfgread.has_section('acl_allowed_hosts_re'):
+ for user in cfgread.options('acl_allowed_hosts_re'):
+ acls['a_hr'][user] = re.compile(cfgread.get('acl_allowed_hosts_re',user))
+
users = {}
doc = read_xml_from_string(xmltext)
checks = xml_to_dict(doc)
- (count_services, count_failed, list_failed) = dict2out_checkresult(checks, xml_get_timestamp(doc), config['checkresultdir'], 0)
+ if config['acl']:
+ new_checks = []
+ for check in checks:
+ if authdata[0] in acls['a_hl'] and check['host_name'] in acls['a_hl'][authdata[0]]:
+ new_checks.append(check)
+ elif authdata[0] in acls['a_hr'] and (acls['a_hr'][authdata[0]]).search(check['host_name']):
+ new_checks.append(check)
+
+ count_acl_failed = len(checks) - len(new_checks)
+ checks = new_checks
+ else:
+ count_acl_failed = None
+
+ if config['mode'] == 'checkresult':
+ (count_services, count_failed, list_failed) = dict2out_checkresult(checks, xml_get_timestamp(doc), config['checkresultdir'])
+
+ if count_failed < count_services:
+ self.send_response(200)
+ self.send_header('Content-Type', 'text/plain')
+ self.end_headers()
+ statusmsg = 'Wrote %s check results, %s failed' % (count_services, count_failed)
+ if count_acl_failed != None:
+ statusmsg += ' - %s check results failed ACL check' % count_acl_failed
+ self.wfile.write(statusmsg)
+ return
+ else:
+ self.http_error(501, 'Could not write all %s check results' % count_services)
+ return
+
+ elif config['mode'] == 'passive':
+ count_services = dict2out_passive(checks, xml_get_timestamp(doc), config['pipe'])
- if count_failed < count_services:
self.send_response(200)
self.send_header('Content-Type', 'text/plain')
self.end_headers()
- self.wfile.write('Wrote %s check results, %s failed' % (count_services, count_failed))
- return
- else:
- self.http_error(501, 'Could not write all %s check results' % count_services)
+ self.wfile.write('Wrote %s check results' % count_services)
return
else: