X-Git-Url: https://git.tokkee.org/?p=nagixsc.git;a=blobdiff_plain;f=nagixsc_http2nagios.py;h=ce448c0cf93a591dddb39e30e527b5e5ac28f2fa;hp=dd05e62e90c554559cf0b0144c94bfa94ccd6635;hb=HEAD;hpb=eb49e56bb69614b253555d526399f4442cf3ada2 diff --git a/nagixsc_http2nagios.py b/nagixsc_http2nagios.py index dd05e62..ce448c0 100755 --- a/nagixsc_http2nagios.py +++ b/nagixsc_http2nagios.py @@ -1,4 +1,22 @@ #!/usr/bin/python +# +# Nag(ix)SC -- nagixsc_http2nagios.py +# +# Copyright (C) 2009-2010 Sven Velt +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 2 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA import ConfigParser import base64 @@ -39,17 +57,18 @@ if cfg_list == []: config = { 'ip': '0.0.0.0', - 'port': '15666', + 'port': '15667', 'ssl': False, 'sslcert': None, 'conf_dir': '', - 'pidfile': '/var/run/nagixsc_conf2http.pid' + 'pidfile': '/var/run/nagixsc_conf2http.pid', + 'acl': False, } -if 'ip' in cfgread.items('server'): +if 'ip' in cfgread.options('server'): config['ip'] = cfgread.get('server', 'ip') -if 'port' in cfgread.items('server'): +if 'port' in cfgread.options('server'): config['port'] = cfgread.get('server', 'port') try: config['port'] = int(config['port']) @@ -57,15 +76,15 @@ except ValueError: print 'Port "%s" not an integer!' % config['port'] sys.exit(127) -if 'ssl' in cfgread.items('server'): +if 'ssl' in cfgread.options('server'): try: config['ssl'] = cfgread.getboolean('server', 'ssl') except ValueError: - print 'Value for "ssl" ("%s") not boolean!' % config['ssl'] + print 'Value for "ssl" ("%s") not boolean!' % cfgread.get('server', 'ssl') sys.exit(127) if config['ssl']: - if 'sslcert' in cfgread.items('server'): + if 'sslcert' in cfgread.options('server'): config['sslcert'] = cfgread.get('server', 'sslcert') else: print 'SSL but no certificate file specified!' @@ -90,7 +109,7 @@ if config['mode']=='checkresult': elif config['mode']=='passive': try: - config['mode_pipe'] = cfgread.get('mode_passive','pipe') + config['pipe'] = cfgread.get('mode_passive','pipe') except ConfigParser.NoOptionError: print 'No "pipe" in section "mode_passive" specified!' sys.exit(127) @@ -103,6 +122,21 @@ else: print 'Mode "%s" is neither "checkresult" nor "passive"!' sys.exit(127) +acls = { 'a_hl':{}, 'a_hr':{}, } +if 'acl' in cfgread.options('server'): + try: + config['acl'] = cfgread.getboolean('server', 'acl') + except ValueError: + print 'Value for "acl" ("%s") not boolean!' % cfgread.get('server', 'acl') + sys.exit(127) +if config['acl']: + if cfgread.has_section('acl_allowed_hosts_list'): + for user in cfgread.options('acl_allowed_hosts_list'): + acls['a_hl'][user] = [ah.lstrip().rstrip() for ah in cfgread.get('acl_allowed_hosts_list',user).split(',')] + if cfgread.has_section('acl_allowed_hosts_re'): + for user in cfgread.options('acl_allowed_hosts_re'): + acls['a_hr'][user] = re.compile(cfgread.get('acl_allowed_hosts_re',user)) + users = {} @@ -158,16 +192,42 @@ class HTTP2NagiosHandler(MyHTTPRequestHandler): doc = read_xml_from_string(xmltext) checks = xml_to_dict(doc) - (count_services, count_failed, list_failed) = dict2out_checkresult(checks, xml_get_timestamp(doc), config['checkresultdir'], 0) + if config['acl']: + new_checks = [] + for check in checks: + if authdata[0] in acls['a_hl'] and check['host_name'] in acls['a_hl'][authdata[0]]: + new_checks.append(check) + elif authdata[0] in acls['a_hr'] and (acls['a_hr'][authdata[0]]).search(check['host_name']): + new_checks.append(check) + + count_acl_failed = len(checks) - len(new_checks) + checks = new_checks + else: + count_acl_failed = None + + if config['mode'] == 'checkresult': + (count_services, count_failed, list_failed) = dict2out_checkresult(checks, xml_get_timestamp(doc), config['checkresultdir']) + + if count_failed < count_services: + self.send_response(200) + self.send_header('Content-Type', 'text/plain') + self.end_headers() + statusmsg = 'Wrote %s check results, %s failed' % (count_services, count_failed) + if count_acl_failed != None: + statusmsg += ' - %s check results failed ACL check' % count_acl_failed + self.wfile.write(statusmsg) + return + else: + self.http_error(501, 'Could not write all %s check results' % count_services) + return + + elif config['mode'] == 'passive': + count_services = dict2out_passive(checks, xml_get_timestamp(doc), config['pipe']) - if count_failed < count_services: self.send_response(200) self.send_header('Content-Type', 'text/plain') self.end_headers() - self.wfile.write('Wrote %s check results, %s failed' % (count_services, count_failed)) - return - else: - self.http_error(501, 'Could not write all %s check results' % count_services) + self.wfile.write('Wrote %s check results' % count_services) return else: