API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 24th, 2014
158
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.72 KB | None | 0 0
raw download clone embed print report
  1. /usr/local/nagios/libexec/check_nrpe -H 10.9.0.25 -c check_roguedhcp
  2.  
  3. Host is asking for command 'check_roguedhcp' to be run...
  4. Running command: sudo /usr/lib64/nagios/plugins/check_roguedhcp.pl
  5. Command completed with return code 1 and output:
  6. Return Code: 1, Output: NRPE: Unable to read output
  7.  
  8. command[check_roguedhcp]=sudo /usr/lib64/nagios/plugins/check_roguedhcp.pl
  9. command[check_dhcp]=sudo /usr/lib64/nagios/plugins/check_dhcp -v
  10. nrpe_user=nrpe
  11. nrpe_group=nagios
  12.  
  13. nrpe 5941 0.0 0.1 52804 2384 ? Ss 08:25 0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
  14.  
  15. %nagios ALL=(ALL) NOPASSWD: /usr/lib/nagios64/plugins/check_dhcp, /usr/lib64/nagios/plugins/check_roguedhcp.pl
  16.  
  17. define servicegroup{
  18. servicegroup_name rogue_dhcp
  19. alias All dhcp monitors
  20. }
  21.  
  22. define service{
  23. name security-service
  24. servicegroups rogue_dhcp
  25. register 0
  26. max_check_attempts 1
  27. }
  28.  
  29. 1 #!/usr/bin/perl -w
  30. 2 # nagios: -epn
  31. 3 # the above makes nagios run the script separately.
  32. 4 use POSIX;
  33. 5 use lib "/usr/lib64/nagios/plugins";
  34. 6 use utils qw(%ERRORS);
  35. 7
  36. 8 sub fail_usage {
  37. 9 if (scalar @_) {
  38. 10 print "$0: error: n";
  39. 11 map { print " $_n"; } @_;
  40. 12 }
  41. 13 print "$0: Usage: n";
  42. 14 print "$0 [-v [-v [-v]]] [ []] n";
  43. 15 print "$0 [-v [-v [-v]]] [-s] [[-s] [[-s] ]] n";
  44. 16 print " n";
  45. 17 exit 3 ;
  46. 18 }
  47. 19
  48. 20 my $verbose = 0;
  49. 21 my %servers=(
  50. 22 "cache", "10.5.0.107",
  51. 23 "creek", "10.9.0.88",
  52. 24 "undertow", "10.9.0.2",
  53. 25 "riptide", "10.8.0.20"
  54. 26 );
  55. 27
  56. 28 # examine commandline args
  57. 29 while ($ARGV=$ARGV[0]) {
  58. 30 my $myarg = $ARGV;
  59. 31 if ($ARGV eq '-s') {
  60. 32 shift @ARGV;
  61. 33 if (!($ARGV = $ARGV[0])) { fail_usage ("$myarg needs an argument"); }
  62. 34 if ($ARGV =~ /^-/) { fail_usage ("$myarg must be followed by an argument"); }
  63. 35 if (!defined($servers{$ARGV})) { $servers{$ARGV}=1; }
  64. 36 }
  65. 37 elsif ($ARGV eq '-v' ) { $verbose++; }
  66. 38 elsif ($ARGV eq '-h' or $ARGV eq '--help' ) { fail_usage ; }
  67. 39 elsif ($ARGV =~ /^-/ ) { fail_usage " invalid option ($ARGV)"; }
  68. 40 elsif ($ARGV =~ /^d+.d+.d+.d+$/)
  69. 41 # servers should be ip addresses. I'm not doing detailed checks for this.
  70. 42 { if (!defined($servers{$ARGV})) { $servers{$ARGV}=1; } }
  71. 43 else { last; }
  72. 44 shift @ARGV;
  73. 45 }
  74. 46 # for some reason I can't test for empty ARGs in the while loop
  75. 47 @ARGV = grep {!/^s*$/} @ARGV;
  76. 48 if (scalar @ARGV) { fail_usage "didn't understand arguments: (".join (" ",@ARGV).")"; }
  77. 49
  78. 50 my $serversn = scalar keys %servers;
  79. 51
  80. 52 if ($verbose > 2) {
  81. 53 print "verbosity=($verbose)n";
  82. 54 print "servers = ($serversn)n";
  83. 55 if ($serversn) { for my $i (keys %servers) { print "server ($i)n"; } }
  84. 56 }
  85. 57
  86. 58 if (!$serversn) { fail_usage "no servers"; }
  87. 59 my $responses=0;
  88. 60 my $responders="";
  89. 61 my @check_dhcp = qx{/usr/lib64/nagios/plugins/check_dhcp -v};
  90. 62 foreach my $value (@check_dhcp) {
  91. 63 if ($value =~ /Added offer from server @ /i){
  92. 64 $value =~ m/(d+.d+.d+.d+)/i;
  93. 65 my $host = $1;
  94. 66 # we find a server in our list
  95. 67 if (defined($servers{$host})) { $responses++; $responders.="$host "; }
  96. 68 # we find a rogue DHCP server. Danger Will Robinson!
  97. 69 else {
  98. 70 print "DHCP:CRITICAL: DHCP service running on $host";
  99. 71 exit $ERRORS{'OK'}
  100. 72 }
  101. 73 }
  102. 74 }
  103. 75 # we saw all the servers in our list. All is good.
  104. 76 if ($responses == $serversn) {
  105. 77 print "DHCP:OK: $responses of $serversn Expected Responses to DHCP Broadcast";
  106. 78 exit $ERRORS{'OK'};
  107. 79 }
  108. 80 # we found no DHCP responses.
  109. 81 if ($responses == 0) {
  110. 82 print "DHCP:OK: no rogue servers detected!!!!#!@#";
  111. 83 exit $ERRORS{'OK'}
  112. 84 }
  113. 85 # we found less DHCP servers than we should have. Oh Nos!
  114. 86 $responders =~ s/ $//;
  115. 87 print "DHCP:OK: $responses of $serversn Responses to DHCP Broadcast. ($responders) responded. ";
  116. 88 exit $ERRORS{'OK'};
  117.  
  118. 955 6950 stat("/usr/lib64/nagios/plugins/check_roguedhcp.pl", {st_mode=S_IFREG|S_ISUID|S_ISGID|0755, st_size=2799, ...}) = 0
  119. 956 6950 setresuid(4294967295, 4294967295, 4294967295) = 0
  120. 957 6950 setresgid(4294967295, 536347864, 4294967295) = 0
  121. 958 6950 setgroups(3, [536347864, 536347137, 536353632]) = 0
  122. 959 6950 open("/dev/tty", O_RDWR|O_NOCTTY) = -1 ENXIO (No such device or address)
  123. 960 6950 socket(PF_NETLINK, SOCK_RAW, 9) = 3
  124. 961 6950 fcntl(3, F_SETFD, FD_CLOEXEC) = 0
  125. 962 6950 fcntl(3, F_SETFD, FD_CLOEXEC) = 0
  126. 963 6950 ioctl(0, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fff3de81ac0) = -1 ENOTTY (Inappropriate ioctl for device)
  127. 964 6950 ioctl(1, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fff3de81ac0) = -1 EINVAL (Invalid argument)
  128. 965 6950 ioctl(2, SNDCTL_TMR_TIMEBASE or TCGETS, 0x7fff3de81ac0) = -1 ENOTTY (Inappropriate ioctl for device)
  129. 966 6950 getcwd("/", 4096) = 2
  130. 967 6950 sendto(3, "dc451cwd="/" cmd="/us"..., 100, 0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 100
  131. 968 6950 poll([{fd=3, events=POLLIN}], 1, 500) = 1 ([{fd=3, revents=POLLIN}])
  132. 969 6950 recvfrom(3, "$21&33dc451"..., 8988, MSG_PEEK|MSG_DONTWAIT, {sa_family=AF_NE TLINK, pid=0, groups=00000000}, [12]) = 36
  133. 970 6950 recvfrom(3, "$21&33dc451"..., 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, pi d=0, groups=00000000}, [12]) = 36
  134. 971 6950 write(2, "sudo", 4) = 4
  135. 972 6950 write(2, ": ", 2) = 2
  136. 973 6950 write(2, "sorry, you must have a tty to ru"..., 38) = 38
  137. 974 6950 write(2, "n", 1) = 1
  138. 975 6950 setresuid(4294967295, 4294967295, 4294967295) = 0
  139. 976 6950 setresgid(4294967295, 4294967295, 4294967295) = 0
  140. 977 6950 exit_group(1) = ?
  141. 978 6949 <... read resumed> "", 4096) = 0
  142. 979 6949 --- SIGCHLD (Child exited) @ 0 (0) ---
  143. 980 6949 close(5) = 0
  144. 981 6949 wait4(6950, [{WIFEXITED(s) && WEXITSTATUS(s) == 1}], 0, NULL) = 6950
  145. 970 6950 recvfrom(3, "$21&33dc451"..., 8988, MSG_DONTWAIT, {sa_family=AF_NETLINK, pi d=0, groups=00000000}, [12]) = 36
  146. 971 6950 write(2, "sudo", 4) = 4
  147. 972 6950 write(2, ": ", 2) = 2
  148. 973 6950 write(2, "sorry, you must have a tty to ru"..., 38) = 38
  149. 974 6950 write(2, "n", 1) = 1
  150. 975 6950 setresuid(4294967295, 4294967295, 4294967295) = 0
  151. 976 6950 setresgid(4294967295, 4294967295, 4294967295) = 0
  152. 977 6950 exit_group(1) = ?
  153.  
  154. Defaults:nagios !requiretty
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!