nagios插件之登陆防火墙实现session监控
ssh_firewall_session.sh -- 登陆防火墙并运行dis session statistics
firewall_check_sessions.c -- 调用上面脚本。过滤出sessioin的数值
运行:./firewall_check_sessions ssh_firewall_session.sh 192.168.0.1
vi ssh_firewall_session.sh
#!/usr/bin/expect -f
#set port 22
set user xxxxxx
set host [lindex $argv 0 0]
set password xxxxxx
set timeout 30
expect "*assword:*"
send "$password\r"
expect "*FW*"
send "display session statistics\r"
expect "*FW*"
send "quit"
vi firewall_check_sessions.c
#include
#include
#include
#include
#include
#define OK 0
#define WARNING 1
#define CRITICAL 2
#define UNKNOWN 3
#define LEN 1000L
#define MIN_LEN 32L
//#define TCL_CMD "/home/weihu/tcl/"
#define TCL_CMD "/usr/local/nagios/libexec/"
int exitstatus=OK;
char *exit_status[4]={"OK","WARNING","CRITICAL","UNKNOWN"};
char status_information[LEN];
char performance_data[LEN];
//current session
char cur_session[MIN_LEN]={0};
char tcp_session[MIN_LEN]={0};
char half_open[MIN_LEN]={0};
char half_close[MIN_LEN]={0};
char udp_session[MIN_LEN]={0};
char icmp_session[MIN_LEN]={0};
char rawip_session[MIN_LEN]={0};
//new create session per second
char cur_new_session[MIN_LEN]={0};
char tcp_new_session[MIN_LEN]={0};
char udp_new_session[MIN_LEN]={0};
char icmp_new_session[MIN_LEN]={0};
char rawip_new_session[MIN_LEN]={0};
int parse_status(char *sh_cmd,char *active_status,char *active_ip_addr) {
int ret;
FILE *fp;
char readbuf[LEN];
char \*p,\*str;
int line=0;
int mark1=0;
int mark2=0;/*
char tmp1[LEN];
char tmp2[LEN];
char tmp3[LEN];
char tmp4[LEN];
*/
int mark=0;
char tmp1\[MIN\_LEN\];
char tmp2\[MIN\_LEN\];
regex\_t reg;
int cflags=REG\_EXTENDED;
const char \*pattern="^Session establishment rate";
regmatch\_t pmatch\[1\];
int nmatch=1;
ret=regcomp(®,pattern,cflags);
if(ret!=0) {
fprintf(stderr,"regcomp() error.\\n");
}// fp=popen("/home/neo/check_log/tcl/auto_ssh.sh","r");
fp=popen(sh_cmd,"r");
if(fp==NULL) {
fprintf(stderr,"popen() error. ");
exitstatus=CRITICAL;
printf("%s: - %s | %s\n",exit_status[exitstatus],status_information,performance_data);
exit(exitstatus);
}
while(fgets(readbuf,LEN,fp)!=NULL) {
line++;
// printf("line=%d,readbuf=%s",line,readbuf);
if(strstr(readbuf,"Current session")) {
sscanf(readbuf,"Current session(s):%s",cur\_session);
// printf("cur\_session=%s\\n",cur\_session);
}
if(strstr(readbuf,"TCP session")) {
sscanf(readbuf," Current TCP session(s): %s",tcp\_session);
// printf("tcp\_session=%s\\n",tcp\_session);
}
if(strstr(readbuf,"Half-Open")) {
sscanf(readbuf," Half-Open: %s Half-Close: %s",half\_open,half\_close);
// printf("half\_open=%s,half\_close=%s\\n",half\_open,half\_close);
}
if(strstr(readbuf,"UDP session")) {
sscanf(readbuf," Current UDP session(s): %s",udp\_session);
// printf("udp\_session=%s\\n",udp\_session);
}
if(strstr(readbuf,"ICMP session")) {
sscanf(readbuf," Current ICMP session(s): %s",icmp\_session);
// printf("icmp\_session=%s\\n",icmp\_session);
}
if(strstr(readbuf,"RAWIP session")) {
sscanf(readbuf," Current RAWIP session(s): %s",rawip\_session);
// printf("rawip\_session=%s\\n",rawip\_session);
// break;
}
if(strstr(readbuf,"Session establishment rate")) {
mark++;
}
if(mark==1) {
ret=regexec(®,readbuf,nmatch,pmatch,0);
if(ret==0) {
// printf("-----------readbuf=%s",readbuf);
sscanf(readbuf,"Session establishment rate: %\[^/s\]",cur\_new\_session);
// printf("cur\_new\_session=%s\\n",cur\_new\_session);
}
}
if(strstr(readbuf,"TCP Session establishment rate")) {
sscanf(readbuf," TCP Session establishment rate: %\[^/s\]",tcp\_new\_session);
// printf("tcp\_new\_session=%s\\n",tcp\_new\_session);
}
if(strstr(readbuf,"UDP Session establishment rate")) {
sscanf(readbuf," UDP Session establishment rate: %\[^/s\]",udp\_new\_session);
// printf("udp\_new\_session=%s\\n",udp\_new\_session);
}
if(strstr(readbuf,"ICMP Session establishment rate")) {
sscanf(readbuf," ICMP Session establishment rate: %\[^/s\]",icmp\_new\_session);
// printf("icmp\_new\_session=%s\\n",icmp\_new\_session);
}
if(strstr(readbuf,"RAWIP Session establishment rate")) {
sscanf(readbuf," RAWIP Session establishment rate: %\[^/s\]",rawip\_new\_session);
// printf("rawip\_new\_session=%s\\n",rawip\_new\_session);
} /*
if(line==3) {
for(p=strtok(readbuf," ");p;p=strtok(NULL," ")) {
// str=p;
//Sun
mark1++;
if(mark1==2) {
// printf("p=%s\\n",p);
strcpy(active\_status,p);
// printf("active\_status=%s\\n",active\_status);
}
}
}
if(line==4) {
for(p=strtok(readbuf," ");p;p=strtok(NULL," /")) {
mark2++;
if(mark2==2) {
// printf("p=%s\\n",p);
strcpy(active\_ip\_addr,p);
// printf("active\_ip\_addr=%s\\n",active\_ip\_addr);
}
}
break;
} */
}
// printf("line=%d\n",line);
ret=pclose(fp);
if(ret==-1) {
fprintf(stderr,"popen() error.\\n");
return -1;
}
return 0; }
int main(int argc, char *argv[]) {
int ret;
char sh_cmd[LEN];
char active\_status\[LEN\];
char active\_ip\_addr\[LEN\];
if(argc<=1) {
printf("%s %s\\n",argv\[0\],"auto\_ssh\_firewall\_dis\_session.sh + ip");
exit(-1);
}
sprintf(sh\_cmd,"%s%s %s",TCL\_CMD,argv\[1\],argv\[2\]); // printf("sh_cmd=%s\n",sh_cmd);
ret=parse\_status(sh\_cmd,active\_status,active\_ip\_addr);
if(ret!=0) {
fprintf(stderr,"parse\_status() error.\\n");
sprintf(status\_information,"cur\_all\_session=%s, cur\_all\_session\_new=%s, tcp\_all\_session=%s, tcp\_all\_session\_new=%s, tcp\_half\_open=%s, tcp\_half\_close=%s, udp\_session=%s, udp\_session\_new=%s, icmp\_session=%s, icmp\_session\_new=%s, rawip\_session=%s, rawip\_session\_new=%s", cur\_session, cur\_new\_session, tcp\_session, tcp\_new\_session, half\_open, half\_close, udp\_session, udp\_new\_session, icmp\_session, icmp\_new\_session, rawip\_session, rawip\_new\_session);
sprintf(performance\_data,"cur\_all\_session=%s;;;; cur\_all\_session\_new=%s;;;; tcp\_all\_session=%s;;;; tcp\_all\_session\_new=%s;;;; tcp\_half\_open=%s;;;; tcp\_half\_close=%s;;;; udp\_session=%s;;;; udp\_session\_new=%s;;;; icmp\_session=%s;;;; icmp\_session\_new=%s;;;; rawip\_session=%s;;;; rawip\_session\_new=%s;;;;", cur\_session, cur\_new\_session, tcp\_session, tcp\_new\_session, half\_open, half\_close, udp\_session, udp\_new\_session, icmp\_session, icmp\_new\_session, rawip\_session, rawip\_new\_session);
exitstatus=CRITICAL;
printf("%s - %s | %s\\n", exit\_status\[exitstatus\], status\_information, performance\_data);
return exitstatus;
}
/\* // printf("active_status=%s\n",active_status);
// printf("active_ip_addr=%s\n",active_ip_addr);
// if(atoi(ping_avg)<200 && atoi(loss\_packet)==0) {
if(atoi(ping\_avg)<200 && atoi(loss\_packet\_int)==0) {
exitstatus=OK;
}
// else if(atoi(ping\_avg)>=200 && atoi(ping_avg)<500 || atoi(loss\_packet)>=10 && atoi(loss_packet)<=50) {
else if(atoi(ping_avg)>=200 && atoi(ping_avg)<500 || atoi(loss\_packet\_int)>=10 && atoi(loss_packet_int)<=50) {
exitstatus=WARNING;
}
// else if(atoi(ping_avg)>=500 || atoi(loss_packet)>50) {
else if(atoi(ping_avg)>=500 || atoi(loss_packet_int)>50) {
exitstatus=CRITICAL;
}
else {
exitstatus=CRITICAL;
}
// sprintf(status_information,"rta %s%s, loss %s",ping_avg,ping_unit,loss_packet);
sprintf(status_information,"rta %s%s, loss %s%%",ping_avg,ping_unit,loss_packet_int);
// sprintf(performance_data,"rta=%s%s;200.000;500.000;0; pl=%s;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;",ping_avg,ping_unit,loss_packet,ping_max,ping_unit,ping_min,ping_unit);
sprintf(performance_data,"rta=%s%s;200.000;500.000;0; pl=%s%%;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;",ping_avg,ping_unit,loss_packet_int,ping_max,ping_unit,ping_min,ping_unit);
//|rta=0.056ms;200.000;500.000;0; pl=0%;40;80;; rtmax=0.084ms;;;; rtmin=0.029ms;;;;
if(strstr(argv\[1\],"80\_49")) {
printf("%s - 192.20.198.121: %s | %s\\n",exit\_status\[exitstatus\],status\_information,performance\_data);
}
if(strstr(argv\[1\],"80\_50")) {
printf("%s - 192.20.198.181: %s | %s\\n",exit\_status\[exitstatus\],status\_information,performance\_data);
}
return exitstatus;
\*/
sprintf(status\_information,"cur\_all\_session=%s, cur\_all\_session\_new=%s, tcp\_all\_session=%s, tcp\_all\_session\_new=%s, tcp\_half\_open=%s, tcp\_half\_close=%s, udp\_session=%s, udp\_session\_new=%s, icmp\_session=%s, icmp\_session\_new=%s, rawip\_session=%s, rawip\_session\_new=%s", cur\_session, cur\_new\_session, tcp\_session, tcp\_new\_session, half\_open, half\_close, udp\_session, udp\_new\_session, icmp\_session, icmp\_new\_session, rawip\_session, rawip\_new\_session);
sprintf(performance\_data,"cur\_all\_session=%s;;;; cur\_all\_session\_new=%s;;;; tcp\_all\_session=%s;;;; tcp\_all\_session\_new=%s;;;; tcp\_half\_open=%s;;;; tcp\_half\_close=%s;;;; udp\_session=%s;;;; udp\_session\_new=%s;;;; icmp\_session=%s;;;; icmp\_session\_new=%s;;;; rawip\_session=%s;;;; rawip\_session\_new=%s;;;;", cur\_session, cur\_new\_session, tcp\_session, tcp\_new\_session, half\_open, half\_close, udp\_session, udp\_new\_session, icmp\_session, icmp\_new\_session, rawip\_session, rawip\_new\_session);
printf("%s - %s | %s\\n", exit\_status\[exitstatus\], status\_information, performance\_data);
return exitstatus; }
手机扫一扫
移动阅读更方便
你可能感兴趣的文章