nagios插件之登陆防火墙实现session监控
ssh_firewall_session.sh -- 登陆防火墙并运行dis session statistics
firewall_check_sessions.c -- 调用上面脚本。过滤出sessioin的数值
运行:./firewall_check_sessions ssh_firewall_session.sh 192.168.0.1
vi ssh_firewall_session.sh
#!/usr/bin/expect -f #set port 22
set user xxxxxx
set host [lindex $argv 0 0]
set password xxxxxx
set timeout 30 expect "*assword:*"
send "$password\r" expect "*FW*"
send "display session statistics\r" expect "*FW*"
send "quit"
vi firewall_check_sessions.c
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <regex.h>
#include <string.h> #define OK 0
#define WARNING 1
#define CRITICAL 2
#define UNKNOWN 3 #define LEN 1000L
#define MIN_LEN 32L //#define TCL_CMD "/home/weihu/tcl/"
#define TCL_CMD "/usr/local/nagios/libexec/" int exitstatus=OK;
char *exit_status[4]={"OK","WARNING","CRITICAL","UNKNOWN"}; char status_information[LEN];
char performance_data[LEN]; //current session
char cur_session[MIN_LEN]={0};
char tcp_session[MIN_LEN]={0};
char half_open[MIN_LEN]={0};
char half_close[MIN_LEN]={0};
char udp_session[MIN_LEN]={0};
char icmp_session[MIN_LEN]={0};
char rawip_session[MIN_LEN]={0}; //new create session per second
char cur_new_session[MIN_LEN]={0};
char tcp_new_session[MIN_LEN]={0};
char udp_new_session[MIN_LEN]={0};
char icmp_new_session[MIN_LEN]={0};
char rawip_new_session[MIN_LEN]={0}; int parse_status(char *sh_cmd,char *active_status,char *active_ip_addr) {
int ret;
FILE *fp;
char readbuf[LEN]; char *p,*str; int line=0;
int mark1=0;
int mark2=0; /*
char tmp1[LEN];
char tmp2[LEN];
char tmp3[LEN];
char tmp4[LEN];
*/ int mark=0;
char tmp1[MIN_LEN];
char tmp2[MIN_LEN]; regex_t reg;
int cflags=REG_EXTENDED;
const char *pattern="^Session establishment rate";
regmatch_t pmatch[1];
int nmatch=1; ret=regcomp(®,pattern,cflags);
if(ret!=0) {
fprintf(stderr,"regcomp() error.\n");
} // fp=popen("/home/neo/check_log/tcl/auto_ssh.sh","r");
fp=popen(sh_cmd,"r");
if(fp==NULL) {
fprintf(stderr,"popen() error. ");
exitstatus=CRITICAL;
printf("%s: - %s | %s\n",exit_status[exitstatus],status_information,performance_data);
exit(exitstatus);
} while(fgets(readbuf,LEN,fp)!=NULL) {
line++;
// printf("line=%d,readbuf=%s",line,readbuf);
if(strstr(readbuf,"Current session")) {
sscanf(readbuf,"Current session(s):%s",cur_session);
// printf("cur_session=%s\n",cur_session);
} if(strstr(readbuf,"TCP session")) {
sscanf(readbuf," Current TCP session(s): %s",tcp_session);
// printf("tcp_session=%s\n",tcp_session);
} if(strstr(readbuf,"Half-Open")) {
sscanf(readbuf," Half-Open: %s Half-Close: %s",half_open,half_close);
// printf("half_open=%s,half_close=%s\n",half_open,half_close);
} if(strstr(readbuf,"UDP session")) {
sscanf(readbuf," Current UDP session(s): %s",udp_session);
// printf("udp_session=%s\n",udp_session);
} if(strstr(readbuf,"ICMP session")) {
sscanf(readbuf," Current ICMP session(s): %s",icmp_session);
// printf("icmp_session=%s\n",icmp_session);
} if(strstr(readbuf,"RAWIP session")) {
sscanf(readbuf," Current RAWIP session(s): %s",rawip_session);
// printf("rawip_session=%s\n",rawip_session);
// break;
} if(strstr(readbuf,"Session establishment rate")) {
mark++;
}
if(mark==1) {
ret=regexec(®,readbuf,nmatch,pmatch,0);
if(ret==0) {
// printf("-----------readbuf=%s",readbuf); sscanf(readbuf,"Session establishment rate: %[^/s]",cur_new_session);
// printf("cur_new_session=%s\n",cur_new_session);
}
} if(strstr(readbuf,"TCP Session establishment rate")) {
sscanf(readbuf," TCP Session establishment rate: %[^/s]",tcp_new_session);
// printf("tcp_new_session=%s\n",tcp_new_session);
} if(strstr(readbuf,"UDP Session establishment rate")) {
sscanf(readbuf," UDP Session establishment rate: %[^/s]",udp_new_session);
// printf("udp_new_session=%s\n",udp_new_session);
} if(strstr(readbuf,"ICMP Session establishment rate")) {
sscanf(readbuf," ICMP Session establishment rate: %[^/s]",icmp_new_session);
// printf("icmp_new_session=%s\n",icmp_new_session);
} if(strstr(readbuf,"RAWIP Session establishment rate")) {
sscanf(readbuf," RAWIP Session establishment rate: %[^/s]",rawip_new_session);
// printf("rawip_new_session=%s\n",rawip_new_session);
}
/*
if(line==3) {
for(p=strtok(readbuf," ");p;p=strtok(NULL," ")) {
// str=p; //Sun
mark1++; if(mark1==2) {
// printf("p=%s\n",p); strcpy(active_status,p);
// printf("active_status=%s\n",active_status);
}
}
} if(line==4) {
for(p=strtok(readbuf," ");p;p=strtok(NULL," /")) {
mark2++; if(mark2==2) {
// printf("p=%s\n",p); strcpy(active_ip_addr,p);
// printf("active_ip_addr=%s\n",active_ip_addr);
}
} break;
}
*/
} // printf("line=%d\n",line); ret=pclose(fp);
if(ret==-1) {
fprintf(stderr,"popen() error.\n");
return -1;
} return 0;
} int main(int argc, char *argv[]) {
int ret;
char sh_cmd[LEN]; char active_status[LEN];
char active_ip_addr[LEN]; if(argc<=1) {
printf("%s %s\n",argv[0],"auto_ssh_firewall_dis_session.sh + ip");
exit(-1);
} sprintf(sh_cmd,"%s%s %s",TCL_CMD,argv[1],argv[2]);
// printf("sh_cmd=%s\n",sh_cmd); ret=parse_status(sh_cmd,active_status,active_ip_addr);
if(ret!=0) {
fprintf(stderr,"parse_status() error.\n"); sprintf(status_information,"cur_all_session=%s, cur_all_session_new=%s, tcp_all_session=%s, tcp_all_session_new=%s, tcp_half_open=%s, tcp_half_close=%s, udp_session=%s, udp_session_new=%s, icmp_session=%s, icmp_session_new=%s, rawip_session=%s, rawip_session_new=%s", cur_session, cur_new_session, tcp_session, tcp_new_session, half_open, half_close, udp_session, udp_new_session, icmp_session, icmp_new_session, rawip_session, rawip_new_session); sprintf(performance_data,"cur_all_session=%s;;;; cur_all_session_new=%s;;;; tcp_all_session=%s;;;; tcp_all_session_new=%s;;;; tcp_half_open=%s;;;; tcp_half_close=%s;;;; udp_session=%s;;;; udp_session_new=%s;;;; icmp_session=%s;;;; icmp_session_new=%s;;;; rawip_session=%s;;;; rawip_session_new=%s;;;;", cur_session, cur_new_session, tcp_session, tcp_new_session, half_open, half_close, udp_session, udp_new_session, icmp_session, icmp_new_session, rawip_session, rawip_new_session); exitstatus=CRITICAL;
printf("%s - %s | %s\n", exit_status[exitstatus], status_information, performance_data); return exitstatus;
} /*
// printf("active_status=%s\n",active_status);
// printf("active_ip_addr=%s\n",active_ip_addr); // if(atoi(ping_avg)<200 && atoi(loss_packet)==0) {
if(atoi(ping_avg)<200 && atoi(loss_packet_int)==0) {
exitstatus=OK;
}
// else if(atoi(ping_avg)>=200 && atoi(ping_avg)<500 || atoi(loss_packet)>=10 && atoi(loss_packet)<=50) {
else if(atoi(ping_avg)>=200 && atoi(ping_avg)<500 || atoi(loss_packet_int)>=10 && atoi(loss_packet_int)<=50) {
exitstatus=WARNING;
}
// else if(atoi(ping_avg)>=500 || atoi(loss_packet)>50) {
else if(atoi(ping_avg)>=500 || atoi(loss_packet_int)>50) {
exitstatus=CRITICAL;
}
else {
exitstatus=CRITICAL;
} // sprintf(status_information,"rta %s%s, loss %s",ping_avg,ping_unit,loss_packet);
sprintf(status_information,"rta %s%s, loss %s%%",ping_avg,ping_unit,loss_packet_int); // sprintf(performance_data,"rta=%s%s;200.000;500.000;0; pl=%s;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;",ping_avg,ping_unit,loss_packet,ping_max,ping_unit,ping_min,ping_unit);
sprintf(performance_data,"rta=%s%s;200.000;500.000;0; pl=%s%%;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;",ping_avg,ping_unit,loss_packet_int,ping_max,ping_unit,ping_min,ping_unit); //|rta=0.056ms;200.000;500.000;0; pl=0%;40;80;; rtmax=0.084ms;;;; rtmin=0.029ms;;;; if(strstr(argv[1],"80_49")) {
printf("%s - 192.20.198.121: %s | %s\n",exit_status[exitstatus],status_information,performance_data);
} if(strstr(argv[1],"80_50")) {
printf("%s - 192.20.198.181: %s | %s\n",exit_status[exitstatus],status_information,performance_data);
} return exitstatus;
*/ sprintf(status_information,"cur_all_session=%s, cur_all_session_new=%s, tcp_all_session=%s, tcp_all_session_new=%s, tcp_half_open=%s, tcp_half_close=%s, udp_session=%s, udp_session_new=%s, icmp_session=%s, icmp_session_new=%s, rawip_session=%s, rawip_session_new=%s", cur_session, cur_new_session, tcp_session, tcp_new_session, half_open, half_close, udp_session, udp_new_session, icmp_session, icmp_new_session, rawip_session, rawip_new_session); sprintf(performance_data,"cur_all_session=%s;;;; cur_all_session_new=%s;;;; tcp_all_session=%s;;;; tcp_all_session_new=%s;;;; tcp_half_open=%s;;;; tcp_half_close=%s;;;; udp_session=%s;;;; udp_session_new=%s;;;; icmp_session=%s;;;; icmp_session_new=%s;;;; rawip_session=%s;;;; rawip_session_new=%s;;;;", cur_session, cur_new_session, tcp_session, tcp_new_session, half_open, half_close, udp_session, udp_new_session, icmp_session, icmp_new_session, rawip_session, rawip_new_session); printf("%s - %s | %s\n", exit_status[exitstatus], status_information, performance_data); return exitstatus;
}
nagios插件之登陆防火墙实现session监控的更多相关文章
- nagios插件之登陆SBC监控电话数
运行:sbc_calls_status_new auto_ssh_sbc_10_17.sh | auto_ssh_sbc_11_17.sh vi sbc_calls_status_new.c #inc ...
- 关于nagios系统下使用shell脚本自定义监控插件的编写以及没有实时监控图的问题
关于nagios系统下shell自定义监控插件的编写.脚本规范以及没有实时监控图的问题的解决办法 在自已编写监控插件之前我们首先需要对nagios监控原理有一定的了解 Nagios的功能是监控服务和主 ...
- 用python 写一个nagios插件 监控http内容(转载)
nagios自带的http-check插件主要是检测地址url是否可以访问,在web+中间件的架构中容易出现url能访问,但是后台中间件拓机的情况,因为最近在自学python,所以写了个脚本检测ur ...
- Nagios的安装配置与应用之五监控远程Linux服务器
本文出自 “曹坏水” 博客,请务必保留此出处http://cao2012.blog.51cto.com/366908/1132113 NRPE是Nagios的一个功能扩展,它可在远程Linux和UNI ...
- nagios 实现Mysql 主从同步状态的监控
一.系统环境 主机名 IP nagios 192.168.15.111 mysql_s 192.168.15.21 二.操作步骤 2.1 mysql_s端的配置 2.1.1 编写check_mysql ...
- 使用nagios插件 check_mysql_health 过程中遇到的error
使用nagios插件 check_mysql_health 过程中遇到的error 1.如果在运行监控mysql插件的时候遇到了error安装以下依赖包就可以解决: yum install perl- ...
- Eclipse下使用GDT插件无法登陆GAE & GDT无法上传JAVA代码
今天更新github主页的过程中,想使用GAE部署一个Java Web服务来更好的支持网站动态性(关键是利用了免费的GAE资源),结果遇到了2个大问题. 1.GDT插件无法登陆GAE账户 错误1:登陆 ...
- 开发人员福利!ChromeSnifferPlus 插件正式登陆 Chrome Web Store
今天(2014-10-30)下午,ChromeSnifferPlus 插件正式登陆 Chrome Web Store. 在线安装地址: https://chrome.google.com/websto ...
- nagios 插件ndoutils 安装配置
nagios 插件ndoutils 安装配置 原文地址:http://www.cnblogs.com/caoguo/p/5022645.html # Nagios install ndoutils # ...
随机推荐
- 使用 Spring HATEOAS 开发 REST 服务--转
原文地址:https://www.ibm.com/developerworks/cn/java/j-lo-SpringHATEOAS/index.html?ca=drs-&utm_source ...
- Linux环境下源码安装PostgreSQL
1.下载PostgreSQL源码包,并保存到Linux操作系统的一个目录下 2.解压PostgreSQL源码包 :tar zxvf postgresql-9.2.4.tar.gz 或 tar jxvf ...
- NodeJS学习笔记 进阶 (11)Nodejs 进阶:调试日志打印:debug模块
个人总结:读完这篇文章需要5分钟,讲解了debug模块的使用 摘选自网络 前言 在node程序开发中时,经常需要打印调试日志.用的比较多的是debug模块,比如express框架中就用到了.下文简单举 ...
- 洛谷P1280 && caioj 1085 动态规划入门(非常规DP9:尼克的任务)
这道题我一直按照往常的思路想 f[i]为前i个任务的最大空暇时间 然后想不出来怎么做-- 后来看了题解 发现这里设的状态是时间,不是任务 自己思维还是太局限了,题做得太少. 很多网上题解都反着做,那么 ...
- Java基础学习总结(14)——Java对象的序列化和反序列化
一.序列化和反序列化的概念 把对象转换为字节序列的过程称为对象的序列化. 把字节序列恢复为对象的过程称为对象的反序列化. 对象的序列化主要有两种用途: 1) 把对象的字节序列永久地保存到硬盘上,通常存 ...
- HBase为什么快 HBase原理。 HBase几个问题
背景色表示可以自己做实验搞定 1 模拟一组数据 1.2.3.4.5.6.7.8.9.10 1 入 限定符 'one' 2 入 'two' 3 入 'three' 4 f ...
- OpenGL 获取当前屏幕坐标对应的三维坐标
转自原文 OpenGL 获取当前屏幕坐标对应的三维坐标,使用很简单glu库中的一个函数 #include <GL/glut.h> #include <stdlib.h> #in ...
- Jeff Dean专访,有不少干货
<专访Jeff Dean:我们要推动机器学习再上一层楼> 文件链接如下: Link https://arxiv.org/ 有意思的是,里面提到的 arXiv网站,一个能够用来证明论文上传时 ...
- uestc 94(区间更新)
题意:有一个字符串全部由'('和')'组成.然后有三种操作,query a b输出区间[a,b]字符串的括号序列是否合法.reverse a b把区间[a,b]字符串里全部'('替换成')',而且把全 ...
- HIT 2255 Not Fibonacci(矩阵高速幂)
#include <iostream> #include <cstdio> #include <cstring> using namespace std; cons ...