Nagios插件之登陆防火墙实现Session监控

共计 6954 个字符，预计需要花费 18 分钟才能阅读完成。

ssh_firewall_session.sh — 登陆防火墙并执行 dis session statistics

firewall_check_sessions.c — 调用上面脚本，过滤出 sessioin 的数值

执行：./firewall_check_sessions ssh_firewall_session.sh 192.168.0.1

vi ssh_firewall_session.sh

#!/usr/bin/expect -f

#set port 22
set user xxxxxx
set host [lindex $argv 0 0]
set password xxxxxx
set timeout 30

expect “*assword:*”
send “$password\r”

expect “*FW*”
send “display session statistics\r”

expect “*FW*”
send “quit”

vi firewall_check_sessions.c

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#define OK      0
#define WARNING  1
#define CRITICAL 2
#define UNKNOWN  3

#define LEN 1000L
#define MIN_LEN 32L

//#define TCL_CMD “/home/weihu/tcl/”
#define TCL_CMD “/usr/local/nagios/libexec/”

int exitstatus=OK;
char *exit_status[4]={“OK”,”WARNING”,”CRITICAL”,”UNKNOWN”};

char status_information[LEN];
char performance_data[LEN];

//save session
char cur_session[MIN_LEN]={0};
char tcp_session[MIN_LEN]={0};
char half_open[MIN_LEN]={0};
char half_close[MIN_LEN]={0};
char udp_session[MIN_LEN]={0};
char icmp_session[MIN_LEN]={0};
char rawip_session[MIN_LEN]={0};

int parse_status(char *sh_cmd,char *active_status,char *active_ip_addr) {
 int ret;
        FILE *fp;
        char readbuf[LEN];

        char *p,*str;

 int line=0;
 int mark1=0;
 int mark2=0;

        char tmp1[LEN];
        char tmp2[LEN];
        char tmp3[LEN];
        char tmp4[LEN];

// fp=popen(“/home/neo/check_log/tcl/auto_ssh.sh”,”r”);
        fp=popen(sh_cmd,”r”);
        if(fp==NULL) {
                fprintf(stderr,”popen() error. “);
                exitstatus=CRITICAL;
                printf(“%s: – %s | %s\n”,exit_status[exitstatus],status_information,performance_data);
                exit(exitstatus);
        }

        while(fgets(readbuf,LEN,fp)!=NULL) {
  line++;
 // printf(“line=%d,readbuf=%s”,line,readbuf);
 
  if(strstr(readbuf,”Current session”)) {
   sscanf(readbuf,”Current session(s):%s”,cur_session);
  // printf(“cur_session=%s\n”,cur_session);
  }

  if(strstr(readbuf,”TCP session”)) {
   sscanf(readbuf,” Current    TCP session(s): %s”,tcp_session);
  // printf(“tcp_session=%s\n”,tcp_session);
  }

  if(strstr(readbuf,”Half-Open”)) {
   sscanf(readbuf,” Half-Open: %s          Half-Close: %s”,half_open,half_close);
  // printf(“half_open=%s,half_close=%s\n”,half_open,half_close);
  }

  if(strstr(readbuf,”UDP session”)) {
   sscanf(readbuf,” Current    UDP session(s): %s”,udp_session);
  // printf(“udp_session=%s\n”,udp_session);
  }

  if(strstr(readbuf,”ICMP session”)) {
   sscanf(readbuf,” Current    ICMP session(s): %s”,icmp_session);
  // printf(“icmp_session=%s\n”,icmp_session);
  }

  if(strstr(readbuf,”RAWIP session”)) {
   sscanf(readbuf,” Current  RAWIP session(s): %s”,rawip_session);
  // printf(“rawip_session=%s\n”,rawip_session);
   break;
  }

/*
  if(line==3) {
   for(p=strtok(readbuf,” “);p;p=strtok(NULL,” “)) {
    //      str=p;

    //Sun
    mark1++;

    if(mark1==2) {
    // printf(“p=%s\n”,p);

     strcpy(active_status,p);
    // printf(“active_status=%s\n”,active_status);
    }
   }
  }

  if(line==4) {
   for(p=strtok(readbuf,” “);p;p=strtok(NULL,” /”)) {
    mark2++;

    if(mark2==2) {
    // printf(“p=%s\n”,p);

     strcpy(active_ip_addr,p);
    // printf(“active_ip_addr=%s\n”,active_ip_addr);
    }
   }

   break;
  }
*/
        }

// printf(“line=%d\n”,line);

        ret=pclose(fp);
        if(ret==-1) {
                fprintf(stderr,”popen() error.\n”);
                return -1;
        }

 return 0;
}

int main(int argc, char *argv[]) {
        int ret;
 char sh_cmd[LEN];

 char active_status[LEN];
 char active_ip_addr[LEN];

 if(argc<=1) {
  printf(“%s %s\n”,argv[0],”auto_ssh_firewall_dis_session.sh + ip”);
  exit(-1);
 }

 sprintf(sh_cmd,”%s%s %s”,TCL_CMD,argv[1],argv[2]);
// printf(“sh_cmd=%s\n”,sh_cmd);

 ret=parse_status(sh_cmd,active_status,active_ip_addr);
 if(ret!=0) {
  fprintf(stderr,”parse_status() error.\n”);

  sprintf(status_information,”cur_session=%s, tcp_session=%s, half_open=%s, half_close=%s udp_session=%s icmp_session=%s, rawip_session=%s”, cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session);

  sprintf(performance_data,”cur_session=%s;;;; tcp_session=%s;;;; half_open=%s;;;; half_close=%s;;;; udp_session=%s;;;; icmp_session=%s;;;; rawip_session=%s;;;;”, cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session);

  exitstatus=CRITICAL;
  printf(“%s – %s | %s\n”, exit_status[exitstatus], status_information, performance_data);

  return exitstatus;
 }

 /*
// printf(“active_status=%s\n”,active_status);
// printf(“active_ip_addr=%s\n”,active_ip_addr);

// if(atoi(ping_avg)<200 && atoi(loss_packet)==0) {
 if(atoi(ping_avg)<200 && atoi(loss_packet_int)==0) {
  exitstatus=OK; 
 }
// else if(atoi(ping_avg)>=200 && atoi(ping_avg)<500 || atoi(loss_packet)>=10 && atoi(loss_packet)<=50) {
 else if(atoi(ping_avg)>=200 && atoi(ping_avg)<500 || atoi(loss_packet_int)>=10 && atoi(loss_packet_int)<=50) {
  exitstatus=WARNING; 
 }
// else if(atoi(ping_avg)>=500 || atoi(loss_packet)>50) {
 else if(atoi(ping_avg)>=500 || atoi(loss_packet_int)>50) {
  exitstatus=CRITICAL; 
 }
 else {
  exitstatus=CRITICAL; 
 }

// sprintf(status_information,”rta %s%s, loss %s”,ping_avg,ping_unit,loss_packet);
 sprintf(status_information,”rta %s%s, loss %s%%”,ping_avg,ping_unit,loss_packet_int);

// sprintf(performance_data,”rta=%s%s;200.000;500.000;0; pl=%s;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;”,ping_avg,ping_unit,loss_packet,ping_max,ping_unit,ping_min,ping_unit);
 sprintf(performance_data,”rta=%s%s;200.000;500.000;0; pl=%s%%;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;”,ping_avg,ping_unit,loss_packet_int,ping_max,ping_unit,ping_min,ping_unit);

 //|rta=0.056ms;200.000;500.000;0; pl=0%;40;80;; rtmax=0.084ms;;;; rtmin=0.029ms;;;;

 if(strstr(argv[1],”80_49″)) {
         printf(“%s – 192.20.198.121: %s | %s\n”,exit_status[exitstatus],status_information,performance_data);
 }

 if(strstr(argv[1],”80_50″)) {
         printf(“%s – 192.20.198.181: %s | %s\n”,exit_status[exitstatus],status_information,performance_data);
 }

        return exitstatus;
 */

 sprintf(status_information,”cur_all_session=%s, tcp_all_session=%s, tcp_half_open=%s, tcp_half_close=%s udp_session=%s icmp_session=%s, rawip_session=%s”, cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session);

 sprintf(performance_data,”cur_all_session=%s;;;; tcp_all_session=%s;;;; tcp_half_open=%s;;;; tcp_half_close=%s;;;; udp_session=%s;;;; icmp_session=%s;;;; rawip_session=%s;;;;”, cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session);

        printf(“%s – %s | %s\n”, exit_status[exitstatus], status_information, performance_data);

 return exitstatus;
}

————————————– 分割线 ————————————–

在 Ubuntu 下配置 Mrtg 监控 Nginx 和服务器系统资源 http://www.linuxidc.com/Linux/2013-08/88417.htm

使用 snmp+Mrtg 监控 Linux 系统 http://www.linuxidc.com/Linux/2012-11/73561.htm

Mrtg 服务器搭建（监控网络流量）http://www.linuxidc.com/Linux/2012-07/64315.htm

网络监控器 Nagios 全攻略 http://www.linuxidc.com/Linux/2013-07/87067.htm

Nagios 搭建与配置详解 http://www.linuxidc.com/Linux/2013-05/84848.htm

Nginx 环境下构建 Nagios 监控平台 http://www.linuxidc.com/Linux/2011-07/38112.htm

在 RHEL5.3 上配置基本的 Nagios 系统 (使用 Nagios-3.1.2) http://www.linuxidc.com/Linux/2011-07/38129.htm

CentOS 5.5+Nginx+Nagios 监控端和被控端安装配置指南 http://www.linuxidc.com/Linux/2011-09/44018.htm

Ubuntu 13.10 Server 安装 Nagios Core 网络监控运用 http://www.linuxidc.com/Linux/2013-11/93047.htm

————————————– 分割线 ————————————–

Nagios 的详细介绍 ：请点这里
Nagios 的下载地址 ：请点这里

本文永久更新链接地址 ：http://www.linuxidc.com/Linux/2015-07/119658.htm