Mercurial Mercurial > hg > ius > nagios > nagios-plugin-scan / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
check_scan.pl
changeset 0 e9180d90ed71
child 1 58f05fab9512 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/check_scan.pl	Tue Jul 03 12:23:38 2012 +0200
@@ -0,0 +1,182 @@
+#!/usr/bin/perl -w
+
+#    Copyright (C) 2011  Christian Arnold
+#
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#    Christian Arnold <arnold@schlittermann.de>
+
+use 5.010;
+use strict;
+use File::Basename;
+use Getopt::Long;
+use Pod::Usage;
+
+delete @ENV{ grep /^LC_/ => keys %ENV };
+$ENV{LANG}   = "C";
+$ENV{LC_ALL} = "C";
+
+sub version($$);
+sub scan($$$);
+sub report(@);
+
+my %ERRORS = (
+    OK        => 0,
+    WARNING   => 1,
+    CRITICAL  => 2,
+    UNKNOWN   => 3,
+    DEPENDENT => 4
+);
+
+my $ME      = basename $0;
+my $NAME    = "SCAN";
+my $VERSION = "0.1";
+
+my %opt = (
+    host       => "localhost",
+    options    => "-sT -sU -r -p1-65535",
+    exceptions => "22/tcp"
+);
+
+MAIN: {
+    Getopt::Long::Configure('bundling');
+    GetOptions(
+        "o|options=s"    => \$opt{options},
+        "H|host=s"       => \$opt{host},
+        "e|exceptions=s" => \$opt{exceptions},
+        "h|help" => sub { pod2usage( -verbose => 1, -exitval => $ERRORS{OK} ) },
+        "m|man" => sub { pod2usage( -verbose => 2, -exitval => $ERRORS{OK} ) },
+        "V|version" => sub { version( $ME, $VERSION ); exit $ERRORS{OK}; }
+    ) or pod2usage( -verbose => 1, -exitval => $ERRORS{CRITICAL} );
+
+    my @openports = scan( $opt{host}, $opt{options}, $opt{exceptions} );
+    report(@openports);
+}
+
+sub version($$) {
+    my ( $progname, $version ) = @_;
+
+    say <<_VERSION;
+$progname version $version
+Copyright (C) 2012 by Christian Arnold and Schlittermann internet & unix support.
+
+$ME comes with ABSOLUTELY NO WARRANTY. This is free software,
+and you are welcome to redistribute it under certain conditions.
+See the GNU General Public Licence for details.
+_VERSION
+}
+
+sub scan($$$) {
+    my ( $host, $options, $exceptions ) = @_;
+    my @scan = grep { /^\d+\// } `nmap $options $host`;
+    my @openports;
+    my @exceptions;
+
+    if ($exceptions) {
+        @exceptions = split( /,/, $exceptions );
+    }
+
+  PORTS: foreach my $port (@scan) {
+        foreach my $exceptions (@exceptions) {
+            next PORTS if ( $port =~ /^$exceptions/ );
+        }
+        chomp($port);
+        $port =~ s/\s+/ /g;
+        push @openports, $port;
+    }
+
+    return @openports;
+}
+
+sub report(@) {
+    my @openports = @_;
+
+    if (@openports) {
+        say "$NAME WARNING: " . join( "; ", @openports );
+        exit $ERRORS{WARNING};
+    }
+
+    if ( $opt{exceptions} ) {
+        say "$NAME OK: no open ports (exceptions: $opt{exceptions})";
+    }
+    else {
+        say "$NAME OK: no open ports";
+    }
+    exit $ERRORS{OK};
+}
+
+__END__
+
+=head1 NAME
+
+check_scan - nagios plugin to run port scan
+
+=head1 SYNOPSIS
+
+check_scan [B<-H>|B<--host>]
+
+check_scan [B<-o>|B<--options>]
+
+check_scan [B<-e>|B<--exceptions>]
+
+=head1 OPTIONS
+
+=over
+
+=item B<-H>|B<--host>
+
+Host or ip to scan. (default: localhost)
+
+=item B<-o>|B<--options>
+
+Nmap options for scan, must be specified in quotes. (default: '-sT -sU -r -p1-65535')
+
+=item B<-e>|B<--exceptions>
+
+No warning is generated if any of these ports open. Multiple ports can
+be specified separated by commas (22/tcp,25/tcp,53/udp,...). (default: 22/tcp)
+
+=item B<-h>|B<--help>
+
+Print detailed help screen.
+
+=item B<-m>|B<--man>
+
+Print manual page.
+
+=item B<-V>|B<--version>
+
+Print version information.
+
+=back
+
+=head1 DESCRIPTION
+
+This nagios plugin scans hosts with nmap.
+
+=head1 VERSION
+
+This man page is current for version 0.1 of B<check_scan>.
+
+=head1 AUTHOR
+
+Written by Christian Arnold L<arnold@schlittermann.de>
+
+=head1 COPYRIGHT
+
+Copyright (C) 2012 by Christian Arnold and Schlittermann internet & unix support.
+This is free software, and you are welcome to redistribute it under certain conditions.
+See the GNU General Public Licence for details.
+
+=cut
ius/nagios/nagios-plugin-scan