=================================================================== RCS file: /cvs/nagios/check_radius/check_radius.pl,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- nagios/check_radius/check_radius.pl 2005/08/25 01:56:07 1.2 +++ nagios/check_radius/check_radius.pl 2006/08/29 23:26:31 1.3 @@ -1,182 +1,182 @@ -#!/usr/bin/perl -# $RedRiver$ -# -# check_radius.pl - nagios plugin -# -# -# Copyright (C) 2003 andrew fresh -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# -# -# Report bugs to: andrew@mad-techies.org -# -# 11.26.2000 Version 1.0 -# -# $Id: check_radius.pl,v 1.2 2005/08/25 00:56:07 andrew Exp $ - -use strict; -use warnings; -use diagnostics; - -use POSIX; -use lib "C:/nrpe_nt/lib" ; -use utils qw($TIMEOUT %ERRORS &print_revision &support); - -use Getopt::Long; -Getopt::Long::Configure('bundling'); - -my $PROGNAME = "check_radius"; - -my $state = 'UNKNOWN'; # tells whether the it is warning, critical, or OK -my $answer = ''; # stores the test of the errors -my $hostname = ''; -my $port = ''; -my $secret = ''; -my $user = ''; -my $pwd = ''; -my $timeout = 5; -my %states; # This stores the count of states; -my $file; -my $opt_h ; -my $opt_V ; - - -# Just in case of problems, let's not hang Nagios -$SIG{'ALRM'} = sub { - print ("ERROR: No radius response from $hostname (alarm timeout)\n"); - exit $ERRORS{"UNKNOWN"}; -}; -alarm($TIMEOUT); - - - -#Option checking -my $status = GetOptions( - "V" => \$opt_V, "version" => \$opt_V, - "h" => \$opt_h, "help" => \$opt_h, - "H=s" => \$hostname, "hostname=s" => \$hostname, - "s=s" => \$secret, "secret=s" => \$secret, - "P=i" => \$port, "port=i" => \$port, - "u=s" => \$user, "username=s" => \$user, - "p=s" => \$pwd, "password=s" => \$pwd, - "t=i" => \$timeout, "timeout=i"=> \$timeout, - ); - -if ($status == 0) -{ - print_help() ; - exit $ERRORS{'OK'}; -} - - -if ($opt_V) { - print_revision($PROGNAME,'$Revision: 1.2 $ '); - exit $ERRORS{'OK'}; -} - -if ($opt_h) { - print_help(); - exit $ERRORS{'OK'}; -} - -unless ($hostname && $secret && $user && $pwd) { - print_help(); - exit $ERRORS{'OK'}; -} - -if ($port) { - $hostname .= ":" . $port; -} - -use Authen::Radius; - -#print "Creating Client . . . "; -my $r = new Authen::Radius(Host => $hostname, Secret => $secret, Timeout => $timeout); -#print defined $r ? "" : "not ", "ok\n"; - -unless (defined $r) { - done('UNKNOWN', "Couldn't create socket!"); -} - - -$r->clear_attributes; - -$r->add_attributes ( - { Name => 1, Value => $user, Type => 'string' }, # Username - { Name => 2, Value => $pwd, Type => 'string' }, # Password - { Name => 5, Value => '1', Type => 'integer' }, # NASPort -); - -#print "Authenticating . . ."; -my $snt = $r->send_packet(ACCESS_REQUEST); -unless (defined $snt) { - done('CRITICAL', "Couldn't sent authentication packet: " . $r->strerror($r->get_error)); -} - -$r->clear_attributes; - -my $rcv = $r->recv_packet(); - -#print "" . (defined($rcv) and $rcv == ACCESS_ACCEPT) ? "" : "not ", "ok\n"; - -unless (defined $rcv) { - done ('CRITICAL', "Didn't recieve valid response: " . $r->strerror($r->get_error)); -} - -unless ($rcv == ACCESS_ACCEPT) { - done ('WARNING', "Access was denied for $user"); -} - - -#my @a = $r->get_attributes; -#print "Attributes . . . "; -#print $#a != -1 ? "" : "not ", "ok\n"; -#for $a (@a) { -# print "attr: name=$a->{'Name'} value=$a->{'Value'}\n"; -#} - - -if ($state eq 'UNKNOWN') { - $state = 'OK'; - $answer = "User $user authenticated correctly!"; -} - -done($state, $answer); - -sub done -{ - my $state = shift; - my $answer = shift; - - print "$state: "; - print $answer; - exit $ERRORS{$state}; -} - -sub print_help { - printf "$PROGNAME plugin for Nagios monitors radius authentication\n"; - printf " $PROGNAME -H -u -p \n"; - printf "\nUsage:\n"; - printf " -H (--hostname) Hostname to query (required)\n"; - printf " -s (--secret) Radius Secret (required)\n"; - printf " -P (--port) Radius auth port\n"; - printf " -u (--username) Username to try authenticating (required)\n"; - printf " -p (--password) Password to authenticate with (required)\n"; - printf " -t (--timeout) Time to wait for response (defaults to 5 secs)\n"; - printf " -h (--help) usage help \n\n"; - print_revision($PROGNAME, '$Revision: 1.2 $'); -} - +#!/usr/bin/perl +# $RedRiver: check_radius.pl,v 1.2 2005/08/25 00:56:07 andrew Exp $ +# +# check_radius.pl - nagios plugin +# +# +# Copyright (C) 2003 andrew fresh +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License +# as published by the Free Software Foundation; either version 2 +# of the License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# +# Report bugs to: andrew@mad-techies.org +# +# 11.26.2000 Version 1.0 +# +# $Id: check_radius.pl,v 1.3 2006/08/29 22:26:31 andrew Exp $ + +use strict; +use warnings; +use diagnostics; + +use POSIX; +use lib "/usr/local/libexec/nagios"; +use utils qw($TIMEOUT %ERRORS &print_revision &support); + +use Getopt::Long; +Getopt::Long::Configure('bundling'); + +my $PROGNAME = "check_radius"; + +my $state = 'UNKNOWN'; # tells whether the it is warning, critical, or OK +my $answer = ''; # stores the test of the errors +my $hostname = ''; +my $port = ''; +my $secret = ''; +my $user = ''; +my $pwd = ''; +my $timeout = 5; +my %states; # This stores the count of states; +my $file; +my $opt_h ; +my $opt_V ; + + +# Just in case of problems, let's not hang Nagios +$SIG{'ALRM'} = sub { + print ("ERROR: No radius response from $hostname (alarm timeout)\n"); + exit $ERRORS{"UNKNOWN"}; +}; +alarm($TIMEOUT); + + + +#Option checking +my $status = GetOptions( + "V" => \$opt_V, "version" => \$opt_V, + "h" => \$opt_h, "help" => \$opt_h, + "H=s" => \$hostname, "hostname=s" => \$hostname, + "s=s" => \$secret, "secret=s" => \$secret, + "P=i" => \$port, "port=i" => \$port, + "u=s" => \$user, "username=s" => \$user, + "p=s" => \$pwd, "password=s" => \$pwd, + "t=i" => \$timeout, "timeout=i"=> \$timeout, + ); + +if ($status == 0) +{ + print_help() ; + exit $ERRORS{'OK'}; +} + + +if ($opt_V) { + print_revision($PROGNAME,'$Revision: 1.3 $ '); + exit $ERRORS{'OK'}; +} + +if ($opt_h) { + print_help(); + exit $ERRORS{'OK'}; +} + +unless ($hostname && $secret && $user && $pwd) { + print_help(); + exit $ERRORS{'OK'}; +} + +if ($port) { + $hostname .= ":" . $port; +} + +use Authen::Radius; + +#print "Creating Client . . . "; +my $r = new Authen::Radius(Host => $hostname, Secret => $secret, Timeout => $timeout); +#print defined $r ? "" : "not ", "ok\n"; + +unless (defined $r) { + done('UNKNOWN', "Couldn't create socket!"); +} + + +$r->clear_attributes; + +$r->add_attributes ( + { Name => 1, Value => $user, Type => 'string' }, # Username + { Name => 2, Value => $pwd, Type => 'string' }, # Password + { Name => 5, Value => '1', Type => 'integer' }, # NASPort +); + +#print "Authenticating . . ."; +my $snt = $r->send_packet(ACCESS_REQUEST); +unless (defined $snt) { + done('CRITICAL', "Couldn't sent authentication packet: " . $r->strerror($r->get_error)); +} + +$r->clear_attributes; + +my $rcv = $r->recv_packet(); + +#print "" . (defined($rcv) and $rcv == ACCESS_ACCEPT) ? "" : "not ", "ok\n"; + +unless (defined $rcv) { + done ('CRITICAL', "Didn't recieve valid response: " . $r->strerror($r->get_error)); +} + +unless ($rcv == ACCESS_ACCEPT) { + done ('WARNING', "Access was denied for $user"); +} + + +#my @a = $r->get_attributes; +#print "Attributes . . . "; +#print $#a != -1 ? "" : "not ", "ok\n"; +#for $a (@a) { +# print "attr: name=$a->{'Name'} value=$a->{'Value'}\n"; +#} + + +if ($state eq 'UNKNOWN') { + $state = 'OK'; + $answer = "User $user authenticated correctly!"; +} + +done($state, $answer); + +sub done +{ + my $state = shift; + my $answer = shift; + + print "$state: "; + print $answer; + exit $ERRORS{$state}; +} + +sub print_help { + printf "$PROGNAME plugin for Nagios monitors radius authentication\n"; + printf " $PROGNAME -H -u -p \n"; + printf "\nUsage:\n"; + printf " -H (--hostname) Hostname to query (required)\n"; + printf " -s (--secret) Radius Secret (required)\n"; + printf " -P (--port) Radius auth port\n"; + printf " -u (--username) Username to try authenticating (required)\n"; + printf " -p (--password) Password to authenticate with (required)\n"; + printf " -t (--timeout) Time to wait for response (defaults to 5 secs)\n"; + printf " -h (--help) usage help \n\n"; + print_revision($PROGNAME, '$Revision: 1.3 $'); +} +