nagios/check_radius/check_radius.pl - view

Return to check_radius.pl CVS log

Up to [local] / nagios / check_radius

File: [local] / nagios / check_radius / check_radius.pl (download)

Revision 1.3, Tue Aug 29 22:26:31 2006 UTC (17 years, 8 months ago) by andrew
Branch: MAIN
CVS Tags: HEAD
Changes since 1.2: +182 -182 lines

unix line endings and change the 'lib' directory

#!/usr/bin/perl
# $RedRiver: check_radius.pl,v 1.2 2005/08/25 00:56:07 andrew Exp $
#
# check_radius.pl - nagios plugin 
# 
#
# Copyright (C) 2003 andrew fresh
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#
#
# Report bugs to: andrew@mad-techies.org
# 
# 11.26.2000 Version 1.0
#
# $Id: check_radius.pl,v 1.3 2006/08/29 22:26:31 andrew Exp $

use strict;
use warnings;
use diagnostics;

use POSIX;
use lib "/usr/local/libexec/nagios";
use utils qw($TIMEOUT %ERRORS &print_revision &support);

use Getopt::Long;
Getopt::Long::Configure('bundling');

my $PROGNAME = "check_radius";

my $state = 'UNKNOWN'; # tells whether the it is warning, critical, or OK
my $answer = ''; # stores the test of the errors
my $hostname = '';
my $port = '';
my $secret = '';
my $user   = '';
my $pwd    = '';
my $timeout = 5;
my %states; # This stores the count of states;
my $file;
my $opt_h ;
my $opt_V ;


# Just in case of problems, let's not hang Nagios
$SIG{'ALRM'} = sub {
     print ("ERROR: No radius response from $hostname (alarm timeout)\n");
     exit $ERRORS{"UNKNOWN"};
};
alarm($TIMEOUT);



#Option checking
my $status = GetOptions(
        "V"   => \$opt_V, "version"    => \$opt_V,
        "h"   => \$opt_h, "help"       => \$opt_h,
        "H=s" => \$hostname, "hostname=s" => \$hostname,
        "s=s" => \$secret, "secret=s" => \$secret,
        "P=i" => \$port, "port=i" => \$port,
        "u=s" => \$user, "username=s" => \$user,
        "p=s" => \$pwd, "password=s" => \$pwd,
		"t=i" => \$timeout, "timeout=i"=> \$timeout,
        );
        
if ($status == 0)
{
    print_help() ;
    exit $ERRORS{'OK'};
}


if ($opt_V) {
    print_revision($PROGNAME,'$Revision: 1.3 $ ');
    exit $ERRORS{'OK'};
}

if ($opt_h) {
    print_help();
    exit $ERRORS{'OK'};
}

unless ($hostname && $secret && $user && $pwd) {
	print_help();
	exit $ERRORS{'OK'};
}

if ($port) {
	$hostname .= ":" . $port;
}

use Authen::Radius;

#print "Creating Client . . . ";
my $r = new Authen::Radius(Host => $hostname, Secret => $secret, Timeout => $timeout);
#print defined $r ? "" : "not ", "ok\n";

unless (defined $r) {
	done('UNKNOWN', "Couldn't create socket!");
}


$r->clear_attributes;

$r->add_attributes (
	{ Name => 1, Value => $user, Type => 'string' }, # Username
	{ Name => 2, Value => $pwd, Type => 'string' },  # Password
	{ Name => 5, Value => '1', Type => 'integer' },  # NASPort
);

#print "Authenticating . . .";
my $snt = $r->send_packet(ACCESS_REQUEST);
unless (defined $snt) {
	done('CRITICAL', "Couldn't sent authentication packet: " . $r->strerror($r->get_error));
}

$r->clear_attributes;

my $rcv = $r->recv_packet();

#print "" . (defined($rcv) and $rcv == ACCESS_ACCEPT) ? "" : "not ", "ok\n";

unless (defined $rcv) {
	done ('CRITICAL', "Didn't recieve valid response: " . $r->strerror($r->get_error));
}
		
unless ($rcv == ACCESS_ACCEPT) {
	done ('WARNING', "Access was denied for $user");
}


#my @a = $r->get_attributes;
#print "Attributes . . . ";
#print $#a != -1 ? "" : "not ", "ok\n";
#for $a (@a) {
#       print "attr: name=$a->{'Name'} value=$a->{'Value'}\n";
#}


if ($state eq 'UNKNOWN') { 
	$state = 'OK';
	$answer = "User $user authenticated correctly!";
}

done($state, $answer);

sub done
{
	my $state = shift;
	my $answer = shift;

	print "$state: ";
	print $answer;
	exit $ERRORS{$state};
}

sub print_help {
    printf "$PROGNAME plugin for Nagios monitors radius authentication\n";
	printf "  $PROGNAME -H <HOSTNAME> -u <USERNAME> -p <PASSWORD>\n";
    printf "\nUsage:\n";
    printf "   -H (--hostname)   Hostname to query              (required)\n";
	printf "   -s (--secret)     Radius Secret                  (required)\n";
	printf "   -P (--port)       Radius auth port\n";
	printf "   -u (--username)   Username to try authenticating (required)\n";
	printf "   -p (--password)   Password to authenticate with  (required)\n";
	printf "   -t (--timeout)    Time to wait for response (defaults to 5 secs)\n";
    printf "   -h (--help)       usage help \n\n";
    print_revision($PROGNAME, '$Revision: 1.3 $');
}