Monkey Albino

Linux altar53.supremepanel53.com 4.18.0-553.8.1.lve.el8.x86_64 #1 SMP Thu Jul 4 16:24:39 UTC 2024 x86_64
/ lib64/ nagios/ plugins/

//lib64/nagios/plugins/check_outgoing_status.sh

#!/bin/bash

VERSION="$(grep 'VERSION_ID=' /etc/os-release | cut -d'"' -f 2)"
MAJOR_VERSION="$(cut -d'.' -f 1 <<< "$VERSION")"

if [[ "$MAJOR_VERSION" -lt 8 ]]; then
  echo "OK: Server OS version is $VERSION."
  exit 0
fi

MYSQL_USER="netfilter"
MYSQL_PASS="DkqioJ6ENxXfqCy"
MYSQL_DATABASE="netfilter"

module_name="netfilt"
daemon_name="outconnm"
hash_tables=('Whitelist Table' 'Blocklist Table' 'Ratelimited Table')
module_stats_file='/proc/module_stats'
SE_CRIT_TRESHOLD=50
SE_WARN_TRESHOLD=75
module_debug_file='/sys/module/netfilt/parameters/debug'
daemon_debug_file='/etc/am_outconnm_config.cfg'

if ! sudo /usr/bin/grep "$module_name" /proc/modules | grep -q 'Live'; then
  echo "CRITICAL: $module_name is not loaded."
  exit 2
fi

daemon_pid="$(sudo /usr/bin/pgrep -x $daemon_name)"
if [ -z "$daemon_pid" ]; then
  echo "CRITICAL: $daemon_name daemon is not running."
  exit 2
fi

for table in "${hash_tables[@]}"; do
  se="$(sudo /usr/bin/cat "$module_stats_file" | grep -A 5 "$table" | grep 'Spread Effectiveness' | awk '{print$3}')"
  if [ -z "$se" ]; then
    echo "CRITICAL: Could not get $table Spread Effectiveness."
    exit 2
  elif [ "$se" -lt "$SE_CRIT_TRESHOLD" ]; then
    echo "CRITICAL: $table Spread Effectiveness < $SE_CRIT_TRESHOLD"
    exit 2
  elif [ "$se" -lt "$SE_WARN_TRESHOLD" ]; then
    echo "WARNING: $table Spread Effectiveness < $SE_WARN_TRESHOLD"
    exit 1
  fi
done

status="$(mysql -u "$MYSQL_USER" -p"$MYSQL_PASS" "$MYSQL_DATABASE" -sNLe 'SELECT MODULE,DAEMON FROM status;' 2>&1 | grep -v 'Using a password on the command line interface can be insecure')"
module_status="$(awk '{print$1}' <<< "$status")"
daemon_status="$(awk '{print$2}' <<< "$status")"

if [ -z "$module_status" ] || [ -z "$daemon_status" ]; then
  echo "CRITICAL: Could not get MODULE/DAEMON status from database."
  exit 2
elif [ "$module_status" != "1" ] || [ "$daemon_status" != "1" ]; then
  echo "WARNING: MODULE/DAEMON status in database is not OK."
  exit 1
fi

module_debug="$(sudo /usr/bin/cat $module_debug_file)"
if [ -z "$module_debug" ]; then
  echo "CRITICAL: $module_name module debug status is unknown."
  exit 2
elif [ "$module_debug" != "0" ]; then
  echo "WARNING: $module_name module debug is enabled."
  exit 1
fi

daemon_debug="$(grep 'DEBUG' $daemon_debug_file | awk '{print$3}')"
if [ -z "$daemon_debug" ]; then
  echo "CRITICAL: Could not get $daemon_name daemon debug value from config."
  exit 2
elif [ "$daemon_debug" != "0" ] && [ "$daemon_debug" != "0;" ]; then
  echo "WARNING: $daemon_name daemon has debug set in config."
  exit 1
fi

echo "OK: Outgoing Connection Manager is running."
exit 0