sensu-plugins-network-checks 3.0.0 → 3.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 657f6d68bbee8aca2ec7dc4331d727a45ea9970253c4b1d3d5f31764bd97217d
4
- data.tar.gz: c0da8c7a1d2098e9dd61f5e73426e2c68e5d22f50ffcc6083d085ba5a0646885
3
+ metadata.gz: d45fea7e87a7fd0b77422c1a62942711f58840a1c15b73de68801904cd12d687
4
+ data.tar.gz: 024755f7eef5cf48b75831ba1d106f5b703f8541d588041eb0e0371281aa9691
5
5
  SHA512:
6
- metadata.gz: 3a36487ab0ef6fee539ea55ce28d37149e58bc223c5e32f5346b5e4a6fadf6ae930eff6174b64d6de6ccdfb58ddbc4c909a4a978c736411bb504333e9a29e90f
7
- data.tar.gz: ecd98e5e3b7773fbfc1f3a8869e8b121a71d0d8dbb018df47ce6685c0a5021848a8261cbb1cc83ab01d8d6c6c7babf6398f48152deea3ee8042fa389e3dd58f0
6
+ metadata.gz: 3e2fab411354ea8eb666ce798c2aa3d1f4c6df7f01342e2ddd34ac83b0413c344919ec80ea66ea01255b4cc7b73abc3e9c7f71b8415e63b2d284638afcfd93fc
7
+ data.tar.gz: 4133ad29aa21bb4ea96a001359ea6828c79eda462ff543e4b90ec38c0a8873fd5e5b165db0e9e496b94a8298a284002f4f781e32f86894d7280fb78c211b55a5
@@ -4,6 +4,8 @@ This project adheres to [Semantic Versioning](http://semver.org/).
4
4
  This CHANGELOG follows the format listed [here](https://github.com/sensu-plugins/community/blob/master/HOW_WE_CHANGELOG.md)
5
5
 
6
6
  ## [Unreleased]
7
+ ### Changed
8
+ - check-netfilter-conntrack.rb: ditch the associated shellscript and turned into pure Ruby.
7
9
 
8
10
  ## [3.0.0] - 2018-03-17
9
11
  ### Security
@@ -212,7 +214,8 @@ This CHANGELOG follows the format listed [here](https://github.com/sensu-plugin
212
214
 
213
215
  * initial release, same as community repo
214
216
 
215
- [Unreleased]: https://github.com/sensu-plugins/sensu-plugins-network-checks/compare/2.3.0...HEAD
217
+ [Unreleased]: https://github.com/sensu-plugins/sensu-plugins-network-checks/compare/3.1.0...HEAD
218
+ [3.1.0]: https://github.com/sensu-plugins/sensu-plugins-network-checks/compare/3.0.0...3.1.0
216
219
  [3.0.0]: https://github.com/sensu-plugins/sensu-plugins-network-checks/compare/2.3.0...3.0.0
217
220
  [2.3.1]: https://github.com/sensu-plugins/sensu-plugins-network-checks/compare/2.3.0...2.3.1
218
221
  [2.3.0]: https://github.com/sensu-plugins/sensu-plugins-network-checks/compare/2.2.0...2.3.0
data/README.md CHANGED
@@ -9,6 +9,7 @@
9
9
 
10
10
  ## Files
11
11
  * bin/check-banner.rb
12
+ * bin/check-netfilter-conntrack.rb
12
13
  * bin/check-jsonwhois-domain-expiration.rb
13
14
  * bin/check-mtu.rb
14
15
  * bin/check-multicast-groups.rb
@@ -1,7 +1,74 @@
1
1
  #!/usr/bin/env ruby
2
2
  # frozen_string_literal: true
3
3
 
4
- bin_dir = File.expand_path(__dir__)
5
- shell_script_path = File.join(bin_dir, File.basename($PROGRAM_NAME, '.rb') + '.sh')
4
+ #
5
+ # check-netfilter-conntrack
6
+ #
7
+ # DESCRIPTION:
8
+ # Check netfilter connection tracking table condition
9
+ #
10
+ # OUTPUT:
11
+ # plain text
12
+ #
13
+ # PLATFORMS:
14
+ # Linux
15
+ #
16
+ # DEPENDENCIES:
17
+ # gem: sensu-plugin
18
+ #
19
+ # USAGE:
20
+ # $ ./check-netfilter-conntrack.rb --warning 60 --critical 90
21
+ #
22
+ # NOTES:
23
+ # - If you need to check the conntrack table of a specific linux
24
+ # network namespace (e.g in a docker context), run this check as
25
+ # `nsenter --net=<file> check-netfilter-conntrack.rb` to use the
26
+ # network namespace which `<file>`'s descriptor indicates.
27
+ #
28
+ # LICENSE:
29
+ # Released under the same terms as Sensu (the MIT license); see LICENSE
30
+ # for details.
31
+ #
6
32
 
7
- exec shell_script_path, *ARGV
33
+ require 'sensu-plugin/check/cli'
34
+
35
+ #
36
+ # Check Netfilter connection tracking table condition
37
+ #
38
+ class CheckNetfilterConntrack < Sensu::Plugin::Check::CLI
39
+ option :warning,
40
+ description: 'Warn if conntrack table is filled more than PERC%',
41
+ short: '-w PERC',
42
+ long: '--warning PERC',
43
+ default: 80,
44
+ proc: proc(&:to_i)
45
+
46
+ option :critical,
47
+ description: 'Critical if conntrack table is filled more than PERC%',
48
+ short: '-c PERC',
49
+ long: '--critical PERC',
50
+ default: 90,
51
+ proc: proc(&:to_i)
52
+
53
+ def nf_conntrack_max
54
+ File.read('/proc/sys/net/netfilter/nf_conntrack_max').to_i
55
+ end
56
+
57
+ def nf_conntrack_count
58
+ File.read('/proc/sys/net/netfilter/nf_conntrack_count').to_i
59
+ end
60
+
61
+ def run
62
+ max = nf_conntrack_max
63
+ count = nf_conntrack_count
64
+ percentage = (count.to_f / max.to_f) * 100
65
+
66
+ message "Table is at #{percentage.round(1)}% (#{count}/#{max})"
67
+
68
+ critical if percentage >= config[:critical]
69
+ warning if percentage >= config[:warning]
70
+ ok
71
+ rescue StandardError
72
+ warning "Can't read conntrack information."
73
+ end
74
+ end
@@ -3,7 +3,7 @@
3
3
  module SensuPluginsNetworkChecks
4
4
  module Version
5
5
  MAJOR = 3
6
- MINOR = 0
6
+ MINOR = 1
7
7
  PATCH = 0
8
8
 
9
9
  VER_STRING = [MAJOR, MINOR, PATCH].compact.join('.')
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: sensu-plugins-network-checks
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.0.0
4
+ version: 3.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sensu-Plugins and contributors
@@ -271,7 +271,6 @@ files:
271
271
  - bin/check-mtu.rb
272
272
  - bin/check-multicast-groups.rb
273
273
  - bin/check-netfilter-conntrack.rb
274
- - bin/check-netfilter-conntrack.sh
275
274
  - bin/check-netstat-tcp.rb
276
275
  - bin/check-ping.rb
277
276
  - bin/check-ports-bind.rb
@@ -1,54 +0,0 @@
1
- #!/bin/bash
2
- #
3
- # Check Net Filter Connection Track Table Usage
4
- # ===
5
- #
6
- # DESCRIPTION:
7
- # This plugin provides a method for monitoring the percentage used of the nf_conntrack hash
8
- #
9
- # OUTPUT:
10
- # plain-text
11
- #
12
- # PLATFORMS:
13
- # Linux
14
- #
15
- # DEPENDENCIES:
16
- #
17
- # Copyright 2014 Yieldbot, Inc <devops@yieldbot.com>
18
- #
19
- # Released under the same terms as Sensu (the MIT license); see LICENSE
20
- # for details.
21
-
22
- # CLI Options
23
- while getopts ':w:c:' OPT; do
24
- case $OPT in
25
- w) WARN=$OPTARG;;
26
- c) CRIT=$OPTARG;;
27
- esac
28
- done
29
-
30
- WARN=${WARN:=100}
31
- CRIT=${CRIT:=100}
32
-
33
- # Get the max connections
34
- MAX=$(sysctl net.netfilter.nf_conntrack_max | awk '{ print $3 }')
35
-
36
- # Get the current connections
37
- CURR=$(sysctl net.netfilter.nf_conntrack_count | awk '{ print $3 }')
38
-
39
- # Percent usage of conncetions
40
- PERCENT=$(echo "scale=3; $CURR / $MAX *100" | bc -l | cut -d "." -f1)
41
-
42
- # If percent isnt defined set it to 0
43
- PERCENT=${PERCENT:=0}
44
-
45
- if [[ $PERCENT -ge $CRIT ]] ; then
46
- echo "NETFILTER CONNTRACK CRITICAL - $PERCENT"
47
- exit 2
48
- elif [[ $PERCENT -ge $WARN ]] ; then
49
- echo "NETFILTER CONNTRACK WARNING - $PERCENT"
50
- exit 1
51
- else
52
- echo "NETFILTER CONNTRACK OK - $PERCENT"
53
- exit 0
54
- fi