icinga2-checks/check_dns_over_https.sh

80 lines
2.3 KiB
Bash
Raw Normal View History

2023-06-21 17:57:46 -06:00
#!/bin/bash
# Default values
server_domain="cloudflare-dns.com"
port="443"
resolve_domain=""
warning_level=900
critical_level=1000
# Parse flag arguments
while getopts ":d:p:r:w:c:" opt; do
case $opt in
d)
server_domain="$OPTARG"
;;
p)
port="$OPTARG"
;;
r)
resolve_domain="$OPTARG"
;;
w)
warning_level="$OPTARG"
;;
c)
critical_level="$OPTARG"
;;
\?)
echo "Invalid option: -$OPTARG" >&2
exit 1
;;
:)
echo "Option -$OPTARG requires an argument." >&2
exit 1
;;
esac
done
# Check if the -r flag is provided
if [ -z "$resolve_domain" ]; then
echo "The -r flag is required. Please provide a domain to resolve." >&2
exit 1
fi
# Perform DNS-over-HTTPS check and measure the time taken
start_time=$(date +%s%N)
response=$(curl -s -o /dev/null -w "%{http_code}" "https://$server_domain:$port/dns-query?ct=application/dns-json&name=$resolve_domain&type=A")
end_time=$(date +%s%N)
time_taken=$(((end_time - start_time) / 1000000))
if [ "$response" == "200" ]; then
echo "OK - successfully resolved $resolve_domain using DoH on $server_domain:$port in $time_taken ms | response_time=${time_taken}ms"
exit 0
else
echo "CRITICAL - failed to resolve $resolve_domain using DoH on $server_domain:$port "
exit 2
fi
start_time=$(date +%s%N)
response=$(curl -s -o /dev/null -w "%{http_code}" "https://$server_domain:$port/dns-query?ct=application/dns-json&name=$resolve_domain&type=A")
end_time=$(date +%s%N)
response_time=$(( (end_time - start_time) / 1000000 ))
perfdata="response_time=${response_time}ms;${warning_level};${critical_level};0;"
# Check response time against warning and critical levels
if [ -n "$critical_level" ] && [ "$time_taken" -ge "$critical_level" ]; then
echo "CRITICAL - $server_domain:$port response time is high: $time_taken ms | $perfdata"
exit 2
elif [ -n "$warning_level" ] && [ "$time_taken" -ge "$warning_level" ]; then
echo "WARNING - $server_domain:$port response time is high: $time_taken ms | $perfdata"
exit 1
elif [ "$response" == "200" ]; then
echo "OK - successfully resolved $resolve_domain using DoH on $server_domain:$port in $time_taken ms | response_time=${time_taken}ms"
exit 0
else
echo "CRITICAL - $server_domain:$port is not responding"
exit 3
fi