modify check_wireguard, add initial check_openwrt_bssid
This commit is contained in:
parent
468e17cea5
commit
5da60a5415
|
@ -1,185 +0,0 @@
|
||||||
#!/usr/bin/env bash
|
|
||||||
|
|
||||||
# Define the usage message
|
|
||||||
usage() {
|
|
||||||
echo "Usage: $0 -u <url> [-w <warning>] [-c <critical>] [-C <contains>] [-L] [-I] [-H <headers>] [-p] [-R] [-s]"
|
|
||||||
echo "[Arguments]:
|
|
||||||
-u Specify the URL to check (required).
|
|
||||||
-w Set the warn level for response time (default: 1 second).
|
|
||||||
-c Set the critical level for response time (default: 2 seconds).
|
|
||||||
-C If the body does not contain this string, return CRITICAL.
|
|
||||||
-L Follow redirects.
|
|
||||||
-I Insecure mode (--insecure).
|
|
||||||
-H Specify headers. Formatted like \"Header1: value,Header2: value\"
|
|
||||||
-p Print the curl command and exit
|
|
||||||
-R Set curl --resolve option.
|
|
||||||
-s Ignore the response status code."
|
|
||||||
exit 3
|
|
||||||
}
|
|
||||||
|
|
||||||
# Parse the command-line arguments
|
|
||||||
while getopts "u:w:c:C:H:R:LhIps" opt; do
|
|
||||||
case $opt in
|
|
||||||
u)
|
|
||||||
URL=$OPTARG
|
|
||||||
;;
|
|
||||||
w)
|
|
||||||
WARNING_LEVEL=$OPTARG
|
|
||||||
;;
|
|
||||||
c)
|
|
||||||
CRITICAL_LEVEL=$OPTARG
|
|
||||||
;;
|
|
||||||
L)
|
|
||||||
FOLLOW_REDIRECTS="-L"
|
|
||||||
;;
|
|
||||||
C)
|
|
||||||
CONTAINS=$OPTARG
|
|
||||||
;;
|
|
||||||
I)
|
|
||||||
INSECURE="--insecure"
|
|
||||||
;;
|
|
||||||
H)
|
|
||||||
HEADERS=$OPTARG
|
|
||||||
;;
|
|
||||||
p)
|
|
||||||
PRINT_ONLY=true
|
|
||||||
;;
|
|
||||||
R)
|
|
||||||
RESOLVE="--resolve $OPTARG"
|
|
||||||
;;
|
|
||||||
s)
|
|
||||||
IGNORE_STATUS_CODE=true
|
|
||||||
;;
|
|
||||||
h)
|
|
||||||
usage
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
usage
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
WARNING_LEVEL=${WARNING_LEVEL:-1}
|
|
||||||
CRITICAL_LEVEL=${CRITICAL_LEVEL:-2}
|
|
||||||
#FOLLOW_REDIRECTS=${FOLLOW_REDIRECTS:-""}
|
|
||||||
PRINT_ONLY=${PRINT_ONLY:-false}
|
|
||||||
IGNORE_STATUS_CODE=${IGNORE_STATUS_CODE:-false}
|
|
||||||
|
|
||||||
if [ -z "$URL" ]; then
|
|
||||||
usage
|
|
||||||
fi
|
|
||||||
|
|
||||||
HEADER_ARGS=""
|
|
||||||
IFS=',' read -ra values <<<"$HEADERS"
|
|
||||||
for value in "${values[@]}"; do
|
|
||||||
HEADER_ARGS+=' -H "'$value'" '
|
|
||||||
done
|
|
||||||
|
|
||||||
TMP_ERROR_LOG=$(mktemp)
|
|
||||||
TMP_RESPONSE=$(mktemp)
|
|
||||||
|
|
||||||
if $PRINT_ONLY; then
|
|
||||||
printf "%s" "curl --output \"$TMP_RESPONSE\" -s -w \"%{http_code}\n%{time_total}\" $(echo "${HEADER_ARGS[@]}" | tr -s ' ') $FOLLOW_REDIRECTS $INSECURE $RESOLVE $URL\n"
|
|
||||||
exit 3
|
|
||||||
fi
|
|
||||||
|
|
||||||
RESPONSE=$(curl --output "$TMP_RESPONSE" -w "%{http_code}\n%{time_total}" $(echo "${HEADER_ARGS[@]}" | tr -s ' ') $FOLLOW_REDIRECTS $INSECURE $RESOLVE $URL 2>"$TMP_ERROR_LOG")
|
|
||||||
|
|
||||||
# shellcheck disable=SC2181
|
|
||||||
status=$?
|
|
||||||
if [ $status -ne 0 ]; then
|
|
||||||
case $status in
|
|
||||||
1)
|
|
||||||
msg="CRITICAL: Unsupported protocol"
|
|
||||||
;;
|
|
||||||
3)
|
|
||||||
msg="CRITICAL: Malformed URL $URL"
|
|
||||||
;;
|
|
||||||
# 5)
|
|
||||||
# msg="CRITICAL: Could not resolve proxy $proxy"
|
|
||||||
# ;;
|
|
||||||
6)
|
|
||||||
msg="CRITICAL: Could not resolve host $URL"
|
|
||||||
;;
|
|
||||||
7)
|
|
||||||
msg="CRITICAL: Could not connect to host (7)"
|
|
||||||
;;
|
|
||||||
22)
|
|
||||||
msg="CRITICAL: Server returned http code >= 400"
|
|
||||||
;;
|
|
||||||
52)
|
|
||||||
msg="CRITICAL: Server returned empty response (52)"
|
|
||||||
;;
|
|
||||||
56)
|
|
||||||
msg="CRITICAL: Failure recieving network data (56)"
|
|
||||||
;;
|
|
||||||
60)
|
|
||||||
msg="CRITICAL: SSL/TLS connection problem (60)"
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "UNKNOWN: $status - $URL"
|
|
||||||
exit 3
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
echo -e "$msg"
|
|
||||||
# echo "Error log:"
|
|
||||||
# cat "$TMP_ERROR_LOG"
|
|
||||||
rm -rf "$TMP_ERROR_LOG"
|
|
||||||
exit 2
|
|
||||||
fi
|
|
||||||
rm -rf "$TMP_ERROR_LOG"
|
|
||||||
|
|
||||||
RESPONSE_CODE=$(echo "$RESPONSE" | head -n 1)
|
|
||||||
RESPONSE_TIME=$(printf "%.3f" $(echo "$RESPONSE" | tail -n 1))
|
|
||||||
|
|
||||||
OUTPUT_MSG=""
|
|
||||||
OUTPUT_CODE=0
|
|
||||||
|
|
||||||
if ([ $RESPONSE_CODE -eq 200 ] || $IGNORE_STATUS_CODE) && [ "$(echo "$RESPONSE_TIME < $CRITICAL_LEVEL" | bc -l)" -eq 1 ]; then
|
|
||||||
OUTPUT_MSG="OK: ${RESPONSE_TIME}s - $URL"
|
|
||||||
OUTPUT_CODE=0
|
|
||||||
elif ([ $RESPONSE_CODE -eq 200 ] || $IGNORE_STATUS_CODE) && [ "$(echo "$RESPONSE_TIME < $WARNING_LEVEL" | bc -l)" -eq 1 ]; then
|
|
||||||
OUTPUT_MSG="WARNING: response time is slow ($RESPONSE_TIME seconds)."
|
|
||||||
OUTPUT_CODE=1
|
|
||||||
elif ([ $RESPONSE_CODE -eq 200 ] || $IGNORE_STATUS_CODE); then
|
|
||||||
OUTPUT_MSG"CRITICAL: response time is very slow ($RESPONSE_TIME seconds)."
|
|
||||||
OUTPUT_CODE=2
|
|
||||||
else
|
|
||||||
OUTPUT_MSG="CRITICAL: website did not return 200, response was $RESPONSE_CODE code."
|
|
||||||
OUTPUT_CODE=2
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ -n ${CONTAINS+x} ]]; then
|
|
||||||
if ! grep -q "$CONTAINS" "$TMP_RESPONSE"; then
|
|
||||||
OUTPUT_MSG+="\nCRITICAL: response did not contain required string!\nFound: $(cat "$TMP_RESPONSE")"
|
|
||||||
OUTPUT_CODE=2
|
|
||||||
# else
|
|
||||||
# OUTPUT_MSG+="\nOK: response contained required string."
|
|
||||||
fi
|
|
||||||
fi
|
|
||||||
rm -rf "$TMP_RESPONSE"
|
|
||||||
|
|
||||||
if $IGNORE_STATUS_CODE && [[ $RESPONSE_CODE -ne 200 ]]; then
|
|
||||||
OUTPUT_MSG+="\nResponse code was $RESPONSE_CODE."
|
|
||||||
fi
|
|
||||||
|
|
||||||
OUTPUT_MSG+=" | response_time=${RESPONSE_TIME}s;$WARNING_LEVEL;$CRITICAL_LEVEL;0"
|
|
||||||
|
|
||||||
case $OUTPUT_CODE in
|
|
||||||
#0)
|
|
||||||
# echo "OK: $URL"
|
|
||||||
# ;;
|
|
||||||
1)
|
|
||||||
echo "WARNING: $URL"
|
|
||||||
;;
|
|
||||||
2)
|
|
||||||
echo "CRITICAL: $URL"
|
|
||||||
;;
|
|
||||||
3)
|
|
||||||
echo "UNKNOWN: $URL"
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
|
|
||||||
echo -e "$OUTPUT_MSG"
|
|
||||||
exit $OUTPUT_CODE
|
|
|
@ -0,0 +1,28 @@
|
||||||
|
import paramiko
|
||||||
|
|
||||||
|
|
||||||
|
def check_bssid():
|
||||||
|
hostname = 'hostname'
|
||||||
|
username = 'username'
|
||||||
|
password = 'password'
|
||||||
|
specific_bssid = 'specific_bssid'
|
||||||
|
|
||||||
|
command = 'iw wlan0 scan | grep BSS'
|
||||||
|
|
||||||
|
ssh = paramiko.SSHClient()
|
||||||
|
ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
||||||
|
ssh.connect(hostname, username=username, password=password)
|
||||||
|
|
||||||
|
stdin, stdout, stderr = ssh.exec_command(command)
|
||||||
|
output = stdout.readlines()
|
||||||
|
|
||||||
|
for line in output:
|
||||||
|
if specific_bssid in line:
|
||||||
|
print(f'BSSID {specific_bssid} is present.')
|
||||||
|
return True
|
||||||
|
|
||||||
|
print(f'BSSID {specific_bssid} is not present.')
|
||||||
|
return False
|
||||||
|
|
||||||
|
|
||||||
|
check_bssid()
|
|
@ -61,18 +61,18 @@ if ! command -v wg-quick &>/dev/null; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
function cleanup {
|
function cleanup {
|
||||||
wg-quick down $WG_INTERFACE >/dev/null 2>&1
|
wg-quick down "$WG_INTERFACE" >/dev/null 2>&1
|
||||||
}
|
}
|
||||||
trap cleanup EXIT
|
trap cleanup EXIT
|
||||||
|
|
||||||
# Try to establish a connection
|
# Try to establish a connection
|
||||||
WG_UP_OUTPUT=$(wg-quick up $WG_INTERFACE 2>&1)
|
WG_UP_OUTPUT=$(wg-quick up "$WG_INTERFACE" 2>&1)
|
||||||
|
|
||||||
# Check if the connection was successful
|
# Check if the connection was successful
|
||||||
WG_STATUS=$(wg show)
|
WG_STATUS=$(wg show)
|
||||||
|
|
||||||
if [ -z "$WG_STATUS" ]; then
|
if [ -z "$WG_STATUS" ]; then
|
||||||
wg-quick down $WG_INTERFACE >/dev/null 2>&1 # be extra careful
|
wg-quick down "$WG_INTERFACE" >/dev/null 2>&1 # be extra careful
|
||||||
echo "CRITICAL - Unable to establish a connection to the Wireguard server. Output from wg-quick up:"
|
echo "CRITICAL - Unable to establish a connection to the Wireguard server. Output from wg-quick up:"
|
||||||
echo "$WG_UP_OUTPUT"
|
echo "$WG_UP_OUTPUT"
|
||||||
exit 2
|
exit 2
|
||||||
|
@ -102,7 +102,7 @@ ELAPSED_TIME=$(echo "scale=2; $ELAPSED_TIME/1000000000" | bc)
|
||||||
ELAPSED_TIME=$(printf "%0.2f" $ELAPSED_TIME)
|
ELAPSED_TIME=$(printf "%0.2f" $ELAPSED_TIME)
|
||||||
|
|
||||||
# Count peers
|
# Count peers
|
||||||
PEER_COUNT=$(wg show $WG_INTERFACE peers | wc -l)
|
PEER_COUNT=$(wg show "$WG_INTERFACE" peers | wc -l)
|
||||||
|
|
||||||
# Check if elapsed time exceeds warning or critical levels
|
# Check if elapsed time exceeds warning or critical levels
|
||||||
if (($(echo "$ELAPSED_TIME > $CRITICAL_LEVEL" | bc -l))); then
|
if (($(echo "$ELAPSED_TIME > $CRITICAL_LEVEL" | bc -l))); then
|
||||||
|
@ -114,7 +114,7 @@ elif (($(echo "$ELAPSED_TIME > $WARNING_LEVEL" | bc -l))); then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Close connection
|
# Close connection
|
||||||
wg-quick down $WG_INTERFACE >/dev/null 2>&1
|
wg-quick down "$WG_INTERFACE" >/dev/null 2>&1
|
||||||
|
|
||||||
# Output metrics
|
# Output metrics
|
||||||
echo "OK - connection to the Wireguard server was established | time=${ELAPSED_TIME}s;${WARNING_LEVEL};${CRITICAL_LEVEL};0;${CRITICAL_LEVEL} peers=${PEER_COUNT};;0;"
|
echo "OK - connection to the Wireguard server was established | time=${ELAPSED_TIME}s;${WARNING_LEVEL};${CRITICAL_LEVEL};0;${CRITICAL_LEVEL} peers=${PEER_COUNT};;0;"
|
||||||
|
|
Loading…
Reference in New Issue