UNKNOWN=3
CLAM_LIB_DIR=/var/lib/clamav
NUMERICAL_REGEX='^[0-9]+$'
+WARN_THRESHOLD=1
+CRIT_THRESHOLD=2
#
# Output version.
Options:
-p, --path <path> path to ClamAV lib directory, if not $CLAM_LIB_DIR
+ -w, --warning <number> number of revisions sigs can be out of date (warning)
+ -c, --critical <number> number of revisions sigs can be out of date (critical)
-V, --version output version
-h, --help output help information
-p|--path) CLAM_LIB_DIR=$1; shift ;;
-V|--version) version; exit ;;
-h|--help) help; exit ;;
+ -w|--warning) WARN_THRESHOLD=$1; shift ;;
+ -c|--critical) CRIT_THRESHOLD=$1; shift ;;
*)
echo "UNKNOWN: Unrecognised argument: $ARG"
usage >&2
esac
done
+if ! [[ $WARN_THRESHOLD =~ $NUMERICAL_REGEX ]]; then
+ echo "UNKNOWN: Warning threshold must be numeric!"
+ exit $UNKNOWN
+fi
+if ! [[ $CRIT_THRESHOLD =~ $NUMERICAL_REGEX ]]; then
+ echo "UNKNOWN: Critical threshold must be numeric!"
+ exit $UNKNOWN
+fi
+
#
# Showtime.
#
DAILY_VERSION_DELTA=$((CURRENT_DAILY_VERSION-INSTALLED_DAILY_VERSION))
MAIN_VERSION_DELTA=$((CURRENT_MAIN_VERSION-INSTALLED_MAIN_VERSION))
-if [ $DAILY_VERSION_DELTA -gt 0 -o $MAIN_VERSION_DELTA -gt 0 ]; then
+if [ $DAILY_VERSION_DELTA -gt $CRIT_THRESHOLD -o $MAIN_VERSION_DELTA -gt $CRIT_THRESHOLD ]; then
echo "CRITICAL: Signatures expired;" \
"daily version: ${INSTALLED_DAILY_VERSION} (${DAILY_VERSION_DELTA} behind)," \
"main version: ${INSTALLED_MAIN_VERSION} (${MAIN_VERSION_DELTA} behind)"
exit $CRITICAL
+elif [ $DAILY_VERSION_DELTA -gt $WARN_THRESHOLD -o $MAIN_VERSION_DELTA -gt $WARN_THRESHOLD ]; then
+ echo "WARNING: Signatures expired;" \
+ "daily version: ${INSTALLED_DAILY_VERSION} (${DAILY_VERSION_DELTA} behind)," \
+ "main version: ${INSTALLED_MAIN_VERSION} (${MAIN_VERSION_DELTA} behind)"
+ exit $WARNING
fi
echo "OK: Signatures up to date;"\