X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=dsa-nagios-checks%2Fchecks%2Fdsa-check-zone-rrsig-expiration;h=8ea5d51fde6aaae67a3d2e2e0f3f9172cd5ad8de;hb=f295d1e8f6e63e63cac4802dff5087e8a699790e;hp=02fd72b2554f4f0f9db89388a05e8f7b87f263a1;hpb=4e06d92c68c598f7089bccd546d2abc250d68990;p=mirror%2Fdsa-nagios.git diff --git a/dsa-nagios-checks/checks/dsa-check-zone-rrsig-expiration b/dsa-nagios-checks/checks/dsa-check-zone-rrsig-expiration index 02fd72b..8ea5d51 100755 --- a/dsa-nagios-checks/checks/dsa-check-zone-rrsig-expiration +++ b/dsa-nagios-checks/checks/dsa-check-zone-rrsig-expiration @@ -41,6 +41,8 @@ # Copyright (c) 2010 Peter Palfrader # - various fixes and cleanups # - do more than one zone +# Copyright (c) 2012 Peter Palfrader +# - add -s option to configure udp packet size. default changed from 4k to 1k # usage @@ -76,8 +78,21 @@ use Time::HiRes qw ( gettimeofday tv_interval); use Time::Local; use List::Util qw ( shuffle ); -my %opts = (t=>30); -getopts('hdt:', \%opts); +sub convert_time { + my $in = shift; + my ($ticks, $unit) = ($in =~ /^(\d+)([smhdw]?)$/); + + if ($unit eq 's' || $unit eq '') { } + elsif ($unit eq 'm') { $ticks *= 60; } + elsif ($unit eq 'h') { $ticks *= 60*60; } + elsif ($unit eq 'd') { $ticks *= 60*60*24; } + elsif ($unit eq 'w') { $ticks *= 60*60*24*7; } + else { die "Invalid unit '$unit' in '$in'\n" } + return $ticks; +} + +my %opts = (t=>30, s=>1024); +getopts('hdt:c:w:s:', \%opts); usage() unless scalar @ARGV == 1; usage() if $opts{h}; my $zone = $ARGV[0]; @@ -85,8 +100,11 @@ my $zone = $ARGV[0]; my $data; my $start; my $stop; -my $CRIT_DAYS = 3; -my $WARN_DAYS = 7; +my $CRIT = 3 * 3600*24; +my $WARN = 7 * 3600*24; + +$CRIT = convert_time($opts{c}) if defined $opts{c}; +$WARN = convert_time($opts{w}) if defined $opts{w}; my @refs = qw ( a.root-servers.net @@ -120,7 +138,7 @@ sub do_recursion { print STDERR "sending query for $zone RRSIG to $ns\n" if $opts{d}; $res->nameserver($ns); $res->udp_timeout($opts{t}); - $res->udppacketsize(4096); + $res->udppacketsize($opts{s}); $pkt = $res->send($zone, 'RRSIG'); last if $pkt; } @@ -195,15 +213,15 @@ sub do_analyze { } } critical("$min_ns has expired RRSIGs") if ($min_exp < $NOW); - if ($min_exp - $NOW < ($CRIT_DAYS*86400)) { + if ($min_exp - $NOW < ($CRIT)) { my $ND = sprintf "%3.1f days", ($min_exp-$NOW)/86400; critical("$min_type RRSIG expires in $ND at $min_ns") } - if ($min_exp - $NOW < ($WARN_DAYS*86400)) { + if ($min_exp - $NOW < ($WARN)) { my $ND = sprintf "%3.1f days", ($min_exp-$NOW)/86400; warning("$min_type RRSIG expires in $ND at $min_ns") } - success("No RRSIGs expiring in the next $WARN_DAYS days"); + success(sprintf("No RRSIGs expiring in the next %3.1f days", $WARN/86400)); } sub sigrr_exp_epoch { @@ -253,7 +271,7 @@ sub output { } sub usage { - print STDERR "usage: $0 [-d] [-t=] \n"; + print STDERR "usage: $0 [-d] [-w=] [-c=] [-t=] \n"; exit 3; } @@ -265,7 +283,7 @@ sub send_query { $res->nameserver($server) if $server; $res->udp_timeout($opts{t}); $res->retry(2); - $res->udppacketsize(4096); + $res->udppacketsize($opts{s}); my $pkt = $res->send($qname, $qtype); unless ($pkt) { $res->usevc(1);