From 3956f21a14e16be05e6c6773d8ee337e3ba5292a Mon Sep 17 00:00:00 2001
From: Peter Palfrader <peter@palfrader.org>
Date: Wed, 22 Feb 2012 13:02:53 +0100
Subject: [PATCH] dsa-check-soas: support supplying an IP address for
 additional nameservers to check on with -a.

---
 dsa-nagios-checks/checks/dsa-check-soas | 48 ++++++++++++++++++-------
 dsa-nagios-checks/debian/changelog      |  6 ++--
 2 files changed, 40 insertions(+), 14 deletions(-)

diff --git a/dsa-nagios-checks/checks/dsa-check-soas b/dsa-nagios-checks/checks/dsa-check-soas
index 9d05fff..f93c7af 100755
--- a/dsa-nagios-checks/checks/dsa-check-soas
+++ b/dsa-nagios-checks/checks/dsa-check-soas
@@ -1,6 +1,6 @@
 #!/usr/bin/ruby
 
-# Copyright 2006 Peter Palfrader
+# Copyright 2006, 2012 Peter Palfrader
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
@@ -21,6 +21,7 @@
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 
+require 'ipaddr'
 require 'resolv'
 require 'optparse'
 require 'yaml'
@@ -46,33 +47,56 @@ show_help(ARGV.options, 1, STDERR) if ARGV.length == 0
 warnings = []
 oks = []
 
+def resolve_ns(dns, domain, nameserver)
+	puts "Getting A record for nameserver #{nameserver} for #{domain}" if @verbose > 0
+	arecords = dns.getresources(nameserver, Resolv::DNS::Resource::IN::A)
+	warnings << "Nameserver #{nameserver} for #{domain} has #{arecords.length} A records" if arecords.length != 1
+	addresses = arecords.map { |a| a.address.to_s }
+	puts "Addresses for nameserver #{nameserver} for #{domain}: #{addresses.join(', ')}" if @verbose > 0
+	return addresses
+end
+
 dns = Resolv::DNS.new
 ARGV.each{ |domain|
 	serial = []
 	nameservers = dns.getresources(domain, Resolv::DNS::Resource::IN::NS)
 	nameservernames = nameservers.collect{ |ns| ns.name.to_s }
-	nameservernames = nameservernames.concat @additional_nameservers
-	nameservernames.each{ |nameserver|
+	nameserver_addresses = {}
+	nameservernames.each do |nameserver|
+		addrs = resolve_ns(dns, domain, nameserver)
+		warnings << "Duplicate nameserver #{nameserver} for #{domain}" if nameserver_addresses[nameserver]
+		nameserver_addresses[nameserver] = addrs
+	end
+	@additional_nameservers.each do |ns|
+		begin
+			ipa = IPAddr.new(ns)  # check if it's an address
+			addrs = [ns]
+		rescue ArgumentError
+			addrs = resolve_ns(dns, domain, ns)
+		end
+		warnings << "Duplicate nameserver #{ns} for #{domain}" if nameserver_addresses[ns]
+		nameserver_addresses[ns] = addrs
+	end
+
+	nameserver_addresses.each_pair do |nameserver, addrs|
 		puts "Testing nameserver #{nameserver} for #{domain}" if @verbose > 0
-		arecords = dns.getresources(nameserver, Resolv::DNS::Resource::IN::A)
-		warnings << "Nameserver #{nameserver} for #{domain} has #{arecords.length} A records" if arecords.length != 1
-		arecords.each{ |a|
-			puts " Nameserver #{nameserver} is at #{a.address}" if @verbose > 0
+		addrs.each do |a|
+			puts " Nameserver #{nameserver} is at #{a}" if @verbose > 0
 			begin
-				resolver = Resolv::DNS.new({:nameserver => a.address.to_s})
+				resolver = Resolv::DNS.new({:nameserver => a})
 				soas = resolver.getresources(domain, Resolv::DNS::Resource::IN::SOA)
 			rescue SystemCallError => e
 				warnings << "Could not resolve #{domain} on #{nameserver}: #{e.message}"
 			else
 				resolver.close
 				warnings << "Nameserver #{nameserver} for #{domain} returns #{soas.length} SOAs" if soas.length != 1
-				soas.each{ |soa|
+				soas.each do |soa|
 					puts " Nameserver #{nameserver} returns serial #{soa.serial} for #{domain}" if @verbose > 0
 					serial << soa.serial unless serial.include? soa.serial
-				}
+				end
 			end
-		}
-	}
+		end
+	end
 	case serial.length
 		when 0
 			warnings << "Found no serials for #{domain}"
diff --git a/dsa-nagios-checks/debian/changelog b/dsa-nagios-checks/debian/changelog
index f8df9f7..55f7b42 100644
--- a/dsa-nagios-checks/debian/changelog
+++ b/dsa-nagios-checks/debian/changelog
@@ -8,12 +8,14 @@ dsa-nagios-checks (9X) Xnstable; urgency=low
   * dsa-nagios-checks: add perfdata (Alexander Reichle-Schmehl).
   * dsa-check-statusfile: change shebang from ruby to python and fix syntax
     errors.
+  * dsa-check-soas: support supplying an IP address for additional nameservers
+    to check on with -a.
 
-  [ Tollef Fog Heen ]  
+  [ Tollef Fog Heen ]
   * Make the unowned files check skip /proc.
   * Limit the number of unowned files we register in the state file to 40.
 
- -- Peter Palfrader <weasel@debian.org>  Wed, 08 Feb 2012 15:36:05 +0100
+ -- Peter Palfrader <weasel@debian.org>  Wed, 22 Feb 2012 13:01:59 +0100
 
 dsa-nagios-checks (90) unstable; urgency=low
 
-- 
2.20.1