ports/184361: net-mgmt/nagios-pf-plugin [patch] Allow warn/crit percentages on the command line
Douglas K. Rand
rand at iteris.com
Thu Nov 28 19:50:01 UTC 2013
>Number: 184361
>Category: ports
>Synopsis: net-mgmt/nagios-pf-plugin [patch] Allow warn/crit percentages on the command line
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Thu Nov 28 19:50:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Douglas K. Rand
>Release: FreeBSD 9.2-RELEASE amd64
>Organization:
Iteris, Inc.
>Environment:
System: FreeBSD delta.meridian-enviro.com 9.2-RELEASE FreeBSD 9.2-RELEASE #0 r255898: Thu Sep 26 22:50:31 UTC 2013 root at bake.isc.freebsd.org:/usr/obj/usr/src/sys/GENERIC amd64
>Description:
Most Nagios checks accept either an absolute limit or a percentage
for the warning and critical thresholds. check_pf by default uses
80% and 90% thresholds, but if you wish to alter the thresholds
you must provide absolute thresholds. The attached patch allows
thresholds to be absolute via "50000" or relative via "75%".
>How-To-Repeat:
Try to manage several firewalls with different roles via check_pf.
>Fix:
The attached patch includes all of the existing differences that the
FreeBSD port already applies, including the percentage options.
--- check_pf.c.orig 2007-03-08 00:19:40.000000000 -0600
+++ check_pf.c 2013-11-28 13:28:18.000000000 -0600
@@ -66,16 +66,20 @@
struct pfioc_limit pl;
const char *errstr;
const char *pf_device;
+ char *index;
float percent;
int ch, wflag, cflag, dev;
int states_warning;
int states_critical;
+ int show_perf=0;
+ int default_warn_percent=DEFAULT_WARN_PERCENT;
+ int default_crit_percent=DEFAULT_CRIT_PERCENT;
pf_device = "/dev/pf";
wflag = cflag = 0;
- while ((ch = getopt(argc, argv, "Vhw:c:")) != -1) {
+ while ((ch = getopt(argc, argv, "Vhpw:c:")) != -1) {
switch (ch) {
case 'V':
version();
@@ -84,10 +88,21 @@
case 'h':
help();
break;
+ case 'p':
+ show_perf = 1;
+ break;
case 'w':
- wflag = 1;
- states_warning = strtonum(optarg, 0, ULONG_MAX,
- &errstr);
+ index = strchr(optarg, '%');
+ if(index) {
+ /* Ends in a %, treat as a percentage */
+ *index = '\0';
+ default_warn_percent = strtonum(optarg, 0, 100,
+ &errstr);
+ } else {
+ wflag = 1;
+ states_warning = strtonum(optarg, 0, ULONG_MAX,
+ &errstr);
+ }
if (errstr) {
(void)printf("PF UNKNOWN - -w is %s: %s\n",
errstr, optarg);
@@ -95,9 +110,17 @@
}
break;
case 'c':
- cflag = 1;
- states_critical = strtonum(optarg, 0, ULONG_MAX,
- &errstr);
+ index = strchr(optarg, '%');
+ if(index) {
+ /* Ends in a %, treat as a percentage */
+ *index = '\0';
+ default_crit_percent = strtonum(optarg, 0, 100,
+ &errstr);
+ } else {
+ cflag = 1;
+ states_critical = strtonum(optarg, 0, ULONG_MAX,
+ &errstr);
+ }
if (errstr) {
(void)printf("PF UNKNOWN - -c is %s: %s\n",
errstr, optarg);
@@ -132,10 +155,10 @@
/* default thresholds will be based on the current state limit */
if (!wflag)
- states_warning = pl.limit * DEFAULT_WARN_PERCENT / 100;
+ states_warning = pl.limit * default_warn_percent / 100;
if (!cflag)
- states_critical = pl.limit * DEFAULT_CRIT_PERCENT / 100;
+ states_critical = pl.limit * default_crit_percent / 100;
if (states_warning >= states_critical) {
(void)printf("PF UNKNOWN - <warning> must be less than "
@@ -151,19 +174,34 @@
}
if (ps.states >= states_critical) {
- (void)printf("PF CRITICAL - states: %u (%.1f%% - limit: %u)\n",
+ (void)printf("PF CRITICAL - states: %u (%.1f%% - limit: %u)",
ps.states, percent, pl.limit);
+ if(!show_perf)
+ (void)printf("\n");
+ else
+ (void)printf("|current=%u;%u;%u; percent=%.1f%%; limit=%u;\n",
+ ps.states, states_warning, states_critical, percent, pl.limit);
return (STATE_CRITICAL);
}
if (ps.states >= states_warning) {
- (void)printf("PF WARNING - states: %u (%.1f%% - limit: %u)\n",
+ (void)printf("PF WARNING - states: %u (%.1f%% - limit: %u)",
ps.states, percent, pl.limit);
+ if(!show_perf)
+ (void)printf("\n");
+ else
+ (void)printf("|current=%u;%u;%u; percent=%.1f%%; limit=%u;\n",
+ ps.states, states_warning, states_critical, percent, pl.limit);
return (STATE_WARNING);
}
- (void)printf("PF OK - states: %u (%.1f%% - limit: %u)\n",
+ (void)printf("PF OK - states: %u (%.1f%% - limit: %u)",
ps.states, percent, pl.limit);
+ if(!show_perf)
+ (void)printf("\n");
+ else
+ (void)printf("|current=%u;%u;%u; percent=%.1f%%; limit=%u;\n",
+ ps.states, states_warning, states_critical, percent, pl.limit);
return (STATE_OK);
}
@@ -179,15 +217,21 @@
(void)fprintf(stderr, "Usage: %s [-Vh] [-w number] [-c number]\n",
__progname);
(void)fprintf(stderr, " ");
- (void)fprintf(stderr, "-V - Print the plugin version\n");
+ (void)fprintf(stderr, "-V - Print the plugin version\n");
+ (void)fprintf(stderr, " ");
+ (void)fprintf(stderr, "-h - Print the plugin help\n");
+ (void)fprintf(stderr, " ");
+ (void)fprintf(stderr, "-p - Display additional nagios performance data\n");
+ (void)fprintf(stderr, " ");
+ (void)fprintf(stderr, "-w number - Warning when <number> states\n");
(void)fprintf(stderr, " ");
- (void)fprintf(stderr, "-h - Print the plugin help\n");
+ (void)fprintf(stderr, "-w percent%% - Warning when <percent> of limit"
+ " (default: %u%%)\n", DEFAULT_WARN_PERCENT);
(void)fprintf(stderr, " ");
- (void)fprintf(stderr, "-w number - Warning when <number> states"
- " (default: %u%% of state limit)\n", DEFAULT_WARN_PERCENT);
+ (void)fprintf(stderr, "-c number - Critical when <number> states\n");
(void)fprintf(stderr, " ");
- (void)fprintf(stderr, "-c number - Critical when <number> states"
- " (default: %u%% of state limit)\n", DEFAULT_CRIT_PERCENT);
+ (void)fprintf(stderr, "-c percent%% - Critical when <percent> of limit"
+ " (default: %u%%)\n", DEFAULT_CRIT_PERCENT);
exit(EXIT_FAILURE);
}
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list