From 1e2387474a449452b78520b9ad96a8b4b5e99722 Mon Sep 17 00:00:00 2001
From: Harald Pfeiffer <coding@lirion.de>
Date: Wed, 17 Apr 2019 19:07:19 +0200
Subject: initial commit of source fetch
---
.../check_etc_hosts/Makefile | 5 +
.../check_etc_hosts/check_etc_hosts | 249 +++++++++++++++++++++
.../check_etc_hosts/control | 8 +
.../check_etc_hosts/copyright | 14 ++
.../check_etc_hosts/tests | 3 +
5 files changed, 279 insertions(+)
create mode 100644 nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/Makefile
create mode 100755 nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/check_etc_hosts
create mode 100644 nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/control
create mode 100644 nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/copyright
create mode 100644 nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/tests
(limited to 'nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts')
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/Makefile b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/Makefile
new file mode 100644
index 0000000..05be571
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/Makefile
@@ -0,0 +1,5 @@
+#/usr/bin/make -f
+
+PLUGIN = check_etc_hosts
+
+include ../common.mk
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/check_etc_hosts b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/check_etc_hosts
new file mode 100755
index 0000000..e804131
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/check_etc_hosts
@@ -0,0 +1,249 @@
+#!/usr/bin/perl -w
+#
+# Author: Petter Reinholdtsen <pere@hungry.com>
+# Date: 2002-07-08
+#
+# Check /etc/hosts, and make sure the content matches the information
+# in DNS. Lookup IP, and check if the names listed in /etc/hosts
+# maches the one in DNS. It will ignore entries with '# NAGIOSIGNORE'
+# at the end.
+
+use vars qw($use_perl_resolver $debug $returnvalue $nagiosmsg);
+
+$debug = 0;
+$returnvalue = 0; # all ok
+$nagiosmsg = "";
+
+# Report missing reverse lookup. This will ignore CNAME entries
+# pointing to the IP address, and report error in these cases.
+$use_reverse = 0;
+
+# Report missing forward-lookup. This will complain on private
+# network IP addresses using the same name as a DNS entry.
+$use_forward = 1;
+
+eval 'use Net::DNS;';
+if ($@) {
+ print "Using /etc/hosts\n" if $debug;
+ $use_perl_resolver = 0;
+} else {
+ print "Using Net::DNS\n" if $debug;
+ $use_perl_resolver = 1;
+}
+
+$host = '/usr/bin/host';
+
+# Look up ip address, and return ($error status, @DNS names, @DNS addresses)
+sub dns_lookup_ext {
+ local $address = shift;
+
+ # Stupid Tru64 Unix give me two copies of the error messages from
+ # host. Throw away one of them.
+ close(STDERR);
+
+ print "Looking up $address using $host\n" if $debug;
+
+ my @names = ();
+ my @addresses = ();
+
+ my $lookup = "";
+ # Some versions need -i to make sure it uses reverse DNS lookup,
+ # and not /etc/hosts.
+ # This option will confuse 'host' on Irix and HP/UX, and make the
+ # program loop forever. Avoiding it for now [pere 2002-08-06]
+ for $options ("") {
+ open(HOST, "$host $options $address 2>&1 |")
+ || die "Unable to execute host";
+ while (<HOST>) {
+ $lookup .= $_;
+ chomp;
+ print "host: $_\n" if $debug;
+
+ push(@names, lc($1)) if (/^Name: (.+)$/);
+ push(@names, lc($1)) if (/^Aliases: (.+)$/);
+
+ # 10.6.240.129.in-addr.arpa PTR perleporten.uio.no
+ push(@names, lc($1)) if (/\s+PTR\s+(.+)$/);
+
+ # spheniscus.uio.no has address 129.240.148.19
+ if (/^\S+ has address (\S+)$/) {
+ print "Match addr $1\n" if $debug;
+ push(@addresses, lc($1))
+ }
+
+ # 10.6.240.129.IN-ADDR.ARPA domain name pointer perleporten.uio.no
+ if (/IN-ADDR.ARPA domain name pointer\s+(.+)$/) {
+ print "Match name $1\n" if $debug;
+ push(@names, lc($1))
+ }
+
+ push(@addresses, $1) if (/^Address: (.+)$/);
+ push(@addresses, $1) if (/\s+A\s+(\d+.+)$/)
+ }
+ close(HOST);
+ if ($lookup =~ /Usage: /) {
+ # Probably unknown parameter, try again without -i
+ $lookup = "";
+ } else {
+ last;
+ }
+ }
+ return ("no/bad reply from DNS server", undef, undef)
+ if ($lookup !~ /domain name pointer/
+ && $lookup !~ /\shas address\s/
+ && $lookup !~ /\sPTR\s/
+ && $lookup !~ /Name:/);
+
+ if ( $address =~ m/^\d+\.\d+\.\d+\.\d+/
+ && ! grep /$address/, @addresses ) {
+ print "Adding $address to list of addresses\n" if $debug;
+ unshift(@addresses, $address) ;
+ }
+
+ return (undef, \@names, \@addresses);
+}
+
+sub dns_lookup_int {
+ my $address = shift;
+
+ print "Looking up $address using Net::DNS\n" if $debug;
+
+ my @names = ();
+ my @addresses = ();
+
+ my $res = new Net::DNS::Resolver;
+ my $query;
+ if ($address =~ m/\d+\.\d+\.\d+\.\d+/) {
+ $query = $res->query($address);
+ } else {
+ $query = $res->search($address);
+ }
+ if ($query) {
+ foreach $rr ($query->answer) {
+ print "Type: $rr->type\n" if $debug;
+ if ($rr->type eq "A") {
+ print $rr->address, " - A\n" if $debug;
+ push(@addresses, $rr->address);
+ }
+ if ($rr->type eq "CNAME") {
+ print $rr->cname, " - CNAME\n" if $debug;
+ push(@addresses, $rr->cname);
+ }
+ if ($rr->type eq "PTR") {
+ print $rr->ptrdname, " - PTR\n" if $debug;
+ push(@names, lc($rr->ptrdname));
+ }
+ }
+ return (undef, \@names, \@addresses);
+ }
+ else {
+ print "query failed: ", $res->errorstring, "\n" if $debug;
+ return ($res->errorstring, (), ());
+ }
+}
+
+sub dns_lookup {
+ my $entry = shift;
+
+ if ($use_perl_resolver) {
+ return dns_lookup_int($entry);
+ } else {
+ return dns_lookup_ext($entry);
+ }
+}
+
+sub error {
+ local ($level, $error) = @_;
+
+ $returnvalue = 1 if ($level =~ /^W$/ && $returnvalue <= 1);
+ $returnvalue = 2 if ($level =~ /^C$/);
+
+ $nagiosmsg = $nagiosmsg . "<br>" unless ($nagiosmsg =~ /^$/);
+ $nagiosmsg = $nagiosmsg . "$error";
+}
+
+sub is_ip_private {
+ my $ip = shift;
+
+ return 1 if ($ip =~ m/^10\./);
+ return 1 if ($ip =~ m/^192\.168\./);
+
+ return 0;
+}
+
+sub is_names_ip_matching {
+ local ($ip, @names) = @_;
+
+ my $level = "W";
+
+ # Ignore IPv6 addresses for now.
+ return if ($ip =~ m/:/);
+
+ # Ignore private network
+ return if (is_ip_private($ip));
+
+ my $name;
+ for $name (sort @names) {
+ if ($use_reverse) {
+ # Check reverse
+ my ($retval, $revnames) = dns_lookup($ip);
+
+ return if ( $retval ); # Ignore unknown IP addresses
+
+ if ( ! $retval && ! grep /$name/, @{$revnames} ) {
+ error $level, "Incorrect /etc/hosts for $ip: ".
+ "$name not in reverse DNS list";
+ }
+ }
+
+ if ($use_forward) {
+ # Check forward
+ my ($retval, $revnames, $forwip);
+
+ ($retval, $revnames) = dns_lookup($ip);
+ ($retval, undef, $forwip) = dns_lookup($name);
+
+ print "Forward DNS $name/$ip: ", join(" ", @{$forwip}), "\n"
+ if $debug;
+
+ # Ignore entry if both IP and hostname fail to resolve in DNS
+ return if ( ! defined $revnames && ! defined $forwip );
+
+ if ( ! grep /$ip/, @{$forwip} ) {
+ error $level, "Incorrect /etc/hosts for $ip: ".
+ "IP not in forward DNS list for '$name'";
+ }
+ }
+ }
+}
+
+sub check_etc_hosts {
+ open(HOSTS, "< /etc/hosts") || die "Unable to open /etc/hosts";
+ while (<HOSTS>) {
+ chomp;
+ next if (/# NAGIOSIGNORE$/); # Skip lines marked to be ignored
+ s/\#.+//; # Skip comments
+ next if (/^\s*$/); # Skip empty lines
+
+ print "Testing $_\n" if $debug;
+
+ $_ = lc($_);
+
+ local ($ip, @names) = split(/\s+/);
+
+ # Skip localhost, it is different on some platforms.
+ next if ($ip eq '127.0.0.1');
+
+ is_names_ip_matching($ip, @names);
+ }
+ close(HOSTS);
+}
+
+check_etc_hosts() if ( -f "/etc/hosts" );
+
+if ($nagiosmsg =~ /^$/) {
+ print "/etc/hosts OK\n";
+} else {
+ print $nagiosmsg . "\n";
+}
+exit $returnvalue;
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/control b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/control
new file mode 100644
index 0000000..313dffc
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/control
@@ -0,0 +1,8 @@
+Uploaders: Petter Reinholdtsen <pere@hungry.com>
+Description: plugin to check /etc/hosts for DNS consistency
+ Check /etc/hosts, and make sure the content matches the information
+ in DNS. Lookup IP, and check if the names listed in /etc/hosts
+ maches the one in DNS. It will ignore entries with '# NAGIOSIGNORE'
+ at the end.
+Recommends: libnet-dns-perl
+Version: ?
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/copyright b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/copyright
new file mode 100644
index 0000000..49c53a6
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/copyright
@@ -0,0 +1,14 @@
+Copyright (C) 2002 Petter Reinholdtsen <pere@hungry.com>
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2 of the License, or (at
+your option) any later version.
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program; if not, see <http://www.gnu.org/licenses/>.
diff --git a/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/tests b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/tests
new file mode 100644
index 0000000..026679d
--- /dev/null
+++ b/nagios-plugins-contrib-24.20190301~bpo9+1/check_etc_hosts/tests
@@ -0,0 +1,3 @@
+Depends: libnet-dns-perl
+Test-Command: echo "127.0.0.1 localhost" > /etc/hosts && /usr/lib/nagios/plugins/check_etc_hosts
+Restrictions: needs-root, breaks-testbed
--
cgit v1.2.3