Nagios plug-in-firewall logon for session Monitoring
Ssh_firewall_session.sh -- log on to the firewall and execute dis session statistics
Firewall_check_sessions.c -- call the above script to filter out the value of sessioin.
Run:./firewall_check_sessions ssh_firewall_session.sh 192.168.0.1
Vi ssh_firewall_session.sh
#!/usr/bin/expect -f#set port 22set user xxxxxxset host [lindex $argv 0 0]set password xxxxxxset timeout 30expect "*assword:*"send "$password\r"expect "*FW*"send "display session statistics\r"expect "*FW*"send "quit"
Vi firewall_check_sessions.c
#include
#include
#include
#define OK 0#define WARNING 1#define CRITICAL 2#define UNKNOWN 3#define LEN 1000L#define MIN_LEN 32L//#define TCL_CMD "/home/weihu/tcl/"#define TCL_CMD "/usr/local/nagios/libexec/"int exitstatus=OK;char *exit_status[4]={"OK","WARNING","CRITICAL","UNKNOWN"};char status_information[LEN];char performance_data[LEN];//save sessionchar cur_session[MIN_LEN]={0};char tcp_session[MIN_LEN]={0};char half_open[MIN_LEN]={0};char half_close[MIN_LEN]={0};char udp_session[MIN_LEN]={0};char icmp_session[MIN_LEN]={0};char rawip_session[MIN_LEN]={0};int parse_status(char *sh_cmd,char *active_status,char *active_ip_addr) {int ret; FILE *fp; char readbuf[LEN]; char *p,*str;int line=0;int mark1=0;int mark2=0; char tmp1[LEN]; char tmp2[LEN]; char tmp3[LEN]; char tmp4[LEN];//fp=popen("/home/neo/check_log/tcl/auto_ssh.sh","r"); fp=popen(sh_cmd,"r"); if(fp==NULL) { fprintf(stderr,"popen() error. "); exitstatus=CRITICAL; printf("%s: - %s | %s\n",exit_status[exitstatus],status_information,performance_data); exit(exitstatus); } while(fgets(readbuf,LEN,fp)!=NULL) {line++;//printf("line=%d,readbuf=%s",line,readbuf);if(strstr(readbuf,"Current session")) {sscanf(readbuf,"Current session(s):%s",cur_session);//printf("cur_session=%s\n",cur_session);}if(strstr(readbuf,"TCP session")) {sscanf(readbuf," Current TCP session(s): %s",tcp_session);//printf("tcp_session=%s\n",tcp_session);}if(strstr(readbuf,"Half-Open")) {sscanf(readbuf," Half-Open: %s Half-Close: %s",half_open,half_close);//printf("half_open=%s,half_close=%s\n",half_open,half_close);}if(strstr(readbuf,"UDP session")) {sscanf(readbuf," Current UDP session(s): %s",udp_session);//printf("udp_session=%s\n",udp_session);}if(strstr(readbuf,"ICMP session")) {sscanf(readbuf," Current ICMP session(s): %s",icmp_session);//printf("icmp_session=%s\n",icmp_session);}if(strstr(readbuf,"RAWIP session")) {sscanf(readbuf," Current RAWIP session(s): %s",rawip_session);//printf("rawip_session=%s\n",rawip_session);break;}/*if(line==3) {for(p=strtok(readbuf," ");p;p=strtok(NULL," ")) {// str=p;//Sunmark1++;if(mark1==2) {//printf("p=%s\n",p);strcpy(active_status,p);//printf("active_status=%s\n",active_status);}}}if(line==4) {for(p=strtok(readbuf," ");p;p=strtok(NULL," /")) {mark2++;if(mark2==2) {//printf("p=%s\n",p);strcpy(active_ip_addr,p);//printf("active_ip_addr=%s\n",active_ip_addr);}}break;}*/ }//printf("line=%d\n",line); ret=pclose(fp); if(ret==-1) { fprintf(stderr,"popen() error.\n"); return -1; }return 0;}int main(int argc, char *argv[]) { int ret;char sh_cmd[LEN];char active_status[LEN];char active_ip_addr[LEN];if(argc<=1) {printf("%s %s\n",argv[0],"auto_ssh_firewall_dis_session.sh + ip");exit(-1);}sprintf(sh_cmd,"%s%s %s",TCL_CMD,argv[1],argv[2]);//printf("sh_cmd=%s\n",sh_cmd);ret=parse_status(sh_cmd,active_status,active_ip_addr);if(ret!=0) {fprintf(stderr,"parse_status() error.\n");sprintf(status_information,"cur_session=%s, tcp_session=%s, half_open=%s, half_close=%s udp_session=%s icmp_session=%s, rawip_session=%s", cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session);sprintf(performance_data,"cur_session=%s;;;; tcp_session=%s;;;; half_open=%s;;;; half_close=%s;;;; udp_session=%s;;;; icmp_session=%s;;;; rawip_session=%s;;;;", cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session); exitstatus=CRITICAL;printf("%s - %s | %s\n", exit_status[exitstatus], status_information, performance_data);return exitstatus;}/*//printf("active_status=%s\n",active_status);//printf("active_ip_addr=%s\n",active_ip_addr);//if(atoi(ping_avg)<200 && atoi(loss_packet)==0) {if(atoi(ping_avg)<200 && atoi(loss_packet_int)==0) {exitstatus=OK;}//else if(atoi(ping_avg)>=200 && atoi(ping_avg)<500 || atoi(loss_packet)>=10 && atoi(loss_packet)<=50) {else if(atoi(ping_avg)>=200 && atoi(ping_avg)<500 || atoi(loss_packet_int)>=10 && atoi(loss_packet_int)<=50) {exitstatus=WARNING;}//else if(atoi(ping_avg)>=500 || atoi(loss_packet)>50) {else if(atoi(ping_avg)>=500 || atoi(loss_packet_int)>50) {exitstatus=CRITICAL;}else{exitstatus=CRITICAL;}//sprintf(status_information,"rta %s%s, loss %s",ping_avg,ping_unit,loss_packet);sprintf(status_information,"rta %s%s, loss %s%%",ping_avg,ping_unit,loss_packet_int);//sprintf(performance_data,"rta=%s%s;200.000;500.000;0; pl=%s;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;",ping_avg,ping_unit,loss_packet,ping_max,ping_unit,ping_min,ping_unit); sprintf(performance_data,"rta=%s%s;200.000;500.000;0; pl=%s%%;40;80;; rtmax=%s%s;;;; rtmin=%s%s;;;;",ping_avg,ping_unit,loss_packet_int,ping_max,ping_unit,ping_min,ping_unit); //|rta=0.056ms;200.000;500.000;0; pl=0%;40;80;; rtmax=0.084ms;;;; rtmin=0.029ms;;;; if(strstr(argv[1],"80_49")) { printf("%s - 192.20.198.121: %s | %s\n",exit_status[exitstatus],status_information,performance_data);}if(strstr(argv[1],"80_50")) { printf("%s - 192.20.198.181: %s | %s\n",exit_status[exitstatus],status_information,performance_data);} return exitstatus;*/sprintf(status_information,"cur_all_session=%s, tcp_all_session=%s, tcp_half_open=%s, tcp_half_close=%s udp_session=%s icmp_session=%s, rawip_session=%s", cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session);sprintf(performance_data,"cur_all_session=%s;;;; tcp_all_session=%s;;;; tcp_half_open=%s;;;; tcp_half_close=%s;;;; udp_session=%s;;;; icmp_session=%s;;;; rawip_session=%s;;;;", cur_session, tcp_session, half_open, half_close, udp_session, icmp_session, rawip_session); printf("%s - %s | %s\n", exit_status[exitstatus], status_information, performance_data);return exitstatus;}
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
