Commit 298efab9 authored by Benjamin Renard's avatar Benjamin Renard

Initial version

parents
# Icinga/Nagios plugin to check nsupdate on bind server
This plugin permit to check nsupdate on bind server.
- **Author :** Benjamin Renard <brenard@easter-eggs.com>
- **Initial release date :** Tue, 16 Aug 2016 17:34:10 +0200
- **Source :** https://gitlab.easter-eggs.com/brenard/check_nsupdate
### Usage
```
Usage : check_nsupdate -z zone.tld [-R] [-s server] [-r record] [-k key.private] [-d]
-z zone DNS zone to check
-R Reverse mode
-s server Optionnal : bind server address/FQDN (Default : 127.0.0.1)
-r record Optionnal : DNS record to use for check
(Default in forward mode : __check_nsupdate__)
In reverse mode, you must provide full reverse record to use using
-r parameter
-k key.private Optionnal : Key to use for authentification to bind server
-d Debug mode
```
### License
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License version 2
as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#!/bin/bash
#
# Icinga/Nagios plugin to check nsupdate on bind server.
#
# Author : Benjamin Renard <brenard@easter-eggs.com>
# Date : Tue, 16 Aug 2016 17:34:10 +0200
# Source : https://gitlab.easter-eggs.com/brenard/check_nsupdate
#
DEFAULT_RECORD_FORWARD="__check_nsupdate__"
DEFAULT_SRV="127.0.0.1"
function usage() {
echo "Usage : $0 -z zone.tld [-R] [-s server] [-r record] [-k key.private] [-d]"
echo " -z zone DNS zone to check"
echo " -R Reverse mode"
echo " -s server Optionnal : bind server address/FQDN (Default : $DEFAULT_SRV)"
echo " -r record Optionnal : DNS record to use for check"
echo " (Default in forward mode : $DEFAULT_RECORD_FORWARD)"
echo " In reverse mode, you must provide full reverse record to use using"
echo " -r parameter"
echo " -k key.private Optionnal : Key to use for authentification to bind server"
echo " -d Debug mode"
}
DEBUG=0
ZONE=""
SRV="$DEFAULT_SRV"
RECORD=""
KEY=""
REVERSE=0
while getopts ":z:s:r:k:Rhd" opt
do
case "$opt" in
d)
DEBUG=1
;;
z)
ZONE="$OPTARG"
;;
s)
SRV="$OPTARG"
;;
r)
RECORD="$OPTARG"
;;
k)
KEY="$OPTARG"
;;
R)
REVERSE=1
;;
h)
usage
exit 0
;;
*)
echo "UNKNOWN : Unknown parameter '$opt'"
usage
exit 3
;;
esac
done
[ -z "$ZONE" ] && echo "UNKNOWN : You must provide DNS zone" && usage && exit 3
if [ -z "$RECORD" ]
then
if [ $REVERSE -eq 0 ]
then
RECORD=$DEFAULT_RECORD_FORWARD
else
echo "UNKNOWN : In reverse mode, you must provide full reverse record to use using -r parameter."
usage
exit 3
fi
fi
function debug() {
[ $DEBUG -eq 1 ] && echo -e "$@"
}
TMP=$( mktemp )
LOG=$( mktemp )
debug "Use temporary file $TMP"
debug "Use log file $LOG"
VALUE="${RECORD}-$( date +%s )"
debug "Temporary TXT value : '$VALUE'"
if [ $REVERSE -eq 0 ]
then
RECORD="${RECORD}.${ZONE}."
else
RECORD="${RECORD}."
fi
echo "server $SRV
zone $ZONE
update delete ${RECORD} TXT
update add ${RECORD} 180 TXT $VALUE
show
send" > $TMP
debug "Test file :\n$( cat $TMP )"
KEY_ARG=""
[ -n "$KEY" ] && KEY_ARG="-k '$KEY'"
nsupdate $KEY_ARG -v $TMP > $LOG 2>&1
RES=$( cat $LOG )
RET=$?
debug "nsupdate result :\n$RES"
[ $RET -ne 0 ] && echo -e "CRITICAL : nsupdate command return $RET\n\n$RES" && exit 2
HOST_VALUE=$( host -t TXT $RECORD $SRV|grep 'descriptive text'|head -n1|sed 's/^.* descriptive text "\([^"]*\)"$/\1/' )
debug "Host value : $HOST_VALUE"
debug "Clean ..."
echo "server $SRV
zone $ZONE
update delete ${RECORD} TXT
show
send" > $TMP
nsupdate $KEY_ARG -v $TMP > $LOG 2>&1
RES=$( cat $LOG )
RET=$?
debug "Clean result (return $RET) :\n$RES"
debug "Remove temporary file $TMP"
rm -f "$TMP"
if [ "$HOST_VALUE" == "$VALUE" ]
then
echo "OK - nsupdate check success"
exit 0
else
echo "CRITICAL - nsupdate change done but resolved value differ to put value"
echo "Put value : $VALUE"
echo "Resolved value : $HOST_VALUE"
exit 2
fi
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment