2019-04-09 15:53:45 +02:00
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
STATE=0
|
|
|
|
MAIN_CONNECTION_PINGABLE_IP="31.170.8.95"
|
|
|
|
MAIN_CONNECTION_GATEWAY="IP"
|
|
|
|
MAIN_CONNECTION_IP="IP"
|
|
|
|
SECOND_CONNECTION_PINGABLE_IP="31.170.8.243"
|
2022-09-01 14:44:40 +02:00
|
|
|
INFO_MAIN_CONNECTION="IP - Description - interface"
|
|
|
|
INFO_SECOND_CONNECTION="IP - Description - interface"
|
2019-04-09 15:53:45 +02:00
|
|
|
CURRENT_GATEWAY=$(/usr/bin/netstat -nr | /usr/bin/grep "default" | /usr/bin/awk '{print $2}')
|
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
IS_GATEWAY_IN_FILE=1 # Check whether /etc/mygate has the IP of main connection
|
|
|
|
IS_VPN_USING_MAIN_CONNECTION=1 # Check whether ipsecctl use the main connection
|
|
|
|
IS_PF_USING_MAIN_CONNECTION=1 # Check whether PacketFilter has route-to using the main connection
|
|
|
|
IS_MISCELLANEOUS=1 # Check miscellaneous things
|
|
|
|
CHECK_CARP=0 # No check if host is backup
|
2019-04-09 15:53:45 +02:00
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
# No check if host is backup
|
2019-04-09 15:53:45 +02:00
|
|
|
if [ "${CHECK_CARP}" = 1 ]; then
|
|
|
|
CARP_STATUS=$(/sbin/ifconfig carp0 | /usr/bin/grep "status" | /usr/bin/awk '{print $2}')
|
|
|
|
if [ "$CARP_STATUS" = "backup" ]; then
|
|
|
|
echo "No check, I'm a backup"
|
|
|
|
exit 0
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
# If main connection is UP but not used => critical and continue
|
|
|
|
# If main connection is DOWN (used or not) => warning and exit
|
2022-06-16 17:25:52 +02:00
|
|
|
if /sbin/ping -c1 -w1 ${MAIN_CONNECTION_PINGABLE_IP} >/dev/null 2>&1; then
|
2019-04-09 15:53:45 +02:00
|
|
|
if [ "${CURRENT_GATEWAY}" != "${MAIN_CONNECTION_GATEWAY}" ]; then
|
2022-09-01 14:44:40 +02:00
|
|
|
echo "Main connection is UP (${INFO_MAIN_CONNECTION}) but not used as gateway !"
|
2019-04-09 15:53:45 +02:00
|
|
|
STATE=2
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
echo "Main connection (${INFO_MAIN_CONNECTION}) is down"
|
2019-07-15 17:48:51 +02:00
|
|
|
STATE=1
|
2019-04-09 15:53:45 +02:00
|
|
|
IS_GATEWAY_IN_FILE=0
|
|
|
|
IS_VPN_USING_MAIN_CONNECTION=0
|
|
|
|
IS_PF_USING_MAIN_CONNECTION=0
|
2019-07-15 17:48:51 +02:00
|
|
|
IS_MISCELLANEOUS=0
|
2019-04-09 15:53:45 +02:00
|
|
|
fi
|
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
# If second connection is DOWN => critical and continue
|
2022-06-16 17:25:52 +02:00
|
|
|
if ! /sbin/ping -c1 -w1 ${SECOND_CONNECTION_PINGABLE_IP} >/dev/null 2>&1; then
|
2019-04-09 15:53:45 +02:00
|
|
|
echo "Second connection (${INFO_SECOND_CONNECTION}) is down"
|
|
|
|
STATE=2
|
|
|
|
fi
|
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
# Check whether /etc/mygate has the IP of main connection
|
2019-04-09 15:53:45 +02:00
|
|
|
if [ "${IS_GATEWAY_IN_FILE}" = 1 ]; then
|
2022-06-16 17:25:52 +02:00
|
|
|
if ! /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}" /etc/mygate; then
|
2019-04-09 15:53:45 +02:00
|
|
|
echo "Main connection is not set in /etc/mygate"
|
|
|
|
STATE=2
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
# Check whether ipsecctl use the main connection
|
2019-04-09 15:53:45 +02:00
|
|
|
if [ "${IS_VPN_USING_MAIN_CONNECTION}" = 1 ]; then
|
2022-06-16 17:25:52 +02:00
|
|
|
if ! /sbin/ipsecctl -sa | /usr/bin/grep -q "${MAIN_CONNECTION_IP}"; then
|
2019-04-09 15:53:45 +02:00
|
|
|
echo "VPN is not using the main connection !"
|
|
|
|
STATE=2
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
# Check whether PacketFilter has route-to using the main connection
|
2019-04-09 15:53:45 +02:00
|
|
|
if [ "${IS_PF_USING_MAIN_CONNECTION}" = 1 ]; then
|
2022-06-16 17:25:52 +02:00
|
|
|
if ! /sbin/pfctl -sr | /usr/bin/grep "route-to" | /usr/bin/grep -q "${MAIN_CONNECTION_GATEWAY}"; then
|
2019-04-09 15:53:45 +02:00
|
|
|
echo "PF is not using the main connection !"
|
|
|
|
STATE=2
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2019-07-15 17:48:51 +02:00
|
|
|
# Check miscellaneous things
|
|
|
|
if [ "${IS_MISCELLANEOUS}" = 1 ]; then
|
|
|
|
echo
|
|
|
|
fi
|
|
|
|
|
2019-04-09 15:53:45 +02:00
|
|
|
if [ "${STATE}" = 0 ]; then
|
2022-09-01 14:44:40 +02:00
|
|
|
echo "OK - Main connection is UP and used (${INFO_MAIN_CONNECTION}), second connection is UP (${INFO_SECOND_CONNECTION})"
|
2019-04-09 15:53:45 +02:00
|
|
|
fi
|
|
|
|
|
|
|
|
exit ${STATE}
|