packages: nagios-plugin-check_iptables/check_iptables - use -S to list rule...
glen
glen at pld-linux.org
Thu Mar 18 14:23:27 CET 2010
Author: glen Date: Thu Mar 18 13:23:27 2010 GMT
Module: packages Tag: HEAD
---- Log message:
- use -S to list rules (more compact)
- setup sudo rules with exact commandline
---- Files affected:
packages/nagios-plugin-check_iptables:
check_iptables (1.3 -> 1.4)
---- Diffs:
================================================================
Index: packages/nagios-plugin-check_iptables/check_iptables
diff -u packages/nagios-plugin-check_iptables/check_iptables:1.3 packages/nagios-plugin-check_iptables/check_iptables:1.4
--- packages/nagios-plugin-check_iptables/check_iptables:1.3 Thu Mar 18 14:12:07 2010
+++ packages/nagios-plugin-check_iptables/check_iptables Thu Mar 18 14:23:22 2010
@@ -14,6 +14,7 @@
verbose=0
warning=1
critical=1
+setup_sudo=0
print_usage() {
echo "Usage: $PROGNAME -C CHAIN -t TABLE"
@@ -55,7 +56,7 @@
# Lines matching CHECK_IPTABLES added by $0 $* on $(date)
User_Alias CHECK_IPTABLES=nagios
- CHECK_IPTABLES ALL=(root) NOPASSWD: $iptables -n -t $table -L $chain
+ CHECK_IPTABLES ALL=(root) NOPASSWD: $list_iptables
EOF
if visudo -c -f $new; then
@@ -67,7 +68,10 @@
}
list_iptables() {
- $sudo $iptables -n -t $table -L $chain | grep -Fc /
+ # if running as root, skip sudo
+ [ "$(id -u)" != 0 ] || sudo=
+
+ $sudo $list_iptables | grep -c '^-A'
}
while [ $# -gt 0 ]; do
@@ -97,7 +101,7 @@
;;
-S)
- setup_sudoers
+ setup_sudo=1
;;
-C)
@@ -125,11 +129,13 @@
shift
done
-
rc=$STATE_UNKNOWN
-# if running as root, skip sudo
-[ "$(id -u)" != 0 ] || sudo=
+list_iptables="$iptables -t $table -S $chain"
+
+if [ "$setup_sudo" = 1 ]; then
+ setup_sudoers
+fi
count=$(list_iptables)
if [ "$count" -lt "$critical" ]; then
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/nagios-plugin-check_iptables/check_iptables?r1=1.3&r2=1.4&f=u
More information about the pld-cvs-commit
mailing list