diff --git a/net-mgmt/Makefile b/net-mgmt/Makefile index f1f2b6ad8c0b..2be872d2b243 100644 --- a/net-mgmt/Makefile +++ b/net-mgmt/Makefile @@ -130,6 +130,7 @@ SUBDIR += nagios-check_puppet SUBDIR += nagios-check_smartmon SUBDIR += nagios-check_tftp + SUBDIR += nagios-pf-plugin SUBDIR += nagios-geom SUBDIR += nagios-openldap-plugins SUBDIR += nagios-plugins diff --git a/net-mgmt/nagios-pf-plugin/Makefile b/net-mgmt/nagios-pf-plugin/Makefile new file mode 100644 index 000000000000..78bc92a29308 --- /dev/null +++ b/net-mgmt/nagios-pf-plugin/Makefile @@ -0,0 +1,26 @@ +# Created by: Kian Mohageri +# $FreeBSD$ + +PORTNAME= nagios-pf-plugin +PORTVERSION= 0.1 +PORTREVISION= 2 +CATEGORIES= net-mgmt +DISTNAME= check_pf-${PORTVERSION} + +MAINTAINER= rand@iteris.com +COMMENT= Nagios plugin for checking PF + +USE_GITHUB= yes +GH_ACCOUNT= kian +GH_PROJECT= nagios-pf-plugin +GH_TAGNAME= ${GH_COMMIT} +GH_COMMIT= 2aba423 + +PLIST_FILES= libexec/nagios/check_pf +PLIST_DIRS= libexec/nagios/ +SUB_FILES= pkg-message + +pre-su-install: + @${MKDIR} ${STAGEDIR}${PREFIX}/libexec/nagios + +.include diff --git a/net-mgmt/nagios-pf-plugin/distinfo b/net-mgmt/nagios-pf-plugin/distinfo new file mode 100644 index 000000000000..b56faaf24d81 --- /dev/null +++ b/net-mgmt/nagios-pf-plugin/distinfo @@ -0,0 +1,2 @@ +SHA256 (check_pf-0.1.tar.gz) = 5a6a5a2cdfed35bf1f07a8a49b139a7e423fb6cc06403aabc1fc1609c5d8782d +SIZE (check_pf-0.1.tar.gz) = 3145 diff --git a/net-mgmt/nagios-pf-plugin/files/patch-Makefile b/net-mgmt/nagios-pf-plugin/files/patch-Makefile new file mode 100644 index 000000000000..c97439ec12fa --- /dev/null +++ b/net-mgmt/nagios-pf-plugin/files/patch-Makefile @@ -0,0 +1,11 @@ +--- Makefile.old 2014-04-06 14:08:46.000000000 -0500 ++++ Makefile 2014-04-06 14:08:47.000000000 -0500 +@@ -14,7 +14,7 @@ + $(CC) $(CFLAGS) -o $(PROGRAM) $(PROGRAM).c + + install: +- install -m 755 -o root -g wheel $(PROGRAM) $(DESTDIR)/$(PROGRAM) ++ install -m 755 -o root -g wheel $(PROGRAM) $(DESTDIR)/$(PREFIX)/libexec/nagios + + uninstall: + rm -f $(DESTDIR)/$(PROGRAM) diff --git a/net-mgmt/nagios-pf-plugin/files/patch-check_pf.c b/net-mgmt/nagios-pf-plugin/files/patch-check_pf.c new file mode 100644 index 000000000000..b9fc67aa8f21 --- /dev/null +++ b/net-mgmt/nagios-pf-plugin/files/patch-check_pf.c @@ -0,0 +1,64 @@ +--- check_pf.c.orig 2014-04-05 18:32:50.000000000 -0500 ++++ check_pf.c 2014-04-05 18:44:27.000000000 -0500 +@@ -65,10 +65,13 @@ + const char *errstr; + const char *pf_device; + const char *msg; ++ char *pctindex; + float percent; + int ch, wflag, cflag, dev; + int states_warning; + int states_critical; ++ int default_warn_percent=DEFAULT_WARN_PERCENT; ++ int default_crit_percent=DEFAULT_CRIT_PERCENT; + int ret; + + pf_device = "/dev/pf"; +@@ -85,16 +88,30 @@ + help(); + break; + case 'w': +- wflag = 1; +- states_warning = strtonum(optarg, 0, UINT_MAX, &errstr); ++ pctindex = strchr(optarg, '%'); ++ if(pctindex) { ++ /* Ends in a %, treat as a percentage */ ++ *pctindex = '\0'; ++ default_warn_percent = strtonum(optarg, 0, 100, &errstr); ++ } else { ++ wflag = 1; ++ states_warning = strtonum(optarg, 0, UINT_MAX, &errstr); ++ } + if (errstr) { + printf("PF UNKNOWN - -w is %s: %s\n", errstr, optarg); + return (STATE_UNKNOWN); + } + break; + case 'c': +- cflag = 1; +- states_critical = strtonum(optarg, 0, UINT_MAX, &errstr); ++ pctindex = strchr(optarg, '%'); ++ if(pctindex) { ++ /* Ends in a %, treat as a percentage */ ++ *pctindex = '\0'; ++ default_crit_percent = strtonum(optarg, 0, 100, &errstr); ++ } else { ++ cflag = 1; ++ states_critical = strtonum(optarg, 0, UINT_MAX, &errstr); ++ } + if (errstr) { + printf("PF UNKNOWN - -c is %s: %s\n", errstr, optarg); + return (STATE_UNKNOWN); +@@ -128,10 +145,10 @@ + + /* default thresholds will be based on the current state limit */ + if (!wflag) +- states_warning = pl.limit * DEFAULT_WARN_PERCENT / 100; ++ states_warning = pl.limit * default_warn_percent / 100; + + if (!cflag) +- states_critical = pl.limit * DEFAULT_CRIT_PERCENT / 100; ++ states_critical = pl.limit * default_crit_percent / 100; + + if (states_warning >= states_critical) { + printf("PF UNKNOWN - must be less than \n"); diff --git a/net-mgmt/nagios-pf-plugin/files/pkg-message.in b/net-mgmt/nagios-pf-plugin/files/pkg-message.in new file mode 100644 index 000000000000..423ff1af6260 --- /dev/null +++ b/net-mgmt/nagios-pf-plugin/files/pkg-message.in @@ -0,0 +1,21 @@ + +check_pf has been installed to %%PREFIX%%/libexec/nagios. + +check_pf needs read permission to the pf(4) pseudo-device, i.e. /dev/pf. + +Assuming check_pf will be run by user `nagios', the following will work: + + # chmod 640 /dev/pf + # chgrp nagios /dev/pf + +To make sure the change persists across reboots, add the following +to /etc/devfs.conf: + + # nrpe2/nagios needs to be able to read statistics + own pf root:nagios + perm pf 0640 + +Please refer to the online documentation for additional information. + +https://github.com/kian/nagios-pf-plugin/ + diff --git a/net-mgmt/nagios-pf-plugin/pkg-descr b/net-mgmt/nagios-pf-plugin/pkg-descr new file mode 100644 index 000000000000..15fa4015f96a --- /dev/null +++ b/net-mgmt/nagios-pf-plugin/pkg-descr @@ -0,0 +1,6 @@ +check_pf is a plugin intended for use with the Nagios network +monitoring system. This plugin checks the status of PF, the OpenBSD +packet filter, and compares the current state count to given or default +thresholds, returning the result. It is written in C. + +WWW: https://github.com/kian/nagios-pf-plugin/