summaryrefslogtreecommitdiff
path: root/nagios-check-soas
blob: b702f954ee80eb517a11f01d110e2a218bce1382 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#!/usr/bin/ruby

require 'resolv'
require 'optparse'
require 'yaml'

NAGIOS_STATUS = { :OK => 0, :WARNING => 1, :CRITICAL => 2, :UNKNOWN => -1 };
@verbose = 0;
@additional_nameservers = []

def show_help(parser, code=0, io=STDOUT)
  program_name = File.basename($0, '.*')
  io.puts "Usage: #{program_name} [options] <domainname>"
  io.puts parser.summarize
  exit(code)
end
ARGV.options do |opts|
        opts.on_tail("-h", "--help" , "Display this help screen")                { show_help(opts) }
        opts.on("-v", "--verbose"   , String, "Be verbose")                      { @verbose += 1 }
        opts.on("-a", "--add=HOST"  , String, "Also check SOA on <nameserver>")  { |val| @additional_nameservers << val }
        opts.parse!
end
show_help(ARGV.options, 1, STDERR) if ARGV.length == 0

warnings = []
oks = []

dns = Resolv::DNS.new
ARGV.each{ |domain|
	serial = []
	nameservers = dns.getresources(domain, Resolv::DNS::Resource::IN::NS)
	nameservernames = nameservers.collect{ |ns| ns.name.to_s }
	nameservernames = nameservernames.concat @additional_nameservers
	nameservernames.each{ |nameserver|
		puts "Testing nameserver #{nameserver} for #{domain}" if @verbose > 0
		arecords = dns.getresources(nameserver, Resolv::DNS::Resource::IN::A)
		warnings << "Nameserver #{nameserver} for #{domain} has #{arecords.length} A records" if arecords.length != 1
		arecords.each{ |a|
			puts " Nameserver #{nameserver} is at #{a.address}" if @verbose > 0
			resolver = Resolv::DNS.new({:nameserver => a.address.to_s})
			begin
				soas = resolver.getresources(domain, Resolv::DNS::Resource::IN::SOA)
			rescue SystemCallError => e
				warnings << "Could not resolve #{domain} on #{nameserver}: #{e.message}"
			else
				warnings << "Nameserver #{nameserver} for #{domain} returns #{soas.length} SOAs" if soas.length != 1
				soas.each{ |soa|
					puts " Nameserver #{nameserver} returns serial #{soa.serial} for #{domain}" if @verbose > 0
					serial << soa.serial unless serial.include? soa.serial
				}
			end
			resolver.close
		}
	}
	case serial.length
		when 0
			warnings << "Found no serials for #{domain}"
		when 1
			oks << "#{domain} is at #{serial.first}"
		else
			warnings << "Nameservers disagree on serials for #{domain}: found #{serial.join(', ')}" if serial.length != 1
	end
}
dns.close

if warnings.length > 0
	puts warnings.join('; ')
	exit NAGIOS_STATUS[:WARNING]
else
	puts oks.join('; ')
	exit NAGIOS_STATUS[:OK]
end