Import from forums:

http://support.nagios.com/forum/viewtopic.php?t=25290#86977

When the value returned is 0, the warning and critical arguments are ignored and the status is OK.

For these tests, the value of "1" is OK.

Here's when the returned value is 1:

check_snmp -H 10.25.4.1 -C public -o iso.3.6.1.4.1.4526.11.1.2.1.5.5.0 -w 1
SNMP OK - 1 | SNMPv2-SMI::enterprises.4526.11.1.2.1.5.5.0=1;1;; 

or

check_snmp -H 10.25.4.1 -C public -o iso.3.6.1.4.1.4526.11.1.2.1.5.5.0 -c 1
SNMP OK - 1 | SNMPv2-SMI::enterprises.4526.11.1.2.1.5.5.0=1;;1; 

It has a an OK state which is what I want.

Here's when the returned value is 2:

check_snmp -H 10.25.4.1 -C public -o iso.3.6.1.4.1.4526.11.1.2.1.5.4.0 -w 1
SNMP WARNING - *2* | SNMPv2-SMI::enterprises.4526.11.1.2.1.5.4.0=2;1;; 

or

check_snmp -H 10.25.4.1 -C public -o iso.3.6.1.4.1.4526.11.1.2.1.5.4.0 -c 1
SNMP CRITICAL - *2* | SNMPv2-SMI::enterprises.4526.11.1.2.1.5.4.0=2;;1; 

And it is returning the correct warning or critical state which is what I want.

Here's when the returned value is 0:

check_snmp -H 10.25.4.1 -C public -o iso.3.6.1.4.1.4526.11.1.2.1.6.2.0 -w 1
SNMP OK - 0 | SNMPv2-SMI::enterprises.4526.11.1.2.1.6.2.0=0;1;; 

or

check_snmp -H 10.25.4.1 -C public -o iso.3.6.1.4.1.4526.11.1.2.1.6.2.0 -c 1
SNMP OK - 0 | SNMPv2-SMI::enterprises.4526.11.1.2.1.6.2.0=0;;1; 

This time it's returning an OK status when it should be returning a warning or critical status.

Not the first time this has been requested.

Hi,
My network device is up and can ping it from nagios server, but check_icmp can not !!!

• nagios server and device are in the same network!
• permission of files are ok.
• I am using latest version of check_icmp

Why?!

here is my output:

monitoring# ping 172.16.11.9

PING 172.16.11.9 (172.16.11.9) 56(84) bytes of data.
64 bytes from 172.16.11.9: icmp_req=1 ttl=255 time=13.5 ms
64 bytes from 172.16.11.9: icmp_req=2 ttl=255 time=13.6 ms
64 bytes from 172.16.11.9: icmp_req=3 ttl=255 time=13.6 ms
64 bytes from 172.16.11.9: icmp_req=4 ttl=255 time=13.5 ms
64 bytes from 172.16.11.9: icmp_req=5 ttl=255 time=13.5 ms
^C
 172.16.11.9 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4003ms
rtt min/avg/max/mdev = 13.564/13.598/13.623/0.106 ms

monitoring:~# check_icmp -v 172.16.11.9

ttl set to 64
Setting alarm timeout to 10 seconds
packets: 5, targets: 1
target_interval: 0.000, pkt_interval 80.000
crit.rta: 500.000
max_completion_time: 3400.000
crit = {500000, 80%}, warn = {200000, 40%}
pkt_interval: 80000  target_interval: 0  retry_interval: 0
icmp_pkt_size: 76  timeout: 10
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
time_passed: 422628  final_wait: 2977372  max_completion_time: 3400000
Waiting for 2977372 micro-seconds (2977.372 msecs)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
handle_random_icmp(0x7fff7df2cd60, 0x7fff7df2ccc0)
icmp_sent: 5  icmp_recv: 0  icmp_lost: 0
targets: 1  targets_alive: 1
CRITICAL - 
172.16.11.9: rta nan, lost 100%|
rta=0.000ms;200.000;500.000;0; pl=100%;40;80;; rtmax=0.000ms;;;; rtmin=0.000ms;;;; 
targets: 1, targets_alive: 0, hosts_ok: 0, hosts_warn: 0, min_hosts_alive: -1

check_http return no perfadata when the host is down. This breaks pnp4nagios graphs, showing the last known latency.
A reported latency of 0 when the host is down would suffice

|| is not supported on all perl versions, "or" is suggested instead. There was a previous issue here:
https://github.com/evgeni/monitoring-plugins/commit/c576d7af0b062f783bb1a1c36f985245e25d4734
The effected code is: bc4113f

MP Reference: monitoring-plugins/monitoring-plugins#1246

Import from the forums (user: rajasegar):
http://support.nagios.com/forum/viewtopic.php?f=16&t=27526
Text of Post below:

AIX 6.1
Nagios plugins 2.0.1

Can you please advice what are the environment variables to set to compile in AIX?
Seem to get some conflict errors during make

ld: 0711-224 WARNING: Duplicate symbol: .bcopy
ld: 0711-224 WARNING: Duplicate symbol: .memmove
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information.
ld: 0711-224 WARNING: Duplicate symbol: .bcopy
ld: 0711-224 WARNING: Duplicate symbol: .memmove
ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information.
gcc -DLOCALEDIR=\"/usr/local/nagios/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I.. -I../lib -I../gl -I../intl -I/usr/include/ldap -I/usr/include -D_THREAD_SAFE -DNP_VERSION='"2.0.1"' -g -O2 -MT check_ssh.o -MD -MP -MF .deps/check_ssh.Tpo -c -o check_ssh.o check_ssh.c
mv -f .deps/check_ssh.Tpo .deps/check_ssh.Po
/bin/sh ../libtool --tag=CC --mode=link gcc -DNP_VERSION='"2.0.1"' -g -O2 -L. -o check_ssh check_ssh.o libnpcommon.a ../lib/libnagiosplug.a ../gl/libgnu.a -lnsl -lpthread -ldl
libtool: link: gcc -DNP_VERSION=\"2.0.1\" -g -O2 -o check_ssh check_ssh.o -L. libnpcommon.a ../lib/libnagiosplug.a ../gl/libgnu.a -lnsl -lpthread -ldl
gcc -DLOCALEDIR=\"/usr/local/nagios/share/locale\" -DHAVE_CONFIG_H -I. -I.. -I.. -I../lib -I../gl -I../intl -I/usr/include/ldap -I/usr/include -D_THREAD_SAFE -DNP_VERSION='"2.0.1"' -g -O2 -MT check_tcp.o -MD -MP -MF .deps/check_tcp.Tpo -c -o check_tcp.o check_tcp.c
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:512:12: error: conflicting types for 'fgetpos64'
extern int fgetpos64(FILE *, fpos64_t *);
^
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:311:12: note: previous declaration of 'fgetpos64' was here
extern int fgetpos(FILE *__restrict__, fpos_t *__restrict__);
^
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:515:12: error: conflicting types for 'fseeko64'
extern int fseeko64(FILE *, off64_t, int);
^
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:455:12: note: previous declaration of 'fseeko64' was here
extern int fseeko(FILE *, off_t, int);
^
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:516:12: error: conflicting types for 'fsetpos64'
extern int fsetpos64(FILE *, const fpos64_t *);
^
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:313:12: note: previous declaration of 'fsetpos64' was here
extern int fsetpos(FILE *, const fpos_t *);
^
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:517:16: error: conflicting types for 'ftello64'
extern off64_t ftello64(FILE *);
^
In file included from ../gl/stdio.h:43:0,
from common.h:40,
from check_tcp.c:37:
/opt/freeware/lib/gcc/powerpc-ibm-aix6.1.0.0/4.8.2/include-fixed/stdio.h:456:14: note: previous declaration of 'ftello64' was here
extern off_t ftello(FILE *);
^
In file included from ../gl/unistd.h:27:0,
from common.h:51,
from check_tcp.c:37:
/usr/include/unistd.h:171:16: error: conflicting types for 'lseek64'
extern off64_t lseek64(int, off64_t, int);
^
/usr/include/unistd.h:169:14: note: previous declaration of 'lseek64' was here
extern off_t lseek(int, off_t, int);
^
In file included from /usr/include/unistd.h:746:0,
from ../gl/unistd.h:27,
from common.h:51,
from check_tcp.c:37:
/usr/include/sys/lockf.h:64:13: error: conflicting types for 'lockf64'
extern int lockf64 (int, int, off64_t);
^
/usr/include/sys/lockf.h:62:13: note: previous declaration of 'lockf64' was here
extern int lockf (int, int, off_t);
^
In file included from ../gl/unistd.h:27:0,
from common.h:51,
from check_tcp.c:37:
/usr/include/unistd.h:809:14: error: conflicting types for 'ftruncate64'
extern int ftruncate64(int, off64_t);
^
In file included from ../gl/unistd.h:27:0,
from common.h:51,
from check_tcp.c:37:
/usr/include/unistd.h:807:14: note: previous declaration of 'ftruncate64' was here
extern int ftruncate(int, off_t);
^
In file included from ../gl/unistd.h:27:0,
from common.h:51,
from check_tcp.c:37:
/usr/include/unistd.h:845:14: error: conflicting types for 'truncate64'
extern int truncate64(const char *, off64_t);
^
In file included from ../gl/unistd.h:27:0,
from common.h:51,
from check_tcp.c:37:
/usr/include/unistd.h:843:14: note: previous declaration of 'truncate64' was here
extern int truncate(const char *, off_t);
^
In file included from ../gl/unistd.h:27:0,
from common.h:51,
from check_tcp.c:37:
/usr/include/unistd.h:862:18: error: conflicting types for 'pread64'
extern ssize_t pread64(int, void *, size_t, off64_t);
^
/usr/include/unistd.h:859:18: note: previous declaration of 'pread64' was here
extern ssize_t pread(int, void *, size_t, off_t);
^
/usr/include/unistd.h:863:18: error: conflicting types for 'pwrite64'
extern ssize_t pwrite64(int, const void *, size_t, off64_t);
^
/usr/include/unistd.h:860:18: note: previous declaration of 'pwrite64' was here
extern ssize_t pwrite(int, const void *, size_t, off_t);
^
/usr/include/unistd.h:942:17: error: conflicting types for 'fclear64'
extern off64_t fclear64(int, off64_t);
^
/usr/include/unistd.h:939:15: note: previous declaration of 'fclear64' was here
extern off_t fclear(int, off_t);
^
/usr/include/unistd.h:943:13: error: conflicting types for 'fsync_range64'
extern int fsync_range64(int, int, off64_t, off64_t);
^
/usr/include/unistd.h:940:13: note: previous declaration of 'fsync_range64' was here
extern int fsync_range(int, int, off_t, off_t);
^
make: 1254-004 The error code from the last command is 1.


Stop.
make: 1254-004 The error code from the last command is 1.


Stop.
make: 1254-004 The error code from the last command is 2.


Stop.
bash-4.2#

I have installed all the required gcc libraries
-rw------- 1 nagios nagios 18087017 Jan 09 10:42 gcc-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 6571520 Jan 09 10:41 gcc-c++-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 5866258 Jan 09 10:42 gcc-cpp-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 9934241 Jan 09 10:42 gcc-gfortran-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 1518681 Jan 09 10:54 gmp-5.1.3-1.aix5.1.ppc.rpm
-rw------- 1 nagios nagios 186807 Jan 09 10:53 gmp-devel-5.1.3-1.aix5.1.ppc.rpm
-rw------- 1 nagios nagios 886300 Jan 09 10:42 libgcc-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 517814 Jan 09 10:42 libgomp-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 414917 Jan 09 10:53 libmpc-1.0.1-2.aix5.1.ppc.rpm
-rw------- 1 nagios nagios 30653 Jan 09 10:53 libmpc-devel-1.0.1-2.aix5.1.ppc.rpm
-rw------- 1 nagios nagios 10022361 Jan 09 10:42 libstdc++-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 2667103 Jan 09 10:42 libstdc++-devel-4.8.2-1.aix6.1.ppc.rpm
-rw------- 1 nagios nagios 801716 Jan 09 10:53 mpfr-3.1.2-1.aix5.1.ppc.rpm
-rw------- 1 nagios nagios 68407 Jan 09 10:53 mpfr-devel-3.1.2-1.aix5.1.ppc.rpm

Thanks

When i compile plugins

./configure --with-nagios-user=nagios --with-nagios-group=nagios --with-openssl=/usr/bin/openssl --enable-perl-modules --enable-libtap

I have follow error:

/usr/local/src/nagios4/nagios-plugins-2.0.3/plugins/sslutils.c:65: undefined reference to `SSLv2_client_method'

OpenSSL version OpenSSL 1.0.1j 15 Oct 2014 Ubuntu.

When warning and critical thresholds are supplied on command line, they are working correctly regarding plugin's exit status and output, but their value is not included in perfdata.

Is it possible to add them if they are both set?

Per dermoth from M-P tracker #1224
I can't tell yet if it's the case or not, but the -n/--nagios switch has to go.

I say we deprecate this switch and make it the default .We can keep the --nagios for one release with a deprecation warning, and the next one the missing switch could cause the plugin to default to UNKNOWN instead of OK. Old default behavior will have to be implemented as another switch based on what it does.

Replace strcmp with strncmp where applicable.

Import from MP:
monitoring-plugins/monitoring-plugins#1191

With check_http 1.4.16 and 2.0.3, I find, that sometimes my "content checks" fail. I invoke the tool like so:

check_http -I 192.168.213.108 -H www.ariseprogram.org -s "footerContent" --sni

The check fails. When I add

a "-v" to the check_http invocation, I find that the text indeed is "broken"; check_http uses the following as the text:

            <div class="footerCo
305
ntent cfx">

And that of course doesn't match. See https://github.com/alexs77/misc/blob/master/Bugreports/nagios-plugins/check_http.txt#L417-L419 for the full output of this check_http run.

My webserver at 192.168.213.108 however does NOT generate the text in this broken way. See https://github.com/alexs77/misc/blob/master/Bugreports/nagios-plugins/192.168.213.148.tcpdump for a tcpdump.

In this tcpdump, pay close attention to the tcp packets 40 and 41. 40 ends with the following "content":

[…]

<div id="footer">
    <div class="footerCo

Packet 41 begins with:

305
ntent cfx">
[…]

The 305 is hex and is some sort of TCP "header", which shows how big the content is in this data segment.

Some more debugging has shown, that it doesn't matter whether I use "-s" or not. The text is always garbled. With "-s" or without.

And even more debugging with strace has shown, that there is a difference in how wget creates the socket and how check_http does it.

wget:

socket(PF_INET, SOCK_STREAM, IPPROTO_IP) = 4
…
write(4, "GET / HTTP/1.1\r\nUser-Agent: Wget/1.13.4 (linux-gnu)\r\nAccept: */*\r\nHost: www.ariseprogram.org\r\nConnection: Keep-Alive\r\n\r\n", 120) = 120
…
read(3, "<scr… class=\"footerCont", 2139) = 1368
read(3, "ent cfx\">\n\t…ml>", 771) = 771

check_http:

socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 3
…
sendto(3, "GET / HTTP/1.1\r\nUser-Agent: Wget/1.13.4 (linux-gnu)\r\nConnection: close\r\nHost: www.ariseprogram.org\r\nAccept: */*\r\n\r\n", 115, 0, NULL, 0) = 115
…
read(3, "<scr… class=\"footerCo\r\n", 8191) = 1368
read(3, "305\r\nntent cfx…", 8191) = 785

The difference might be, that check_http does "socket(…, IPPROTO_TCP)", whereas wget does "socket("…, IPPROTO_IP)".

This should not happen.

Import from MP:

monitoring-plugins/monitoring-plugins#1236

In the man page nothing is said that send and expect parameters are necessary.

https://github.com/nagios-plugins/nagios-plugins/blob/master/plugins/check_tcp.c#L228

Submitted by tarvin on 2010-12-19 00:50:39 M-P #976
The "-C" option for check_http is very useful for alarming when an SSL certificate is about to expire. However, the plugin's output is unclear in the OK state; it might say:
OK - Certificate will expire on 05/01/2011 23:59
What is that - Jan 5th or May 1st?

check_http -C produces confusing date [sf#3142101] #977
Submitted by None on 2010-12-22 23:43:20
The US date format is a joke. At least your dumb Fahrenheit and gallons are not ambiguous like m/d/y. It sucks.
The patch attached changes sslutils.c to use the asctime() date format:
WARNING - Certificate expires in 277 day(s) (Mon Sep 10 00:38:00 2011).
instead of
WARNING - Certificate expires in 277 day(s) (10/9/2011 00:38).

sslutils expire time in US format [sf#2424575] #840
Submitted by orangepeel on 2008-12-13 23:37:10
sshutils prints the expiry time of certificates in US format

Pull Request: time in rtc 822 #1161

monitoring-plugins/monitoring-plugins#840

"utils.c", line 634.1: 1506-046 (S) Syntax error.
Believe this should be using comment type /* */ rather than //.

Please check www.exploit-db.com/exploits/33904/ for potential issues.

Cheers, Jan.

Import from MP:
monitoring-plugins/monitoring-plugins#809

This is a very old issue, and a very rare one at that. As it is a small change, but tested to work, we will apply it.

Hi,
I wrote a new SSL certificate checker plugin that I find more complete than what I could see elsewhere. It checks expiration, revokation, CRL list update status, and whether hostname is present in the certificate. Feel free to include it in contrib in nagios-plugins. It can be downloaded from:
https://github.com/anordby/plugins/blob/master/nagios/check_ssl_validity

Open to suggestions is anything needs to be improved before it can be included.

Usage:

# ./check_ssl_validity

check_ssl_validity -H <cert hostname> [-I <IP/host>] [-p <port>]
[-t <timeout>] [-w <expire warning (days)>] [-c <expire critical (dats)>]
[-C <CRL update frequency (seconds)>]

Will look for hostname provided with -H in the certificate, but will contact
server with host/IP provided by -I (optional)

There is a bug in getting MAC address of network interface on BSD systems, where fourth parameter in sysctl() has to be size_t * and not int *. Unfortunately, using gcc -O2 the bug is hidden and contrary to compiler warning, check_dhcp seems to be working. However, when you use gcc -O0 or gcc -O1 or clang in FreeBSD 10 on amd64, the bug is exposed:

./check_dhcp -i em0 -s 127.0.0.1
Error: Couldn't get hardware address from em0. sysctl 2 error - No such file or directory.

How to submit patches? Copy and paste version is here, the fix is really easy:

--- plugins-root/check_dhcp.c.orig 2015-01-21 13:03:09.000000000 +0100
+++ plugins-root/check_dhcp.c 2015-01-21 13:03:46.000000000 +0100
@@ -326,7 +326,8 @@
#elif defined(bsd)
/* King 2004 see ACKNOWLEDGEMENTS */

•    int                     mib[6], len;
  

•    int                     mib[6];
  

•    size_t                  len;
   char                    *buf;
   unsigned char           *ptr;
   struct if_msghdr        *ifm;
  

Migrated from https://sourceforge.net/p/nagiosplug/bugs/520/

2011-06-29 Creator: Domi Barton

The check_ide_smart plugin fails on some disks w/ the following output:

./check_ide_smart -n -d /dev/sda
CRITICAL - SMART_ENABLE: Invalid argument
CRITICAL - SMART_CMD_ENABLE

But the disk is SMART capable:

./smartctl -i /dev/sda
smartctl version 5.33 [i686-redhat-linux-gnu] Copyright (C) 2002-4 Bruce Allen
Home page is http://smartmontools.sourceforge.net/
Device: MAXTOR ATLAS10K4_36SCA Version: DFV0
Serial number: B2SM1QGM
Device type: disk
Transport protocol: Parallel SCSI (SPI-4)
Local Time is: Wed Jun 29 10:02:31 2011 CEST
Device supports SMART and is Enabled
Temperature Warning Enabled

Jan Wagner, 2012-10-18:
There is a bug open Novel: https://bugzilla.novell.com/show_bug.cgi?id=640368
And of course now in debian: http://bugs.debian.org/690760

It's good security practice to run slapd so it doesn't listen on a TCP socket if it doesn't have to (it's a very soft target for network enumeration and silent dictionary attacks).

However check_slapd calls ldap_init instead of the newer ldap_initialize, which would allow it to connect to an LDAP URI; so it can't actually talk to a socket.

This can cause problems with some servers who only look for 1 Accept header so sending **Accept: /** can cause problems when checking these using a difference Accept.

The line in question is plugins/check_http.c:919

I have a very simple server that responds

HTTP/1.0 200 OK

OK!! 2014-06-19 14:20:01

When pointing check_http at it hoping to check the content for a string, bad things happen:

[]# /usr/lib64/nagios/plugins/check_http -I $ipaddress -p $port -u /somepath --authorization=test:test -s 'OK!!' -v
GET /somepath HTTP/1.0
User-Agent: check_http/v1.4.16 (nagios-plugins 1.4.16)
Connection: close
Authorization: Basic dGVzdDp0ZXN0

http://u.v.w.x:y/somepath is 43 characters
STATUS: HTTP/1.0 200 OK
**** HEADER ****
OK!! 2014-06-19 14:20:01
**** CONTENT ****

HTTP CRITICAL: HTTP/1.0 200 OK - string 'OK!!' not found on 'http://u.v.w.x:y/somepath' - 43 bytes in 0.014 second response time |time=0.014170s;;;0.000000 size=43B;;;0

So what seems to be happening is that check_http expects at least one header after the http status line, ignores the blank line that separates headers from content and continues taking further lines as headers. I haven't tested but I assume a further blank line would then trigger the change of understanding from header to content.

I've had a quick skim of rfc1495 & rfc2616 and don't believe that at least one response header is required... either way I'll be adding one to my server as a workaround.

Pretty sure I've got the correct CRLF separation too...

[]# echo -e "GET /somepath HTTP/1.0\r\nAuthorization: Basic dGVzdDp0ZXN0\r\n\r\n" | nc u.v.x.y z | xxd
0000000: 4854 5450 2f31 2e30 2032 3030 204f 4b0d HTTP/1.0 200 OK.
0000010: 0a0d 0a4f 4b21 2120 3230 3134 2d30 362d ...OK!! 2014-06-
0000020: 3139 2031 353a 3233 3a31 36 19 15:23:16

Submitted by bubeck on 2011-10-25 11:22:44

Each S.M.A.R.T. attribute is compared against a threshold. If it is LESSTHAN that threshold an error is reported.
This patch fixes the problem, that attribute values EQUAL to the threshold are reported as error, which is wrong. Only LESSTHAN the threshold is an error.

For more information see: http://www.hdsentinel.com/smart/index.php

My SSD has some attributes which value and threshold are "0". Without the patch this is reported as errornous.

ID# ATTRIBUTE_NAME FLAG VALUE WORST THRESH TYPE UPDATED WHEN_FAILED RAW_VALUE
...
172 Unknown_Attribute 0x0032 000 000 000 Old_age Always - 0
174 Unknown_Attribute 0x0030 000 000 000 Old_age Offline - 13
177 Wear_Leveling_Count 0x0000 000 000 000 Old_age Offline - 0
...

M-P issue #1040 pull request #1162

When regexing for multiple strings separated by a comma I would like to be able to receive the strings that were found in the output to be able to display.

EX:
check_http -H hostname -r 'bad, words, example' -u /target-page --invert-regex

FOUND string @ hostname/target-page:
bad

output:
CRITICAL - pattern found - 1456 bytes string found: bad | .....

Import from MP pull request:

monitoring-plugins/monitoring-plugins#1177

Import from MP:

monitoring-plugins/monitoring-plugins@58e57b3

with -A flag ping would finish much much faster, considering round trip for adaptive checking.

OS: centos 7
nagios-plugins-check-updates

check_updates script does not work properly when --security-only is used.
Though there are no security updates it still prints CRITICAL.

CHECK_UPDATES CRITICAL - 76 updates available | total_updates=76;0;0

While on Centos 6

CHECK_UPDATES OK - 8 non-critical updates available | total_updates=8;0;0 security_updates=0;0;0

Centos7:
nagios-plugins-check-updates-1.6.7-1.el7.x86_64
Centos6:
nagios-plugins-check-updates-1.6.3-1.el6.x86_64

Submitted by armertarj on 2008-10-27 11:04:40

Plugin: check_http v2053 (nagios-plugins 1.4.13)

On the HTTP redirection case, plug-in continues work ignoring timeout specification. Plug-in resets the timer after first response. So, I suggest to set new timer to the remainder of timeout value.

*** check_http.c_old 2008-10-27 08:52:54.000000000 +0000
--- check_http.c 2008-10-27 08:54:15.000000000 +0000

*** 968,974 ****
--- 968,978 ----
else if (http_status >= 300) {

if (onredirect == STATE_DEPENDENT)

{
microsec = socket_timeout - deltime(tv)/1.0e6;
alarm( microsec>1?microsec:1 ); redir (header, status_line);
} else if (onredirect == STATE_UNKNOWN) printf (("HTTP UNKNOWN")); else if (onredirect == STATEOK)

On Solaris, check_procs uses pst3 instead of /bin/ps (see http://nagios-plugins.org/doc/faq/ps-on-solaris.html for background). There's a small bug in pst3 which causes it to NOT report some processes that are at the end of the process table, at least on very busy systems (we noticed this on a CoolThreads T5240 with load averages up to 90).

The bug is that a filehandle is not properly closed. See http://tracker.nagios.org/view.php?id=658 for the patch.

At line 720 of check_http.c, in decode_chunked_page() there is the following code:

  if (*dst_pos) *dst_pos = '\0';
  else {
    die (STATE_UNKNOWN, _("HTTP UNKNOWN - Memory allocation error\n"));
  }

It fails when the --no-body option is used (probably because there is no page, and thus no pointer into the page if there is no body).

See:
http://support.nagios.com/forum/viewtopic.php?f=7&t=21809&p=86399#p86399

[root@localhost libexec]# ./check_uptime -t 30
./check_uptime: invalid option -- 't'

Import from MP:

monitoring-plugins/monitoring-plugins#1160
monitoring-plugins/monitoring-plugins#973

Nagios support forums link to issue: http://support.nagios.com/forum/viewtopic.php?f=16&t=29673

When set thresholds are met, they do not alert until threshold is exceeded by one whole integer, i.e. threshold of 4M will not alert at 4.0 - 4.9 and will only change states at 5M.

I have a perfectly fine running ntpd OpenBSD server (check_ntp_time works wonderfully) and my nagios monitoring host complains when I check_ntp_peer:

CRITICAL - Socket timeout after 10 seconds

If I believe http://ihazem.wordpress.com/2012/12/18/nagios-check_ntp_peer-error-critical-socket-timeout-after-10-seconds/ , it is because of a "restrict" option I have no knowledge of, and that openntp does not implement for security reasons.

Best regards,
EDIT: removed a wrong example of ntp

Imported issue from mp:

monitoring-plugins/monitoring-plugins#845
monitoring-plugins/monitoring-plugins#1181
monitoring-plugins/monitoring-plugins#1187
monitoring-plugins/monitoring-plugins#862
monitoring-plugins/monitoring-plugins#989

Unfortunately, in the new Nagios Plugins 2.0.1, there is an error with Reverse Lookups:

./check_dns -s {dnsserver} -H {hostip}
DNS OK: 0,012 seconds response time. {hostip} returns |time=0,011751s;;;0,000000

• First, Plugin tells that {hostip} returns …, but {dnsserver} returns this!!!
• Second, Plugin returns empty string for reverse lookups!!!

Error in Monitoring Web View:
DNS CRITICAL – expected ‘{hostname}.’ but got ”

Command definition:
check_dns -s $HOSTADDRESS$ -H $ARG1$ -a $ARG2$ -w 1 -c 2 -t 5

Command call:
check-dns!{hostip}!{hostname}

Control with nslookup:
nslookup {hostip} {dnsserver}
Server: {dnsserver}
Address: {dnsserver}#53
{reversehostip}.in-addr.arpa name = {hostname}.

I was doing some testing with check_nt and I mis-spelt the dns name of the client I was targeting:

./check_nt -H in2008r2-01.box293.local -s password -p 12489 -v UPTIME
Name or service not known
could not fetch information from server

The correct DNS name is win2008r2-01.box293.local, here you can see it working:

./check_nt -H win2008r2-01.box293.local -s password -p 12489 -v UPTIME
System Uptime - 0 day(s) 1 hour(s) 51 minute(s) |uptime=111

The plugin should report something like:

Cannot resolve in2008r2-01.box293.local to a valid address

Import from:

monitoring-plugins/monitoring-plugins#1193

Reported from nagios forums/ticket system.

Version tested: Nagios plugins 2.0.3

Files:
https://www.dropbox.com/s/yk4bb71xjf42ezw/check_mrtg_0c56eade?dl=0
https://www.dropbox.com/s/fjwd7ef4zx8d9gq/check_mrtg_5ccad87d?dl=0
https://www.dropbox.com/s/gbj81o5hrvfhohc/check_mrtg_ebcf293c?dl=0

To reproduce ($i as reproducer file):
check_mrtg -F $i -a AVG -v 1 -w 60000 -c 80000

Output:
Aborted

Sample BT:

[New LWP 5313]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/home/jodicun/opt/nagios-plugins-2.0.3/plugins/check_mrtg -F check_mrtg_0c56ead'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  __GI_____strtoul_l_internal (nptr=0x0, endptr=endptr@entry=0x0, base=base@entry=0xa, group=group@entry=0x0, loc=0x7ffff7bb6060 <_nl_global_locale>)
 at ../stdlib/strtol_l.c:298
298     ../stdlib/strtol_l.c: No such file or directory.
#0  __GI_____strtoul_l_internal (nptr=0x0, endptr=endptr@entry=0x0, base=base@entry=0xa, group=group@entry=0x0, loc=0x7ffff7bb6060 <_nl_global_locale>)
 at ../stdlib/strtol_l.c:298
#1  0x00007ffff78333c2 in __GI_strtoul (nptr=<optimized out>, endptr=endptr@entry=0x0, base=base@entry=0xa) at ../stdlib/strtol.c:108
#2  0x000000000040262f in main (argc=0xb, argv=<optimized out>) at check_mrtg.c:104
#3  0x00007ffff7817ec5 in __libc_start_main (main=0x401d80 <main>, argc=0xb, argv=0x7fffffffe008, init=<optimized out>, fini=<optimized out>, rtld_fini
=<optimized out>, stack_end=0x7fffffffdff8) at libc-start.c:287
#4  0x0000000000402992 in _start ()
exe = '/home/jodicun/opt/nagios-plugins-2.0.3/plugins/check_mrtg -F check_mrtg_0c56ead'

System Details:
AMD64
Distributor ID: Ubuntu
Description: Ubuntu 14.04.1 LTS
Release: 14.04
Codename: trusty

Found with the fuzzer American Fuzzy Lop ( http://lcamtuf.coredump.cx/afl/ )

Import from MP:

monitoring-plugins/monitoring-plugins#956
monitoring-plugins/monitoring-plugins#1166