|
@@ -0,0 +1,64 @@
|
|
|
+#!/usr/bin/python
|
|
|
+#
|
|
|
+# Nagios plugin to check netfilter conntrack size
|
|
|
+#
|
|
|
+# Maximilian Wilhelm <max@rfc2324.org>
|
|
|
+# -- Fri 11 Mar 2016 08:56:08 PM CET
|
|
|
+#
|
|
|
+
|
|
|
+import argparse
|
|
|
+import os.path
|
|
|
+import sys
|
|
|
+
|
|
|
+code = 0
|
|
|
+msg = ""
|
|
|
+
|
|
|
+parser = argparse.ArgumentParser (description = 'check netfilter conntrack table size')
|
|
|
+
|
|
|
+parser.add_argument ('--warn', '-w', help = "Warning conntrack table usage (percent)", default = "70")
|
|
|
+parser.add_argument ('--crit', '-c', help = "Critical conntrack table usage (percent)", default = "85")
|
|
|
+parser.add_argument ('--no-conntrack', help = "Return code when no conntrack is loaded.", default = "ok", choices = [ "ok", "warn", "crit", "unkn" ])
|
|
|
+
|
|
|
+args = parser.parse_args ()
|
|
|
+
|
|
|
+ret_map = {
|
|
|
+ 'ok' : 0,
|
|
|
+ 'warn' : 1,
|
|
|
+ 'crit' : 2,
|
|
|
+ 'unkn' : 3,
|
|
|
+}
|
|
|
+
|
|
|
+def read_int (path):
|
|
|
+ try:
|
|
|
+ with open (path, 'r') as fh:
|
|
|
+ return int (fh.read ())
|
|
|
+ except ValueError as v:
|
|
|
+ return -1
|
|
|
+ except IOError as i:
|
|
|
+ print "conntrack seems not to be loaded."
|
|
|
+ sys.exit (ret_map[args.no_conntrack])
|
|
|
+
|
|
|
+num_entries = read_int ("/proc/sys/net/netfilter/nf_conntrack_count")
|
|
|
+max_entries = read_int ("/proc/sys/net/netfilter/nf_conntrack_max")
|
|
|
+
|
|
|
+
|
|
|
+usage = num_entries / max_entries * 100
|
|
|
+
|
|
|
+if usage >= args.crit:
|
|
|
+ code = 2
|
|
|
+ msg = "Conntrack pool usage over %s%%: %d (%d / %d)" % (args.crit, usage, num_entries, max_entries)
|
|
|
+
|
|
|
+elif usage >= args.warn:
|
|
|
+ code = 1
|
|
|
+ msg = "Conntrack pool usage over %s%%: %d (%d/ %d)" % (args.warn, usage, num_entries, max_entries)
|
|
|
+
|
|
|
+elif usage < args.warn:
|
|
|
+ code = 0
|
|
|
+ msg = "Conntrack pool usage as at %d%% (%d / %d)" % (usage, num_entries, max_entries)
|
|
|
+
|
|
|
+else:
|
|
|
+ code = 3
|
|
|
+ msg = "WTF? Please examinte the situation manually and kinly do the needful!"
|
|
|
+
|
|
|
+print msg
|
|
|
+sys.exit (code)
|