12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364 |
- import argparse
- import os.path
- import sys
- code = 0
- msg = ""
- parser = argparse.ArgumentParser (description = 'check netfilter conntrack table size')
- parser.add_argument ('--warn', '-w', help = "Warning conntrack table usage (percent)", default = "70", type = int)
- parser.add_argument ('--crit', '-c', help = "Critical conntrack table usage (percent)", default = "85", type = int)
- parser.add_argument ('--no-conntrack', help = "Return code when no conntrack is loaded.", default = "ok", choices = [ "ok", "warn", "crit", "unkn" ])
- args = parser.parse_args ()
- ret_map = {
- 'ok' : 0,
- 'warn' : 1,
- 'crit' : 2,
- 'unkn' : 3,
- }
- def read_int (path):
- try:
- with open (path, 'r') as fh:
- return float (fh.read ())
- except ValueError as v:
- return -1
- except IOError as i:
- print ("conntrack seems not to be loaded.")
- sys.exit (ret_map[args.no_conntrack])
- num_entries = read_int ("/proc/sys/net/netfilter/nf_conntrack_count")
- max_entries = read_int ("/proc/sys/net/netfilter/nf_conntrack_max")
- usage = num_entries / max_entries * 100
- if usage >= args.crit:
- code = 2
- msg = "Conntrack pool usage over %d%%: %d (%d / %d)" % (args.crit, usage, num_entries, max_entries)
- elif usage >= args.warn:
- code = 1
- msg = "Conntrack pool usage over %d%%: %d (%d/ %d)" % (args.warn, usage, num_entries, max_entries)
- elif usage < args.warn:
- code = 0
- msg = "Conntrack pool usage at %d%% (%d / %d)" % (usage, num_entries, max_entries)
- else:
- code = 3
- msg = "WTF? Please examinte the situation manually and kinly do the needful!"
- print (msg)
- sys.exit (code)
|