Announcement

Collapse
No announcement yet.

Pb exécution plugin perl

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Pb exécution plugin perl

    Bonjour,

    je développe des plugin en perl afin de superviser des paramètres spécifiques sur des équipements réseaux via snmp.

    Je veux ici détecter la configuration de certains ports d'un switch en vérifiant au préalable dans un fichier texte si le port ne fait pas parti d'une liste d'exeption.

    Pour que mon plugin lise ce fichier texte, j'utilise:


    Code:
    use Net::SNMP;
use Getopt::Long;


my $exep = "./test";
my @lect = undef;

sub lecture{
    open (IN, $exep) || die "impossible de lire le fichier d'exeptions, erreur: $!";
    @lect = <IN>;
    close IN;

}


    lorsque je teste mon plugin dans mon shell (./monplugin.pl), j'obtiens le résultat escompté...
    mais lorsque j'intègre ce plugin à Nagios et que ce dernier l'exécute, Nagios me retourne une erreur du style le fichier n'existe pas (je mettrai le msg exact demain :-D )...

    apparement l'instruction open n'est pas interprété correctement par l'ePN de Nagios...

    Pour le moment j'ai remplacé ce sous programme par du shell mais bon c'est pas très beau et en therme de performance c'est pas vraiment des plus efficace.


    Si vous avez rencontré le même problème ou avez une solution, je suis preneur

    A+ boblemarin
    Tags: None
  • #2
    Tu as la possibilité de mettre ton plugins a dispo que l'on puisse également tester ?

    En plus ca pourrai etre cool de les mettres a dispo de tout le monde (contrib power)
    Centreon 2.x

    Comment

    • #3
      Salut,
      Voici mes petites productions, je me suis basé sur le code d'un plugin mis en ligne sur le site de manubulon.
      Le code ne doit pas être optimisé (je débute en perl ) et faiblement commenté.

      Voici le plugin (son but est de détecter et lister les ports des switchs n'ayant pas port security activé tout en tenant compte d'une liste d'exeption) posant problème, plus précisément la fonction lecture qui me renvoie l'erreur suivante Aucun fichier ou répertoire de ce type at (eval 1) line 108,". alors que lorsque je lance ce plugin via le shell je n'ai aucun souci...

      Code:
         #! /usr/bin/perl -w

use strict;
use Net::SNMP;
use Getopt::Long;


use utils qw(%ERRORS $TIMEOUT);

#Definition des OID a surveiller

#5000 (CISCO-STACK-MIB)
my $modIndexoid = '1.3.6.1.4.1.9.5.1.3.1.1.1';
my $modNumPortoid = '1.3.6.1.4.1.9.5.1.3.1.1.14';
my $AdmStaoid = '1.3.6.1.4.1.9.5.1.10.1.1.3';
my $ViolPoloid = '1.3.6.1.4.1.9.5.1.10.1.1.10';

#2900 (CISCO-C2900-MIB)
my $PortUsaoid = '1.3.6.1.4.1.9.9.87.1.4.1.1.3';
my $ViolAct2900oid = '1.3.6.1.4.1.9.9.87.1.4.1.1.26';

#2960 (CISCO-PORT-SECURITY-MIB)
my $SecEnaoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.1';
my $ViolActoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.8';


#Definition des etat sur 5000, 6500 et LS ATTENTION les indices changent entre les equipements
my @C5000_etat = ("","UNKNOWN","OK","WARNING","CRITICAL");
my @C6500_etat = ("","NORMAL","WARNING","CRITICAL","SHUTDOWN","NOT-PRESENT","NOT-FUNCTIONING");
my @LS_etat = ("","UNKNOWN","OK","FAULT","FAN-ALARM","PARTIAL-FAULT","EMPTY");

#Fichier des ports non securises volontairement

my $exep = "./test";
my @lect = undef;

# Globals
my $Version='0';

my $o_host = 	undef; 		# hostname
my $o_community = undef; 	# community
my $o_group = 	undef; 		# hostgroup (2900,2960,5000,6500)
my $o_port = 	161; 		# port
my $o_help=	undef; 		# wan't some help ?
#my $o_verb=	undef;		# verbose mode
my $o_version=	undef;		# print version
my $o_timeout=  undef; 		# Timeout (Default 5)
my $o_perf=     undef;          # Output performance data
my $o_version2= undef;          # use snmp v2c

# SNMPv3 specific
my $o_login=	undef;		# Login for snmpv3
my $o_passwd=	undef;		# Pass for snmpv3
my $v3protocols=undef;	        # V3 protocol list.
my $o_authproto='md5';		# Auth protocol
my $o_privproto='des';		# Priv protocol
my $o_privpass= undef;		# priv password


#Fonctions
sub p_version { print "check_snmp_env5000 version : $Version\n"; }

sub print_usage {
    print "Usage: $0 [-v] -H <host> -C <snmp_community> -G <hostgroup> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) \n";
}

sub check_options {
    Getopt::Long::Configure ("bundling");
    GetOptions(
        'H:s'   => \$o_host,		'hostname:s'	=> \$o_host,
        'C:s'   => \$o_community,	'community:s'	=> \$o_community,
        'G:s'   => \$o_group,   	'group:s'	=> \$o_group,
	'l:s'	=> \$o_login,		'login:s'	=> \$o_login,
	'x:s'	=> \$o_passwd,		'passwd:s'	=> \$o_passwd,
	'X:s'	=> \$o_privpass,	'privpass:s'	=> \$o_privpass,
	'L:s'	=> \$v3protocols,	'protocols:s'	=> \$v3protocols,
        't:i'   => \$o_timeout,       	'timeout:i'     => \$o_timeout,
	'V'	=> \$o_version,		'version'	=> \$o_version,
	'2'     => \$o_version2,        'v2c'           => \$o_version2,
	);


    
   
#Basic checks
      if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
      if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
      if ( ! defined($o_host) || ! defined($o_group)) # check host and filter 
      { print_usage(); exit $ERRORS{"UNKNOWN"}}
      if (!defined ($o_timeout)) {$o_timeout='1'}; #Si pas de timeout on le definit
#Check snmp information
      if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
      { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
      { print "He gamin melange pas snmp v1,2c,3 !!!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      if (defined ($v3protocols)) {
	  if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
	  my @v3proto=split(/,/,$v3protocols);
	  if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];	} # Auth protocol
	  if (defined ($v3proto[1])) {$o_privproto=$v3proto[1];	}	# Priv  protocol
	  if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
	    print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
	}
}

sub lecture{
    open (IN, $exep) or die "impossible de lire le fichier d'exeptions, erreur: $!";
    @lect = <IN>;
    chomp @lect;
    close IN;
}

##MAIN

check_options();

###Connexion SNMP
my ($session,$error);
if ( defined($o_login) && defined($o_passwd)) {
# SNMPv3 login
#  verb("SNMPv3 login");
    if (!defined ($o_privpass)) {
#  verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
    ($session, $error) = Net::SNMP->session(
      -hostname   	=> $o_host,
      -version		=> '3',
      -username		=> $o_login,
      -authpassword	=> $o_passwd,
      -authprotocol	=> $o_authproto,
      -timeout          => $o_timeout
    );  
  } else {
    verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
    ($session, $error) = Net::SNMP->session(
      -hostname   	=> $o_host,
      -version		=> '3',
      -username		=> $o_login,
      -authpassword	=> $o_passwd,
      -authprotocol	=> $o_authproto,
      -privpassword	=> $o_privpass,
      -privprotocol     => $o_privproto,
      -timeout          => $o_timeout
    );
  }
} else {
	if (defined ($o_version2)) {
		# SNMPv2 Login
#		verb("SNMP v2c login");
		  ($session, $error) = Net::SNMP->session(
		 -hostname  => $o_host,
		 -version   => 2,
		 -community => $o_community,
		 -port      => $o_port,
		 -timeout   => $o_timeout
		);
  	} else {
	  # SNMPV1 login
#	  verb("SNMP v1 login");
	  ($session, $error) = Net::SNMP->session(
		-hostname  => $o_host,
		-community => $o_community,
		-port      => $o_port,
		-timeout   => $o_timeout
	  );
	}
}


###########

if (!defined($session)) {
    printf("ERROR: %s.\n", $error);
    exit 1;
}

lecture();

##POUR LES 2900
if ($o_group eq "C2900") {

    my $PortSec2900 = $session->get_table(Baseoid => $PortUsaoid);
    my $ViolAct2900 = $session->get_table(Baseoid => $ViolAct2900oid);
    my $a = 0;

    for (my $i = 1; $i<=24; $i++){
	my $Adm = $$PortSec2900{$PortUsaoid.".0.".$i};
	my $Act = $$ViolAct2900{$ViolAct2900oid.".0.".$i};

	if ($Adm != "2" && $Act != "4"){

	    foreach my $lign (@lect){

		if ($lign =~ /$o_host/){
		    if ($lign =~ /0\/$i/){}	
		    else {
			print " 0/$i,";
			$a = 1;
		    }
		}
	    }
	}
	
    }
    if ($a == "0"){
	print "pas de ports non securisés";
    }
    else{
	exit $a;
    }
}

##POUR LES 2960
if ($o_group eq "C2960") {

    my $PortSec2960 = $session->get_table(Baseoid => $SecEnaoid);
    my $ViolAct2960 = $session->get_table(Baseoid => $ViolActoid);
    my $a = 0;

for (my $i = 1; $i<=9; $i++ ){
	my $Adm = $$PortSec2960{$SecEnaoid.".1010".$i};
	my $Act = $$ViolAct2960{$ViolActoid.".1010".$i};

	if ($Adm != "1" && $Act != "1"){
	    foreach my $lign (@lect){
		if ($lign =~ /$o_host/){
		    if ($lign =~ /0\/$i/){}	
		    else {
			print " 0/$i,";
			$a = 1;
		    }
		}
	    }      
	}
    }
    for (my $i = 10; $i<=24; $i++ ){
	my $Adm = $$PortSec2960{$SecEnaoid.".101".$i};
	my $Act = $$ViolAct2960{$ViolActoid.".101".$i};

	if ($Adm != "1" && $Act != "1"){
	    foreach my $lign (@lect){
		if ($lign =~ /$o_host/){
		    if ($lign =~ /0\/$i/){}	
		    else {
			print " 0/$i,";
			$a = 1;
		    }
		}
	    }	 
	}
    }	

    if ($a == "0"){
	print "Pas de ports non sécurisés";
	exit $a;
    }
    else{
	exit $a;
	}

    
}

##POUR LES 5000 et 6500
if ($o_group eq "C5000" || $o_group eq "C6500") {

    my $ModIndex = $session->get_table(Baseoid => $modIndexoid);
    my $NombPortMod = $session->get_table(Baseoid => $modNumPortoid);
    my $AdmSta = $session->get_table(Baseoid => $AdmStaoid);
    my $ViolPol = $session->get_table(Baseoid => $ViolPoloid);    
    my $a = 0;

#    print "6500";

    foreach my $key (sort keys %$ModIndex) {
	my $m = $$ModIndex{$key};
	my $np = $$NombPortMod{$modNumPortoid.".".$m};

	if ($np == 0 || $np == 1 || $np == 2){}
	else{
	    for (my $i = 1; $i<=$np; $i++ ){
		my $Adm = $$AdmSta{$AdmStaoid.".".$m.".".$i};
		my $Act = $$ViolPol{$ViolPoloid.".".$m.".".$i};

		if ($Adm != "1" && $Act != "2"){
		    if ($Adm != "1" && $Act != "1"){
			foreach my $lign (@lect){
			    if ($lign =~ /$o_host/){
				if ($lign =~ /$m\/$i/){}
				else {
				    print " $m/$i,";
				    $a = 1;
				}
			    }
			}	 
		    }
		}
	    }
	}
    }
    if ($a == "0"){
	print "Pas de ports non sécurisés";
	exit $a;
    }
    else{
	exit $a;
    }


}
exit;
      le fichier d'exeptions (test) se présente de la sorte et se trouve pour le moment dans le meme répertoire que le plugin:
      nom_équipement |numéros_de_port_faisant exeption

      c345_t |4/23,2/12,1/4

      Le plugin se lance en shell de la manière suivante

      ./monplugin.pl -H nom de l'host -C communautésnmp -G groupe du switch(C2900, C2960, C5000 ou C6500) j'ai fait mes premiers tests avec la catégorie C2900.

      Si vous avez des idées pour mon souci concernant ce sript je suis preneur :-D

      j'utilise Nagios 2.8 sous centos

      A+ Boblemarin
      Last edited by boblemarin; 26 April 2007, 10:33.

      Comment

      • #4
        Un plugin qui récupère l'état des alim et ventilos de switch cisco 5000, 6500 ou ls1010:

        Code:
          #! /usr/bin/perl -w

use strict;
use Net::SNMP;
use Getopt::Long;

use utils qw(%ERRORS $TIMEOUT);

#Definition des OID a surveiller
#5000
my $PS1status5 = '1.3.6.1.4.1.9.5.1.2.4.0';
my $PS2status5 = '1.3.6.1.4.1.9.5.1.2.7.0';
my $FANstatus5 = '1.3.6.1.4.1.9.5.1.2.9.0';

#6500
my $FANstatus6 = '1.3.6.1.4.1.9.9.13.1.4.1.3.1';
my $PS1status6 = '1.3.6.1.4.1.9.9.13.1.5.1.3.1';
my $PS2status6 = '1.3.6.1.4.1.9.9.13.1.5.1.3.2';

#LS1010
my $FANstatusLS = '1.3.6.1.4.1.9.5.11.1.1.11.0';
my $PS1statusLS = '1.3.6.1.4.1.9.5.11.1.1.5.0';
my $PS2statusLS = '1.3.6.1.4.1.9.5.11.1.1.9.0';


#Variables
my $FAN = "";
my $PS1 = "";
my $PS2 = "";


#Definition des etat sur 5000 ATTENTION les indices changent entre les equipements
my @C5000_etat = ("","UNKNOWN","OK","WARNING","CRITICAL");
my @C6500_etat = ("","NORMAL","WARNING","CRITICAL","SHUTDOWN","NOT-PRESENT","NOT-FUNCTIONING");
my @LS_etat = ("","UNKNOWN","OK","FAULT","FAN-ALARM","PARTIAL-FAULT","EMPTY");

# Globals
my $Version='0';

my $o_host = 	undef; 		# hostname
my $o_community = undef; 	# community
my $o_port = 	161; 		# port
my $o_help=	undef; 		# wan't some help ?
#my $o_verb=	undef;		# verbose mode
my $o_version=	undef;		# print version
my $o_timeout=  undef; 		# Timeout (Default 5)
my $o_perf=     undef;          # Output performance data
my $o_version2= undef;          # use snmp v2c

# SNMPv3 specific
my $o_login=	undef;		# Login for snmpv3
my $o_passwd=	undef;		# Pass for snmpv3
my $v3protocols=undef;	        # V3 protocol list.
my $o_authproto='md5';		# Auth protocol
my $o_privproto='des';		# Priv protocol
my $o_privpass= undef;		# priv password


#Fonctions
sub p_version { print "check_snmp_env5000 version : $Version\n"; }

sub print_usage {
    print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) \n";
}

sub check_options {
    Getopt::Long::Configure ("bundling");
    GetOptions(
        'H:s'   => \$o_host,		'hostname:s'	=> \$o_host,
        'C:s'   => \$o_community,	'community:s'	=> \$o_community,
	'l:s'	=> \$o_login,		'login:s'	=> \$o_login,
	'x:s'	=> \$o_passwd,		'passwd:s'	=> \$o_passwd,
	'X:s'	=> \$o_privpass,	'privpass:s'	=> \$o_privpass,
	'L:s'	=> \$v3protocols,	'protocols:s'	=> \$v3protocols,
        't:i'   => \$o_timeout,       	'timeout:i'     => \$o_timeout,
	'V'	=> \$o_version,		'version'	=> \$o_version,
	'2'     => \$o_version2,        'v2c'           => \$o_version2,
	);


    
   
#Basic checks
      if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
      if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
      if ( ! defined($o_host) ) # check host and filter 
      { print_usage(); exit $ERRORS{"UNKNOWN"}}
      if (!defined ($o_timeout)) {$o_timeout='1'}; #Si pas de timeout on le definit
#Check snmp information
      if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
      { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
      { print "He gamin melange pas snmp v1,2c,3 !!!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      if (defined ($v3protocols)) {
	  if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
	  my @v3proto=split(/,/,$v3protocols);
	  if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];	} # Auth protocol
	  if (defined ($v3proto[1])) {$o_privproto=$v3proto[1];	}	# Priv  protocol
	  if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
	    print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
	}
}

##MAIN

check_options();

###Connexion SNMP
my ($session,$error);
if ( defined($o_login) && defined($o_passwd)) {
# SNMPv3 login
#  verb("SNMPv3 login");
    if (!defined ($o_privpass)) {
#  verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
    ($session, $error) = Net::SNMP->session(
      -hostname   	=> $o_host,
      -version		=> '3',
      -username		=> $o_login,
      -authpassword	=> $o_passwd,
      -authprotocol	=> $o_authproto,
      -timeout          => $o_timeout
    );  
  } else {
    verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
    ($session, $error) = Net::SNMP->session(
      -hostname   	=> $o_host,
      -version		=> '3',
      -username		=> $o_login,
      -authpassword	=> $o_passwd,
      -authprotocol	=> $o_authproto,
      -privpassword	=> $o_privpass,
      -privprotocol     => $o_privproto,
      -timeout          => $o_timeout
    );
  }
} else {
	if (defined ($o_version2)) {
		# SNMPv2 Login
#		verb("SNMP v2c login");
		  ($session, $error) = Net::SNMP->session(
		 -hostname  => $o_host,
		 -version   => 2,
		 -community => $o_community,
		 -port      => $o_port,
		 -timeout   => $o_timeout
		);
  	} else {
	  # SNMPV1 login
#	  verb("SNMP v1 login");
	  ($session, $error) = Net::SNMP->session(
		-hostname  => $o_host,
		-community => $o_community,
		-port      => $o_port,
		-timeout   => $o_timeout
	  );
	}
}


###########

if (!defined($session)) {
    printf("ERROR: %s.\n", $error);
    exit 1;
}
#On recupere les valeur des OID
my $resultLS = $session->get_request (-varbindlist => [$PS1statusLS,$PS2statusLS,$FANstatusLS]);
my $result5 = $session->get_request (-varbindlist => [$PS1status5,$PS2status5,$FANstatus5]);
my $result6 = $session->get_request (-varbindlist => [$PS1status6,$PS2status6,$FANstatus6]);


#Si aucun OID valide on quitte en Warning
if (!defined($result5)&&!defined($result6)&&!defined($resultLS)) {
     printf("ERROR: %s.\n", $session->error);
     $session->close;
     exit 1;
}


##SELECTION LS1010
if (!defined($result5)&&!defined($result6)) {
    $FAN = $resultLS->{$FANstatusLS};
    $PS1 = $resultLS->{$PS1statusLS};
    $PS2 = $resultLS->{$PS2statusLS};  
    print "RACK VENTILO: ",$LS_etat[$FAN],",  ALIM1: ",$LS_etat[$PS1],",  ALIM2: ",$LS_etat[$PS2],"\n";

    if ($FAN==3||$PS1==3||$PS2==3) {
	exit 2;  #Si fault sur un des 3 on renvoie CRITICAL a Nagios
    }
    if (($FAN==4||$PS1==4||$PS2==4)||($FAN==5||$PS1==5||$PS2==5)) {
	exit 1; #Si Fan alarm ou PartialFault sur un des 3 on renvoie Warning a Nagios
    }
    elsif ($FAN==2&&($PS1==2||$PS2==2)) {
	exit 0; #Si FAN OK et 1 des 2 ALIM OK n renvoie OK a Nagios
    } else {
	exit 3; #Cas non prevu
    }
}

##SELECTION C5000
elsif (!defined($resultLS)&&!defined($result6)) {
    $FAN = $result5->{$FANstatus5};
    $PS1 = $result5->{$PS1status5};
    $PS2 = $result5->{$PS2status5};  
    print "RACK VENTILO: ",$C5000_etat[$FAN],",  ALIM1: ",$C5000_etat[$PS1],",  ALIM2: ",$C5000_etat[$PS2],"\n";
 
    if ($FAN==4||$PS1==4||$PS2==4) {
	exit 2;  #Si major-fault sur un des 3 on renvoie CRITICAL a Nagios
    }
    if ($FAN==3||$PS1==3||$PS2==3) {
	exit 1; #Si min-fault sur un des 3 on renvoie Warning a Nagios
    }
    elsif ($FAN==2&&($PS1==2||$PS2==2)) {
	exit 0; #Si FAN OK et 1 des 2 ALIM OK n renvoie OK a Nagios
    } else {
	exit 3; #Cas non prevu
    }
}

##SELECTION C6500
else {
    $FAN = $result6->{$FANstatus6};
    $PS1 = $result6->{$PS1status6};
    $PS2 = $result6->{$PS2status6};  
    print "RACK VENTILO: ",$C6500_etat[$FAN],",  ALIM1: ",$C6500_etat[$PS1],",  ALIM2: ",$C6500_etat[$PS2],"\n";

if ($FAN==3||$PS1==3||$PS2==3) {
	exit 2;  #Si CRITICAL sur un des 3 on renvoie CRITICAL a Nagios
    }
    if (($FAN==2||$PS1==2||$PS2==2)||($FAN==6||$PS1==6||$PS2==6)) {
	exit 1; #Si WARNING ou NOT-FUNCTIONING sur un des 3 on renvoie Warning a Nagios
    }
    elsif ($FAN==1&&($PS1==1||$PS2==1)) {
	exit 0; #Si FAN OK et 1 des 2 ALIM OK n renvoie OK a Nagios
    } else {
	exit 3; #Cas non prevu
    }
}

        Comment

        • #5
          Voici un plugin vérifiant les ports des switchs et retournant une liste des ports bloqués par port sécurity:

          Code:
            #! /usr/bin/perl -w

use strict;
use Net::SNMP;
use Getopt::Long;


use utils qw(%ERRORS $TIMEOUT);

#Definition des OID a surveiller

#5000 (CISCO-STACK-MIB)
my $modIndexoid = '1.3.6.1.4.1.9.5.1.3.1.1.1';
my $modNumPortoid = '1.3.6.1.4.1.9.5.1.3.1.1.14';
my $AdmStaoid = '1.3.6.1.4.1.9.5.1.10.1.1.3';
my $OpeStaoid = '1.3.6.1.4.1.9.5.1.10.1.1.4';

#2924 (CISCO-C2900-MIB)
my $PortUsaoid = '1.3.6.1.4.1.9.9.87.1.4.1.1.3';
my $PortAddrSecoid = '1.3.6.1.4.1.9.9.87.1.4.1.1.12';

#2960 (CISCO-PORT-SECURITY-MIB)
my $SecEnaoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.1';
my $SecStaoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.2';


#Definition des etat sur 5000, 6500 et LS ATTENTION les indices changent entre les equipements
my @C5000_etat = ("","UNKNOWN","OK","WARNING","CRITICAL");
my @C6500_etat = ("","NORMAL","WARNING","CRITICAL","SHUTDOWN","NOT-PRESENT","NOT-FUNCTIONING");
my @LS_etat = ("","UNKNOWN","OK","FAULT","FAN-ALARM","PARTIAL-FAULT","EMPTY");

# Globals
my $Version='0';

my $o_host = 	undef; 		# hostname
my $o_community = undef; 	# community
my $o_port = 	161; 		# port
my $o_help=	undef; 		# wan't some help ?
#my $o_verb=	undef;		# verbose mode
my $o_version=	undef;		# print version
my $o_timeout=  undef; 		# Timeout (Default 5)
my $o_perf=     undef;          # Output performance data
my $o_version2= undef;          # use snmp v2c

# SNMPv3 specific
my $o_login=	undef;		# Login for snmpv3
my $o_passwd=	undef;		# Pass for snmpv3
my $v3protocols=undef;	        # V3 protocol list.
my $o_authproto='md5';		# Auth protocol
my $o_privproto='des';		# Priv protocol
my $o_privpass= undef;		# priv password


#Fonctions
sub p_version { print "check_snmp_env5000 version : $Version\n"; }

sub print_usage {
    print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) \n";
}

sub check_options {
    Getopt::Long::Configure ("bundling");
    GetOptions(
        'H:s'   => \$o_host,		'hostname:s'	=> \$o_host,
        'C:s'   => \$o_community,	'community:s'	=> \$o_community,
	'l:s'	=> \$o_login,		'login:s'	=> \$o_login,
	'x:s'	=> \$o_passwd,		'passwd:s'	=> \$o_passwd,
	'X:s'	=> \$o_privpass,	'privpass:s'	=> \$o_privpass,
	'L:s'	=> \$v3protocols,	'protocols:s'	=> \$v3protocols,
        't:i'   => \$o_timeout,       	'timeout:i'     => \$o_timeout,
	'V'	=> \$o_version,		'version'	=> \$o_version,
	'2'     => \$o_version2,        'v2c'           => \$o_version2,
	);


    
   
#Basic checks
      if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
      if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
      if ( ! defined($o_host) ) # check host and filter 
      { print_usage(); exit $ERRORS{"UNKNOWN"}}
      if (!defined ($o_timeout)) {$o_timeout='1'}; #Si pas de timeout on le definit
#Check snmp information
      if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
      { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
      { print "He gamin melange pas snmp v1,2c,3 !!!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      if (defined ($v3protocols)) {
	  if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
	  my @v3proto=split(/,/,$v3protocols);
	  if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];	} # Auth protocol
	  if (defined ($v3proto[1])) {$o_privproto=$v3proto[1];	}	# Priv  protocol
	  if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
	    print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
	}
}

##MAIN

check_options();

###Connexion SNMP
my ($session,$error);
if ( defined($o_login) && defined($o_passwd)) {
# SNMPv3 login
#  verb("SNMPv3 login");
    if (!defined ($o_privpass)) {
#  verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
    ($session, $error) = Net::SNMP->session(
      -hostname   	=> $o_host,
      -version		=> '3',
      -username		=> $o_login,
      -authpassword	=> $o_passwd,
      -authprotocol	=> $o_authproto,
      -timeout          => $o_timeout
    );  
  } else {
    verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
    ($session, $error) = Net::SNMP->session(
      -hostname   	=> $o_host,
      -version		=> '3',
      -username		=> $o_login,
      -authpassword	=> $o_passwd,
      -authprotocol	=> $o_authproto,
      -privpassword	=> $o_privpass,
      -privprotocol     => $o_privproto,
      -timeout          => $o_timeout
    );
  }
} else {
	if (defined ($o_version2)) {
		# SNMPv2 Login
#		verb("SNMP v2c login");
		  ($session, $error) = Net::SNMP->session(
		 -hostname  => $o_host,
		 -version   => 2,
		 -community => $o_community,
		 -port      => $o_port,
		 -timeout   => $o_timeout
		);
  	} else {
	  # SNMPV1 login
#	  verb("SNMP v1 login");
	  ($session, $error) = Net::SNMP->session(
		-hostname  => $o_host,
		-community => $o_community,
		-port      => $o_port,
		-timeout   => $o_timeout
	  );
	}
}


###########

if (!defined($session)) {
    printf("ERROR: %s.\n", $error);
    exit 1;
}

my $ModIndex = $session->get_table(Baseoid => $modIndexoid);
my $NombPortMod = $session->get_table(Baseoid => $modNumPortoid);
my $AdmSta = $session->get_table(Baseoid => $AdmStaoid);
my $OpeSta = $session->get_table(Baseoid => $OpeStaoid);

my $PortSec2900 = $session->get_table(Baseoid => $PortUsaoid);
my $NbViol2900 = $session->get_table(Baseoid => $PortAddrSecoid);

my $PortSec2960 = $session->get_table(Baseoid => $SecEnaoid);
my $NbViol2960 = $session->get_table(Baseoid => $SecStaoid);




if ((!defined($ModIndex)&&!defined($NombPortMod))&&(!defined($PortSec2900)&&!defined($NbViol2900))&&(!defined($PortSec2960)&&!defined($NbViol2960))) {
    printf("ERROR: %s.\n", $session->error);
    $session->close;
    exit 0;
} 



##POUR LES 5000
if ((!defined($PortSec2960) && !defined($NbViol2960)) && (!defined($PortSec2900) && !defined($NbViol2900))) {
    my $a = 0;
#    print "5000";
    foreach my $key (sort keys %$ModIndex) {
	my $m = $$ModIndex{$key};
	my $np = $$NombPortMod{$modNumPortoid.".".$m};

	if ($np == 0 || $np == 1 || $np == 2){}
	else{
	    for (my $i = 1; $i<=$np; $i++ ){
		my $Adm = $$AdmSta{$AdmStaoid.".".$m.".".$i};
		my $Ope = $$OpeSta{$OpeStaoid.".".$m.".".$i};

		if ($Adm == "1" && $Ope == "2"){
		    print " $m/$i  ";
		    $a = 1;
		}
	    }
	}
    }
    if ($a == "0"){
	print "Pas de ports bloqués";
	exit $a;
    }
    else{
	exit $a;
    }
}

##POUR LES 2960
if ((!defined($PortSec2900)&&!defined($NbViol2900)) && (!defined($OpeSta)&&!defined($AdmSta))) {
    my $a = 0;
 #   print "2960";
    for (my $i = 1; $i<=9; $i++ ){
	my $Adm = $$PortSec2960{$SecEnaoid.".1010".$i};
	my $Viol = $$NbViol2960{$SecStaoid.".1010".$i};

	if ($Adm == "1" && $Viol == "3"){
	    print " 0/$i  ";
	    $a = 1;
	}
    }
    for (my $i = 10; $i<=24; $i++ ){
	my $Adm = $$PortSec2960{$SecEnaoid.".101".$i};
	my $Viol = $$NbViol2960{$SecStaoid.".101".$i};

	if ($Adm == "1" && $Viol == "3"){
	    print " 0/$i  ";
	    $a = 1;
	}
    }	

    if ($a == "0"){
	print "Pas de ports bloqués";
	exit $a;
    }
    else{
	exit $a;
	}    
}

##POUR LES 6500
if ((!defined($PortSec2900) && !defined($NbViol2900)) && (defined($PortSec2960) && defined($NbViol2960))  && (defined($ModIndex) && defined($NombPortMod)) && (defined($AdmSta) && defined($OpeSta))) {
    my $a = 0;
#    print "6500";
    foreach my $key (sort keys %$ModIndex) {
	my $m = $$ModIndex{$key};
	my $np = $$NombPortMod{$modNumPortoid.".".$m};

	if ($np == 0 || $np == 1 || $np == 2){}
	else{
	    for (my $i = 1; $i<=$np; $i++ ){
		my $Adm = $$AdmSta{$AdmStaoid.".".$m.".".$i};
		my $Ope = $$OpeSta{$OpeStaoid.".".$m.".".$i};

		if ($Adm == "1" && $Ope == "2"){
		    print " $m/$i  ";
		    $a = 1;
		}
	    }
	}
    }
    if ($a == "0"){
	print "Pas de ports bloqués";
	exit $a;
    }
    else{
	exit $a;
    }
}



##POUR LES 2924   encore quelques problemes du au compteur NbViol ne se ##réinitialisant pas
if ((!defined($ModIndex)&& !defined($NombPortMod))&&(!defined($PortSec2960)&&!defined($NbViol2960))) {
    my $a = 0;
    print "2924";
    for (my $i = 1; $i<=24; $i++ ){
	my $Adm = $$PortSec2900{$PortUsaoid.".0.".$i};
	my $Viol = $$NbViol2900{$PortAddrSecoid.".0.".$i};

	if ($Adm == "2" && $Viol > "0"){
	    print " 0/$i  ";
	    $a = 1;
	}	
    }
    if ($a == "0"){
      print "Pas de ports bloqués";
      exit $a;
    }
    else{
	exit $a;
    }
}

print "Switch non supporté";
exit 3;

          Voici pour mes productions elles sont orientées vers du matériel cisco.

          Comment

          Previous template Next
          Working...
          X