Viên ngọc phương Đông

#!/bin/bash

# Nagios plugin to check nf_conntrack usage
# Returns WARNING or CRITICAL if connection tracking usage exceeds thresholds

# Nagios exit codes
STATE_OK=0
STATE_WARNING=1
STATE_CRITICAL=2
STATE_UNKNOWN=3

# Default thresholds (percentage)
WARNING_THRESHOLD=80
CRITICAL_THRESHOLD=90

# Parse command line arguments
while getopts "w:c:h" opt; do
    case $opt in
        w)
            WARNING_THRESHOLD=$OPTARG
            ;;
        c)
            CRITICAL_THRESHOLD=$OPTARG
            ;;
        h)
            echo "Usage: $0 [-w warning_threshold] [-c critical_threshold]"
            echo "  -w: Warning threshold in percentage (default: 80)"
            echo "  -c: Critical threshold in percentage (default: 90)"
            echo "Example: $0 -w 75 -c 85"
            exit $STATE_OK
            ;;
        \?)
            echo "Invalid option: -$OPTARG"
            exit $STATE_UNKNOWN
            ;;
    esac
done

# Files to read
MAX_FILE="/proc/sys/net/netfilter/nf_conntrack_max"
COUNT_FILE="/proc/sys/net/netfilter/nf_conntrack_count"

# Check if files exist
if [ ! -f "$MAX_FILE" ]; then
    echo "UNKNOWN: $MAX_FILE not found - nf_conntrack module may not be loaded"
    exit $STATE_UNKNOWN
fi

if [ ! -f "$COUNT_FILE" ]; then
    echo "UNKNOWN: $COUNT_FILE not found - nf_conntrack module may not be loaded"
    exit $STATE_UNKNOWN
fi

# Read values
MAX_VALUE=$(cat "$MAX_FILE" 2>/dev/null)
CURRENT_VALUE=$(cat "$COUNT_FILE" 2>/dev/null)

# Validate values
if [ -z "$MAX_VALUE" ] || [ -z "$CURRENT_VALUE" ]; then
    echo "UNKNOWN: Could not read nf_conntrack values"
    exit $STATE_UNKNOWN
fi

if ! [[ "$MAX_VALUE" =~ ^[0-9]+$ ]] || ! [[ "$CURRENT_VALUE" =~ ^[0-9]+$ ]]; then
    echo "UNKNOWN: Invalid values read from nf_conntrack files"
    exit $STATE_UNKNOWN
fi

# Calculate percentage
if [ "$MAX_VALUE" -eq 0 ]; then
    echo "UNKNOWN: nf_conntrack_max is zero"
    exit $STATE_UNKNOWN
fi

PERCENTAGE=$((CURRENT_VALUE * 100 / MAX_VALUE))

# Performance data
PERFDATA="current=$CURRENT_VALUE;$((MAX_VALUE * WARNING_THRESHOLD / 100));$((MAX_VALUE * CRITICAL_THRESHOLD / 100));0;$MAX_VALUE"

# Check thresholds and return appropriate status
if [ "$PERCENTAGE" -ge "$CRITICAL_THRESHOLD" ]; then
    echo "CRITICAL: nf_conntrack usage at ${PERCENTAGE}% (${CURRENT_VALUE}/${MAX_VALUE}) | $PERFDATA"
    exit $STATE_CRITICAL
elif [ "$PERCENTAGE" -ge "$WARNING_THRESHOLD" ]; then
    echo "WARNING: nf_conntrack usage at ${PERCENTAGE}% (${CURRENT_VALUE}/${MAX_VALUE}) | $PERFDATA"
    exit $STATE_WARNING
else
    echo "OK: nf_conntrack usage at ${PERCENTAGE}% (${CURRENT_VALUE}/${MAX_VALUE}) | $PERFDATA"
    exit $STATE_OK
fi