check_conntrack_src_addr
Monitoring plugin to check conntrack NAT source ID address for a destination.
You could:
- filter destination with IP address, protocol and destination port
- check NAT source IP address against one detected from routing table
- check number of NAT source IP address use against a limit
This script could be used as Icinga/Nagios check plugin.
Requirements
- conntrack CLI command
- awk
- sed
Installation
cd /usr/local/src
git clone https://gitlab.easter-eggs.com/brenard/check_conntrack_src_addr.git
mkdir -p /usr/local/lib/nagios/plugins/
ln -s /usr/local/src/check_conntrack_src_addr/check_conntrack_src_addr /usr/local/lib/nagios/plugins/Usage
Usage: ./check_conntrack_src_addr [-h|-d] -D destination [-l limit] [-c] [-f IP address]
-h Show this help message
-d Show debug messages
-C The conntrack command path (default: /usr/sbin/conntrack)
-S Use sudo to run conntrack commands
-D [destination] The destination IP address
-p [protocol] The destination procotol (ex: tcp or udp)
-P [port] The destination procotol port (ex: 5600)
-c Check source NAT IP address against detected source IP address from route table
-f [IP address] If check source NAT IP address enabled, specified source IP address of connection
-i [input interface] If check source NAT IP address enabled, specified source input interface device
(default: auto-detected from source IP address)Copyright
Copyright (c) 2020 Easter-eggs
License
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 3 as published by the Free Software Foundation.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
