root / plugins / network / ldap_connections @ dd4afac8
Historique | Voir | Annoter | Télécharger (3,51 ko)
| 1 | 28332a7a | Geoffroy Desvernay | #!/bin/sh |
|---|---|---|---|
| 2 | # |
||
| 3 | # Plugin to monitor the number of open connexions to LDAP |
||
| 4 | # |
||
| 5 | # $Log: ldap_connections,v $ |
||
| 6 | # Revision 1.9 2008/05/20 21:30:34 cvserver |
||
| 7 | # Corrections de bugs |
||
| 8 | # |
||
| 9 | # Revision 1.8 2007/09/03 09:35:37 cvserver |
||
| 10 | # Correction2 pour OpenBSD |
||
| 11 | # |
||
| 12 | # Revision 1.7 2007/09/03 09:01:07 cvserver |
||
| 13 | # Modif pour OpenBSD |
||
| 14 | # |
||
| 15 | # Revision 1.6 2007/03/02 07:52:52 cvserver |
||
| 16 | # pas LISTEN pour les IPs utilis?es (en cas de *:389) |
||
| 17 | # |
||
| 18 | # Revision 1.5 2007/03/01 16:06:53 cvserver |
||
| 19 | # corrections: |
||
| 20 | # - reinitialisation de $IPS_BOUND au debut de la fonction find_ip_bound |
||
| 21 | # - precision dans le grep (LISTEN) |
||
| 22 | # |
||
| 23 | # Revision 1.4 2006/09/27 11:56:54 cvserver |
||
| 24 | # + sockets |
||
| 25 | # |
||
| 26 | # Revision 1.3 2006/06/24 23:38:30 cvserver |
||
| 27 | # correction |
||
| 28 | # |
||
| 29 | # Revision 1.2 2006/06/24 23:24:30 cvserver |
||
| 30 | # correction |
||
| 31 | # |
||
| 32 | # Revision 1.1 2006/06/24 23:15:25 cvserver |
||
| 33 | # connexions LDAP pour munin |
||
| 34 | # |
||
| 35 | # |
||
| 36 | # plugin-conf.d/-options: |
||
| 37 | # |
||
| 38 | # netstat -- path to netstat executable |
||
| 39 | # ports -- ldap ports used (389 and 636) |
||
| 40 | # only used ones are graphed |
||
| 41 | # socket -- ldapi socket (default: /var/run/openldap/ldapi) |
||
| 42 | # |
||
| 43 | # Parameters: |
||
| 44 | # |
||
| 45 | # config (required) |
||
| 46 | # autoconf (optional - used by munin-config) |
||
| 47 | # |
||
| 48 | # Magic markers (Used by munin-config and some installation scripts. |
||
| 49 | # Optional): |
||
| 50 | # |
||
| 51 | #%# family=contrib |
||
| 52 | #%# capabilities=autoconf |
||
| 53 | |||
| 54 | NETSTAT=${netstat:-`which netstat`}
|
||
| 55 | NETSTAT=${NETSTAT:-/usr/bin/netstat}
|
||
| 56 | PORTS=${ports:-389 636}
|
||
| 57 | TEMP_FILE=$(mktemp /tmp/munin_ldap.XXXXXX) |
||
| 58 | PATH=/bin:/usr/bin:/usr/local/bin |
||
| 59 | SOCKET=${socket:-/var/run/openldap/ldapi}
|
||
| 60 | |||
| 61 | case $(uname -s) in |
||
| 62 | *BSD) |
||
| 63 | NETSTAT_ARGS="-an -ptcp" |
||
| 64 | FAMILYMARK="-f " |
||
| 65 | ;; |
||
| 66 | Linux) |
||
| 67 | NETSTAT_ARGS="-alnt" |
||
| 68 | FAMILYMARK="--" |
||
| 69 | ;; |
||
| 70 | *) |
||
| 71 | NETSTAT_ARGS="-an" |
||
| 72 | FAMILYMARK="-f " |
||
| 73 | ;; |
||
| 74 | esac |
||
| 75 | |||
| 76 | $NETSTAT $NETSTAT_ARGS > $TEMP_FILE |
||
| 77 | |||
| 78 | # arg: port |
||
| 79 | find_ips_bound() {
|
||
| 80 | port=$1 |
||
| 81 | IPS_BOUND="" |
||
| 82 | for i in $(grep "^tcp[46]\{0,1\}\([[:space:]]\{1,\}[[:digit:]]\{1,\}\)\{2\}[[:space:]]\{1,\}\(\([0-9]\)\{1,3\}\.\)\{3\}[0-9]\{1,3\}[\.:]$port[[:space:]].*" $TEMP_FILE | awk '{print $4}' | sed "s/^\(.*\)[\.:]$port$/\1/"); do
|
||
| 83 | echo $IPS_BOUND | grep "$i" > /dev/null || IPS_BOUND=$IPS_BOUND" $i" |
||
| 84 | done |
||
| 85 | echo $IPS_BOUND |
||
| 86 | } |
||
| 87 | |||
| 88 | # see which port(s) is/are really bound |
||
| 89 | LISTENING_PORTS="" |
||
| 90 | for port in $PORTS; do |
||
| 91 | find_ips_bound $port > /dev/null && LISTENING_PORTS="$LISTENING_PORTS$port " |
||
| 92 | done |
||
| 93 | |||
| 94 | if [ "$1" = "autoconf" ]; then |
||
| 95 | ONE_LISTENING="" |
||
| 96 | for port in $PORTS; do |
||
| 97 | ONE_LISTENING=${ONE_LISTENING}$(find_ips_bound $port)
|
||
| 98 | done |
||
| 99 | rm -f $TEMP_FILE |
||
| 100 | if [ -n "$ONE_LISTENING" ]; then |
||
| 101 | echo yes |
||
| 102 | exit 0 |
||
| 103 | else |
||
| 104 | echo no '(no slapd listening on '$PORTS')' |
||
| 105 | exit 1 |
||
| 106 | fi |
||
| 107 | fi |
||
| 108 | |||
| 109 | if [ "$1" = "config" ]; then |
||
| 110 | echo 'graph_title LDAP connections' |
||
| 111 | echo 'graph_args -l 0' |
||
| 112 | echo 'graph_vlabel active connections to ldap by port' |
||
| 113 | echo 'graph_category network' |
||
| 114 | for port in $LISTENING_PORTS; do |
||
| 115 | for ip in $(find_ips_bound $port | sed 's/\./_/g'); do |
||
| 116 | echo "${ip}_${port}.label ${ip}:${port}"
|
||
| 117 | done |
||
| 118 | done |
||
| 119 | if [ -e $SOCKET ]; then |
||
| 120 | if [ $($NETSTAT -an ${FAMILYMARK}unix | grep $SOCKET | wc -l) -gt 0 ]; then
|
||
| 121 | echo "socket.label ldapi" |
||
| 122 | fi |
||
| 123 | fi |
||
| 124 | rm -f $TEMP_FILE |
||
| 125 | exit 0 |
||
| 126 | fi |
||
| 127 | |||
| 128 | for port in $LISTENING_PORTS; do |
||
| 129 | for ip in $(find_ips_bound $port); do |
||
| 130 | echo "$(echo $ip | sed 's/\./_/g')_${port}.value $(grep "^tcp[46]\{0,1\}\([[:space:]]\{1,\}[[:digit:]]\{1,\}\)\{2\}[[:space:]]\{1,\}$ip[\.:]$port[[:space:]].*ESTABLISHED$" $TEMP_FILE | wc -l | sed 's/[[:space:]]*//g')"
|
||
| 131 | done |
||
| 132 | done |
||
| 133 | if [ -e "$SOCKET" ]; then |
||
| 134 | echo "socket.value $($NETSTAT -an ${FAMILYMARK}unix | grep $SOCKET | wc -l | sed 's/[[:space:]]*//g')"
|
||
| 135 | fi |
||
| 136 | |||
| 137 | rm -f $TEMP_FILE |