You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
fail2ban/files/nagios/check_fail2ban

106 lines
3.2 KiB

#!/bin/bash
#
# Usage: ./check_fail2ban
###############################################################################################
# Description:
# This plugin will check the status of Fail2ban.
#
# Created: 2008-10-25 (Sebastian Mueller)
#
# Changes: 2008-10-26 fixed some issues (Sebastian Mueller)
# Changes: 2009-01-25 add the second check, when server is not replying and the
# process is hang-up (Sebastian Mueller)
#
# please visit my website http://www.elchtest.eu or my personal WIKI http://wiki.elchtest.eu
#
################################################################################################
# if you have any questions, send a mail to linux@krabbe-offline.de
#
# this script is for my personal use. read the script before running/using it!!!
#
#
# YOU HAVE BEEN WARNED. THIS MAY DESTROY YOUR MACHINE. I ACCEPT NO RESPONSIBILITY.
###############################################################################################
SECOND_CHECK=0
STATE_OK=0
STATE_CRITICAL=2
######################################################################
# Read the Status from fail2ban-client
######################################################################
check_processes_fail2ban()
{
F2B=`sudo -u root fail2ban-client ping | awk -F " " '{print $3}'`
exit_fail2ban=0
if [[ $F2B = "pong" ]]; then
exit_fail2ban=$STATE_OK
else
exit_fail2ban=$STATE_CRITICAL
fi
}
######################################################################
# first check in the Background, PID will be killed when no response
# after 10 seconds, might be possible, otherwise the script will be
# present in your memory all the time
######################################################################
check_processes_fail2ban &
pid=$!
typeset -i i=0
while ps $pid >/dev/null
do
sleep 1
i=$i+1
if [ $i -ge 10 ]
then
kill $pid
SECOND_CHECK=1
exit_fail2ban=$STATE_CRITICAL
break
fi
done
######################################################################
# when the Server response (does not mean the FAIL2BAN is working)
# in the first step, then it will run again and test the Service
# and provide the real status
######################################################################
if [ $SECOND_CHECK -eq 0 ]; then
check_processes_fail2ban
elif [ $SECOND_CHECK -eq 1 ]; then
exit_fail2ban=$STATE_CRITICAL
fi
######################################################################
# Main Menu
######################################################################
final_exit=$exit_fail2ban
if [ $final_exit -eq 0 ]; then
echo "SYSTEM OK - Fail2ban is working normally"
exitstatus=$STATE_OK
elif [ $final_exit -ne "0" ]; then
echo "SYSTEM WARNING - Fail2Ban is not working"
######################################################################
# If don't have a Nagios Server for monitoring, remove the comment and
# add your Mail Address. You can check it with a Cron Job once an hour.
# put a txt file on your server and describe how to fix the issue, this
# could be attached to the mail.
######################################################################
# mutt -s "FAIL2BAN NOT WORKING" your@example.com < /home/f2ban.txt
exitstatus=$STATE_CRITICAL
fi
exit $exitstatus