Jonny007-MKD/check_nmap.sh
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Added support for IPv6 checks

Browse source
This commit is contained in:
Jonny007-MKD 2021-02-23 22:37:16 +01:00
parent 0d344b456f
commit 44762d6443
3 changed files with 26 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
check_nmap.sh
View file

@ -9,12 +9,15 @@ DEBUG=false
PORT_RANGE="1-65535" PORT_RANGE="1-65535"
NMAP_ARGS="" NMAP_ARGS=""
KNOWN_PORTS=() KNOWN_PORTS=()
IPv=""
while [[ $# -gt 0 ]]; do while [[ $# -gt 0 ]]; do
case $1 in case $1 in
-h|--host) HOST="$2"; shift;; -h|--host) HOST="$2"; shift;;
-p|--portrange) PORT_RANGE="$2"; shift;; -p|--portrange) PORT_RANGE="$2"; shift;;
-k|--known) KNOWN_PORTS+=($2); shift;; -k|--known) KNOWN_PORTS+=($2); shift;;
-d|--debug) DEBUG=true;; -d|--debug) DEBUG=true;;
-4|--ipv4) IPv="";;
-6|--ipv6) IPv="-6";;
-i|--input) -i|--input)
INPUT="$2" INPUT="$2"
if [ ! -f "$INPUT" ]; then if [ ! -f "$INPUT" ]; then
@ -28,6 +31,7 @@ while [[ $# -gt 0 ]]; do
echo "--host HOSTNAME/IP: Host that shall be scanned by nmap" echo "--host HOSTNAME/IP: Host that shall be scanned by nmap"
echo "--portrange RANGE: Ports that shall be scanned (nmap format)" echo "--portrange RANGE: Ports that shall be scanned (nmap format)"
echo "--known PORTNUMBER: Port number that is expected to be open" echo "--known PORTNUMBER: Port number that is expected to be open"
echo "--ipv6: Use IPv6 for the scan (IPv4 if not specified)"
exit 0 exit 0
;; ;;
*) *)
@ -74,7 +78,7 @@ function runNmap {
done < $INPUT done < $INPUT
else else
local $cmd local $cmd
cmd="nmap $portrange $NMAP_ARGS -- $HOST" cmd="nmap $portrange $IPv $NMAP_ARGS -- $HOST"
log "$cmd" log "$cmd"
while read -r line; do while read -r line; do
parseLine "$line" parseLine "$line"

2
command_nmap.conf
View file

@ -2,7 +2,7 @@ object CheckCommand "nmap" {
import "ipv4-or-ipv6" import "ipv4-or-ipv6"
command = [ "/home/nagios/check_nmap.sh/check_nmap.sh" ] command = [ "/home/nagios/check_nmap.sh/check_nmap.sh" ]
timeout = 10m timeout = 12h
arguments = { arguments = {
"--host" = { "--host" = {

22
service_nmap.conf
View file

@ -1,13 +1,31 @@
apply Service "nmap" { apply Service "nmap4" {
import "generic-service" import "generic-service"
check_command = "nmap" check_command = "nmap"
check_interval = 24h check_interval = 24h
retry_interval = 2h retry_interval = 2h
vars.notification_interval = 1d
vars.nmap_ipv4 = true
for (k => v in host.vars.nmap) { for (k => v in host.vars.nmap) {
vars["nmap_" + k] = v vars["nmap_" + k] = v
} }
assign where host.vars.nmap != null assign where host.vars.nmap != null && (host.vars.nmap.ipv6_only == null || host.vars.nmap.ipv6_only == false)
}
apply Service "nmap6" {
import "generic-service"
check_command = "nmap"
check_interval = 24h
retry_interval = 2h
vars.notification_interval = 1d
vars.nmap_ipv6 = true
for (k => v in host.vars.nmap) {
vars["nmap_" + k] = v
}
assign where host.vars.nmap != null && (host.vars.nmap.ipv4_only == null || host.vars.nmap.ipv4_only == false)
} }