Mateusz Suski
147 lines
3.3 KiB
Bash
Executable File
147 lines
3.3 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
target="${1:-}"
|
|
status=0
|
|
warnings=()
|
|
criticals=()
|
|
|
|
section() {
|
|
printf '\n[%s]\n' "$1"
|
|
}
|
|
|
|
warn() {
|
|
warnings+=("$1")
|
|
printf 'WARNING: %s\n' "$1"
|
|
}
|
|
|
|
critical() {
|
|
criticals+=("$1")
|
|
status=1
|
|
printf 'CRITICAL: %s\n' "$1"
|
|
}
|
|
|
|
have() {
|
|
command -v "$1" >/dev/null 2>&1
|
|
}
|
|
|
|
run_if_available() {
|
|
local command_name="$1"
|
|
shift
|
|
|
|
if have "$command_name"; then
|
|
"$@" || warn "$command_name command failed"
|
|
else
|
|
warn "$command_name command not available"
|
|
fi
|
|
}
|
|
|
|
section "LOCAL NETWORK"
|
|
if have ip; then
|
|
ip addr || warn "ip addr command failed"
|
|
printf '\nRouting table:\n'
|
|
ip route || warn "ip route command failed"
|
|
printf '\nDefault gateway:\n'
|
|
if ! ip route show default; then
|
|
critical "default gateway not found"
|
|
elif ! ip route show default | grep -q '^default '; then
|
|
critical "default gateway not configured"
|
|
fi
|
|
else
|
|
warn "ip command not available"
|
|
fi
|
|
|
|
section "INTERFACES"
|
|
active_interfaces=0
|
|
if have ip; then
|
|
ip -br link || warn "interface state query failed"
|
|
active_interfaces="$(ip -br link 2>/dev/null | awk '$2 == "UP" && $1 != "lo" {count++} END {print count+0}')"
|
|
if (( active_interfaces == 0 )); then
|
|
critical "no active non-loopback interface detected"
|
|
else
|
|
printf 'OK: %s active non-loopback interface(s) detected\n' "$active_interfaces"
|
|
fi
|
|
else
|
|
warn "cannot inspect interface state without ip command"
|
|
fi
|
|
|
|
section "DNS"
|
|
if [[ -r /etc/resolv.conf ]]; then
|
|
cat /etc/resolv.conf
|
|
else
|
|
warn "/etc/resolv.conf not readable"
|
|
fi
|
|
|
|
dns_target="${target:-localhost}"
|
|
if have getent; then
|
|
if getent hosts "$dns_target" >/dev/null 2>&1; then
|
|
printf 'OK: DNS resolution succeeded for %s\n' "$dns_target"
|
|
getent hosts "$dns_target"
|
|
else
|
|
critical "DNS resolution failed for ${dns_target}"
|
|
fi
|
|
elif have nslookup; then
|
|
if nslookup "$dns_target"; then
|
|
printf 'OK: DNS resolution succeeded for %s\n' "$dns_target"
|
|
else
|
|
critical "DNS resolution failed for ${dns_target}"
|
|
fi
|
|
else
|
|
warn "no DNS lookup tool available"
|
|
fi
|
|
|
|
section "CONNECTIVITY"
|
|
if [[ -n "$target" ]]; then
|
|
if have ping; then
|
|
if ping -c 3 -W 2 "$target"; then
|
|
printf 'OK: ping succeeded for %s\n' "$target"
|
|
else
|
|
critical "ping failed for ${target}"
|
|
fi
|
|
else
|
|
warn "ping command not available"
|
|
fi
|
|
|
|
run_if_available traceroute traceroute "$target"
|
|
|
|
if have nc; then
|
|
if nc -vz -w 3 "$target" 443; then
|
|
printf 'OK: TCP 443 reachable on %s\n' "$target"
|
|
else
|
|
critical "TCP 443 connectivity failed for ${target}"
|
|
fi
|
|
elif have curl; then
|
|
if curl --head --silent --show-error --connect-timeout 5 "https://${target}" >/dev/null; then
|
|
printf 'OK: HTTPS connectivity succeeded for %s\n' "$target"
|
|
else
|
|
critical "HTTPS connectivity failed for ${target}"
|
|
fi
|
|
else
|
|
warn "no TCP connectivity test tool available (nc or curl)"
|
|
fi
|
|
else
|
|
printf 'OK: no target provided; skipped remote connectivity checks\n'
|
|
fi
|
|
|
|
section "PORTS"
|
|
if have ss; then
|
|
ss -tuln || warn "ss command failed"
|
|
else
|
|
warn "ss command not available"
|
|
fi
|
|
|
|
section "SUMMARY"
|
|
if (( ${#criticals[@]} > 0 )); then
|
|
printf 'CRITICAL: %s issue(s) detected\n' "${#criticals[@]}"
|
|
fi
|
|
|
|
if (( ${#warnings[@]} > 0 )); then
|
|
printf 'WARNING: %s warning(s) detected\n' "${#warnings[@]}"
|
|
fi
|
|
|
|
if (( status == 0 )); then
|
|
printf 'OK: no obvious DNS or connectivity problems detected\n'
|
|
fi
|
|
|
|
exit "$status"
|