bouloter.com - UnknownSec

upload mass deface mass delete console info server
name : check_outgoing_status.sh
#!/bin/bash

VERSION="$(grep 'VERSION_ID=' /etc/os-release | cut -d'"' -f 2)"
MAJOR_VERSION="$(cut -d'.' -f 1 <<< "$VERSION")"

if [[ "$MAJOR_VERSION" -lt 8 ]]; then
  echo "OK: Server OS version is $VERSION."
  exit 0
fi

MYSQL_USER="netfilter"
MYSQL_PASS="DkqioJ6ENxXfqCy"
MYSQL_DATABASE="netfilter"

module_name="netfilt"
daemon_name="outconnm"
hash_tables=('Whitelist Table' 'Blocklist Table' 'Ratelimited Table')
module_stats_file='/proc/module_stats'
SE_CRIT_TRESHOLD=50
SE_WARN_TRESHOLD=75
module_debug_file='/sys/module/netfilt/parameters/debug'
daemon_debug_file='/etc/am_outconnm_config.cfg'

if ! sudo /usr/bin/grep "$module_name" /proc/modules | grep -q 'Live'; then
  echo "CRITICAL: $module_name is not loaded."
  exit 2
fi

daemon_pid="$(sudo /usr/bin/pgrep -x $daemon_name)"
if [ -z "$daemon_pid" ]; then
  echo "CRITICAL: $daemon_name daemon is not running."
  exit 2
fi

for table in "${hash_tables[@]}"; do
  se="$(sudo /usr/bin/cat "$module_stats_file" | grep -A 5 "$table" | grep 'Spread Effectiveness' | awk '{print$3}')"
  if [ -z "$se" ]; then
    echo "CRITICAL: Could not get $table Spread Effectiveness."
    exit 2
  elif [ "$se" -lt "$SE_CRIT_TRESHOLD" ]; then
    echo "CRITICAL: $table Spread Effectiveness < $SE_CRIT_TRESHOLD"
    exit 2
  elif [ "$se" -lt "$SE_WARN_TRESHOLD" ]; then
    echo "WARNING: $table Spread Effectiveness < $SE_WARN_TRESHOLD"
    exit 1
  fi
done

status="$(mysql -u "$MYSQL_USER" -p"$MYSQL_PASS" "$MYSQL_DATABASE" -sNLe 'SELECT MODULE,DAEMON FROM status;' 2>&1 | grep -v 'Using a password on the command line interface can be insecure')"
module_status="$(awk '{print$1}' <<< "$status")"
daemon_status="$(awk '{print$2}' <<< "$status")"

if [ -z "$module_status" ] || [ -z "$daemon_status" ]; then
  echo "CRITICAL: Could not get MODULE/DAEMON status from database."
  exit 2
elif [ "$module_status" != "1" ] || [ "$daemon_status" != "1" ]; then
  echo "WARNING: MODULE/DAEMON status in database is not OK."
  exit 1
fi

disabled_users_queue="$(mysql -u "$MYSQL_USER" -p"$MYSQL_PASS" "$MYSQL_DATABASE" -sNLe 'SELECT COUNT(*) FROM disabled_users_queue;' 2>&1 | grep -v 'Using a password on the command line interface can be insecure')"
disabled_users_queue_count="$(awk '{print$1}' <<< "$disabled_users_queue")"

if [ -z "$disabled_users_queue_count" ]; then
  echo "CRITICAL: Could not get disabled_users_queue count from database."
  exit 2
elif [ "$disabled_users_queue_count" != "0" ]; then
  echo "WARNING: disabled_users_queue is not empty."
  exit 1
fi

queue="$(mysql -u "$MYSQL_USER" -p"$MYSQL_PASS" "$MYSQL_DATABASE" -sNLe 'SELECT COUNT(*) FROM queue;' 2>&1 | grep -v 'Using a password on the command line interface can be insecure')"
queue_count="$(awk '{print$1}' <<< "$queue")"

if [ -z "$queue_count" ]; then
  echo "CRITICAL: Could not get queue count from database."
  exit 2
elif [ "$queue_count" != "0" ]; then
  echo "WARNING: queue is not empty."
  exit 1
fi


module_debug="$(sudo /usr/bin/cat $module_debug_file)"
if [ -z "$module_debug" ]; then
  echo "CRITICAL: $module_name module debug status is unknown."
  exit 2
elif [ "$module_debug" != "0" ]; then
  echo "WARNING: $module_name module debug is enabled."
  exit 1
fi

daemon_debug="$(grep 'DEBUG' $daemon_debug_file | awk '{print$3}')"
if [ -z "$daemon_debug" ]; then
  echo "CRITICAL: Could not get $daemon_name daemon debug value from config."
  exit 2
elif [ "$daemon_debug" != "0" ] && [ "$daemon_debug" != "0;" ]; then
  echo "WARNING: $daemon_name daemon has debug set in config."
  exit 1
fi

echo "OK: Outgoing Connection Manager is running."
exit 0
UnknownSec Shell
