Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

check_dns issue

https://support.nagios.com/forum/viewtopic.php?t=41320

Page 1 of 1

check_dns issue

Posted: Thu Nov 24, 2016 8:59 am
by Petr M.
Hello,
I have a problem with check_dns plugins. I need to check some SPF TXT records but plugin send me wrong values.

For ex. I checking our domain ness.com that has SPF TXT record _spf-c.ness.com

This SPF TXT records include text „v=spf1 ip4:67.231.157.48 ip4:208.73.180.202 ip4:84.1.158.93 ip4:216.218.72.238 ip4:159.182.160.36 ip4:217.77.169.8 ip4:67.231.152.58 ip4:212.143.60.114 -all

But Nagios shows this result:
root@nagios:/usr/local/nagios/libexec# ./check_dns -H _spf-c.ness.com -s ns1.bezeqint.net -q ANY
DNS OK: 0.212 seconds response time. _spf-c.ness.com returns -all"|time=0.212144s;;;0.000000

From whole SPF TXT record i already receive only last string -all. Nothing else.

If I ask only for TXT records, then I receive:
root@czprgux34:/usr/local/nagios/libexec# ./check_dns -H _spf-c.ness.com -s ns1.bezeqint.net -q TXT
DNS CRITICAL - query type of -querytype=TXT was not found for _spf-c.ness.com

Re: check_dns issue

Posted: Mon Nov 28, 2016 2:28 pm
by rkennedy
I filed a GitHub issue as it seems to be a bug with the plugin. I was able to get it working on 2.0.3 though, so it may be worth downgrading your plugins for the time. (or just that one)

https://github.com/nagios-plugins/nagio ... issues/200

Re: check_dns issue

Posted: Tue Nov 29, 2016 8:54 am
by Petr M.
Hello rkennedy,

thank you for your help. I Install check_dns from version 2.0.3. I´ll wait for fix of check_dns plugin now.

PS: now i have another one issue. The plugin receive this string:
DNS OK: 0.191 seconds response time. _spf-a.ness.com returns "v=spf1 ip4:59.145.150.86/32 ip4:196.12.44.204/32 ip4:217.77.169.8/32 ip4:31.30.3.41 ip4:207.99.117.102 ip4:207.99.117.108 ip4:82.80.254.61 ip4:82.80.254.60 ip4:193.46.64.80 ip4:46.28.105.63 ip4:194.56.215.78 ip4:109.226.59.204 ip4:109.226.59.156 -all"|time=0.190941s;;;0.000000

for query:
./check_dns -H _spf-a.ness.com -s ns1.bezeqint.net -q TXT


Is there any way, how to check if only one IP addrees exist in the string above? I tried to use parameter -a
./check_dns -H _spf-a.ness.com -s ns1.bezeqint.net -a '31.30.3.41' -q TXT

but i received:
DNS CRITICAL - expected '31.30.3.41' but got '"v=spf1 ip4:59.145.150.86/32 ip4:196.12.44.204/32 ip4:217.77.169.8/32 ip4:31.30.3.41 ip4:207.99.117.102 ip4:207.99.117.108 ip4:82.80.254.61 ip4:82.80.254.60 ip4:193.46.64.80 ip4:46.28.105.63 ip4:194.56.215.78 ip4:109.226.59.204 ip4:109.226.59.156 -all"'

Re: check_dns issue

Posted: Tue Nov 29, 2016 3:18 pm
by avandemore
The current plugin doesn't include that functionality for TXT records. You can create a wrapper for the plugin which parses the output for the IP and exits with the appropriate return code.

https://nagios-plugins.org/doc/guidelines.html
https://mathias-kettner.de/checkmk_localchecks.html
http://www.yourownlinux.com/2014/06/how ... cript.html

check_dns is mostly just a wrapper to nslookup so sticking another wrapper around that to fit you needs is quite doable.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited