Check_http with proxy

[castroi]

Hello,

I am trying to setup a check_http and check_https with proxy authentication.
I have seen that check_http is expected to support proxy with -b parameters.
However packet capture confirmed that it is not using proxy.

here:

[lxadmin@ymq-lpnagapp1 ~]$ nslookup http://www.lemonde.fr
Server: 172.26.64.81
Address: 172.26.64.81#53

Non-authoritative answer:
http://www.lemonde.fr canonical name = http://www.lemonde.fr.2-01-271d-000d.cdx.cedexis.net.
http://www.lemonde.fr.2-01-271d-000d.cdx.cedexis.net canonical name = wac.3604.edgecastcdn.net.
wac.3604.edgecastcdn.net canonical name = gp1.wac.edgecastcdn.net.
Name: gp1.wac.edgecastcdn.net
Address: 72.21.91.8

[lxadmin@ymq-lpnagapp1 ~]$
[lxadmin@ymq-lpnagapp1 ~]$ /usr/local/nagios/libexec/check_http -H http://www.lemonde.fr -b USER:PASS@proxy
HTTP OK: HTTP/1.1 200 OK - 406317 bytes in 0.137 second response time |time=0.136517s;;;0.000000 size=406317B;;;0
[lxadmin@ymq-lpnagapp1 ~]$

[lxadmin@ymq-lpnagapp1 ~]$ sudo tcpdump -i eth0 host 72.21.91.8
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
17:46:44.736973 IP ymq-lpnagapp1.corp.ad.iata.org.44564 > 72.21.91.8.http: Flags , seq 2701623995, win 14600, options [mss 1460,sackOK,TS val 2088361543 ecr 0,nop,wscale 7], length 0
17:46:44.747860 IP 72.21.91.8.http > ymq-lpnagapp1.corp.ad.iata.org.44564: Flags [S.], seq 1784666919, ack 2701623996, win 65535, options [mss 1380,sackOK,TS val 192948574 ecr 2088361543,nop,wscale 9], length 0
17:46:44.747885 IP ymq-lpnagapp1.corp.ad.iata.org.44564 > 72.21.91.8.http: Flags [.], ack 1, win 115, options [nop,nop,TS val 2088361554 ecr 192948574], length 0
17:46:44.747983 IP ymq-lpnagapp1.corp.ad.iata.org.44564 > 72.21.91.8.http: Flags [P.], seq 1:228, ack

I am running Nagios XI 5.2.2

Could you please assist ?

Thank you Igor

[Box293]

Strange, when I try a basic command I get an error:

Code: Select all

/usr/local/nagios/libexec/check_http -H http://www.lemonde.fr
Name or service not known
HTTP CRITICAL - Unable to open TCP socket

But if I remove http:// it's OK

Code: Select all

/usr/local/nagios/libexec/check_http -H www.lemonde.fr
HTTP OK: HTTP/1.1 200 OK - 407178 bytes in 1.798 second response time |time=1.797659s;;;0.000000 size=407178B;;;0

Can you add the -v argument for verbose and paste back here the output in a code block:

Code: Select all

/usr/local/nagios/libexec/check_http -H http://www.lemonde.fr -b USER:PASS@proxy -v

Also, what is the output of:

Code: Select all

/usr/local/nagios/libexec/check_http -V

[castroi]

Hello,

Here is below:

[lxadmin@ymq-lpnagapp1 ~]$ /usr/local/nagios/libexec/check_http -H http://www.lemonde.fr -b USER:PASS@PROXY -v
Name or service not known
HTTP CRITICAL - Unable to open TCP socket
[lxadmin@ymq-lpnagapp1 ~]$

Here too many lines due to web page content so i cut part

[lxadmin@ymq-lpnagapp1 ~]$ /usr/local/nagios/libexec/check_http -H www.lemonde.fr -b USER:PASS@PROXY -v

</script>
<noscript><div><img src="//mc.yandex.ru/watch/24317818" style="position:absolute; left:-9999px;" alt="" /></div></noscript>

<script> require(['lmd/core/footer-tracking']); </script>
</body>
</html>

<!--Rosae 2015/12/08 02:14:40 37.04 112.08 cacheman16.36 httpback-->
HTTP OK: HTTP/1.1 200 OK - 405427 bytes in 0.458 second response time |time=0.458479s;;;0.000000 size=405427B;;;0
[lxadmin@ymq-lpnagapp1 ~]$

[lxadmin@ymq-lpnagapp1 ~]$ /usr/local/nagios/libexec/check_http -V
check_http v2.0.3 (nagios-plugins 2.0.3)
[lxadmin@ymq-lpnagapp1 ~]$

Still going without proxy when i do tcpdump

[Box293]

Doing some reading I beleive you need to define the proxy server address with -I (capital i).

Assuming 192.168.185.36 is your proxy server address, try:

Code: Select all

/usr/local/nagios/libexec/check_http -I 192.168.185.36 -H www.lemonde.fr -b USER:PASS

If that doesn't work, can you try with -v please.

[castroi]

Hello,

It does not pass authentication:

[lxadmin@ymq-lpnagapp1 ~]$ /usr/local/nagios/libexec/check_http -H iata.my.salesforce.com -I proxy -p 8080 -w 10 -c 15 -b user:pass
HTTP OK: HTTP/1.1 307 Authentication Required - 568 bytes in 0.524 second response time |time=0.524017s;10.000000;15.000000;0.000000 size=568B;;;0
[lxadmin@ymq-lpnagapp1 ~]$

We used NTLM authentication.

Igor

[rkennedy]

Can you run it with the -v and post the output?

Code: Select all

/usr/local/nagios/libexec/check_http -H iata.my.salesforce.com -I proxy -p 8080 -w 10 -c 15 -b user:pass -v

[castroi]

Hello,

Here it is:

[lxadmin@ymq-lpnagapp1 ~]$ /usr/local/nagios/libexec/check_http -H iata.my.salesforce.com -I <PROXY> -p 8080 -w 10 -c 15 -b <USER:PASS> -v
GET / HTTP/1.1
User-Agent: check_http/v2.0.3 (nagios-plugins 2.0.3)
Connection: close
Host: iata.my.salesforce.com:8080
Accept: */*
Proxy-Authorization: Basic Y2FzdHJvaToxQVoyc3gzZGM0ZnY1Z2I=


http://<PROXY>:8080/ is 568 characters
STATUS: HTTP/1.1 307 Authentication Required
**** HEADER ****
Date: Tue, 08 Dec 2015 19:05:46 GMT
Connection: close
Via: 1.1 <PROXY>
Cache-Control: no-store
Content-Type: text/html
Content-Language: en
Location: http://<PROXY>:8080/auth/?du=aHR0cDovL2lhdGEubXkuc2FsZXNmb3JjZS5jb206ODA4MC8=
Content-Length: 243
**** CONTENT ****
<HEAD><TITLE>Authentication Required</TITLE></HEAD>
<BODY BGCOLOR="white" FGCOLOR="black"><H1>Authentication Required</H1><HR>
<FONT FACE="Helvetica,Arial"><B>
</B></FONT>
<HR>
<!-- default "Authentication Required" response (307) -->
</BODY>

HTTP OK: HTTP/1.1 307 Authentication Required - 568 bytes in 0.916 second response time |time=0.915624s;10.000000;15.000000;0.000000 size=568B;;;0
[lxadmin@ymq-lpnagapp1 ~]$

[rkennedy]

Do you have any special characters in your password?

[castroi]

Hello,

No, only digits,char and upper char.

Igor

[rkennedy]

Odd, can you try this?

Code: Select all

/usr/local/nagios/libexec/check_http -H <proxy> -p <proxyport> -b user:pass -u http://iata.my.salesforce.com -w 10 -c 15 -v

What kind of proxy is this authenticating to?