check_udp return CRITICAL -Socket timeout

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
tastas
Posts: 8
Joined: Wed Aug 09, 2017 12:05 pm

check_udp return CRITICAL -Socket timeout

Post by tastas »

I need some assistance with the check_udp plugin. I am trying to send a HEX string "02 33 34 41 38 20 20 31 32 33 34 35 20 73 30 37 30 30 30 33 30 20 0D" and get a "02 31 32 33 34 35 06 0D" back. I get CRITICAL - Socket timeout every time. See below. I used a packet sender tool and it works. See blow.

Code: Select all

/usr/local/nagios/libexec/check_udp -v -H 10.200.6.195 -p 2001 -w 60 -s "02 33 34 41 38 20 20 31 32 33 34 35 20 73 30 37 30 30 30 33 30 20 0D" -e "02 31 32 33 34 35 06 0D"
Using service UDP
Port: 2001
flags: 0x6
Send string: 02 33 34 41 38 20 20 31 32 33 34 35 20 73 30 37 30 30 30 33 30 20 0D
server_expect_count: 1
        0: 02 31 32 33 34 35 06 0D
CRITICAL - Socket timeout

I tried it with the Packet Sender tool and it does get a response.

Code: Select all

TIME	From IP	From Port	To IP	To Port	Method	Error	ASCII	Hex
13:00:35.264	You	59902	10.200.6.195	2001	UDP		\0234A8  12345 s0700030 \r	02 33 34 41 38 20 20 31 32 33 34 35 20 73 30 37 30 30 30 33 30 20 0d	
13:00:35.300	10.200.6.195	2001	You	59902	UDP		\0212345\06\r	02 31 32 33 34 35 06 0D 	
Any assistance greatly appreciated.

Thank you.
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: check_udp return CRITICAL -Socket timeout

Post by cdienger »

Is the sender tool on the XI machine? What does a tcpdump show:

yum -y install tcpdump
tcpdump -i any port 2001

?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
tastas
Posts: 8
Joined: Wed Aug 09, 2017 12:05 pm

Re: check_udp return CRITICAL -Socket timeout

Post by tastas »

This is the output of the tcpdump

Code: Select all

[root@monitor]# tcpdump -i any port 2001
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
13:05:54.347220 IP (tos 0x0, ttl 64, id 15029, offset 0, flags [DF], proto UDP (17), length 96)
    monitor.example.com.45501 > dmp.example.com.wizard: [bad udp cksum 0x30ce -> 0x2955!] UDP, length 68
I tried $, \\, \t, \r and \x. None of it worked. The send string still show up as text. I need to encode the send string as HEX; not standard text.

$

Code: Select all

[root@monitor]# /usr/local/nagios/libexec/check_udp -v -H 10.200.6.195 -p 2001 -w 60 -s "$02$33$34$41$38$20$20$31$32$33$34$35$20$73$30$37$30$30$30$33$30$20$0D" -e "02 31 32 33 34 35 06 0D"
Using service UDP
Port: 2001
flags: 0x6
Send string: -bash2341800123450307000300-bashD
server_expect_count: 1
        0: 02 31 32 33 34 35 06 0D
CRITICAL - Socket timeout
\\

Code: Select all

[root@monitor]# /usr/local/nagios/libexec/check_udp -H 10.101.6.195 -v -p 2001 -s "\\02\\33\\34\\41\\38\\20\\20\\31\\32\\33\\34\\35\\20\\73\\30\\37\\30\\30\\30\\33\\30\\20\\0d" -e "\\0212345\\06"
Using service UDP
Port: 2001
flags: 0x2
Send string: \02\33\34\41\38\20\20\31\32\33\34\35\20\73\30\37\30\30\30\33\30\20\0d
server_expect_count: 1
        0: \0212345\06
CRITICAL - Socket timeout

\t

Code: Select all

[root@monitor]# /usr/local/nagios/libexec/check_udp -H 10.101.6.195 -p 2001 -v -s "\t02\t33\t34\t41\t38\t20\t20\t31\t32\t33\t34\t35\t20\t73\t30\t37\t30\t30\t30\t33\t30\t20\t0d" -e "\\0212345\\06"
Using service UDP
Port: 2001
flags: 0x2
Send string: \t02\t33\t34\t41\t38\t20\t20\t31\t32\t33\t34\t35\t20\t73\t30\t37\t30\t30\t30\t33\t30\t20\t0d
server_expect_count: 1
        0: \0212345\06
CRITICAL - Socket timeout

\r

Code: Select all

[root@monitor]# /usr/local/nagios/libexec/check_udp -H 10.101.6.195 -p 2001 -v -s "\r02\r33\r34\r41\r38\r20\r20\r31\r32\r33\r34\r35\r20\r73\r30\r37\r30\r30\r30\r33\r30\r20\r0d" -e "\\0212345\\06"
Using service UDP
Port: 2001
flags: 0x2
Send string: \r02\r33\r34\r41\r38\r20\r20\r31\r32\r33\r34\r35\r20\r73\r30\r37\r30\r30\r30\r33\r30\r20\r0d
server_expect_count: 1
        0: \0212345\06
CRITICAL - Socket timeout
\x

Code: Select all

[root@monitorj]# /usr/local/nagios/libexec/check_udp -H 10.101.6.195 -p 2001 -v -s "\x02\x33\x34\x41\x38\x20\x20\x31\x32\x33\x34\x35\x20\x73\x30\x37\x30\x30\x30\x33\x30\x20\x0d" -e "\\0212345\\06"
Using service UDP
Port: 2001
flags: 0x2
Send string: \x02\x33\x34\x41\x38\x20\x20\x31\x32\x33\x34\x35\x20\x73\x30\x37\x30\x30\x30\x33\x30\x20\x0d
server_expect_count: 1
        0: \0212345\06
CRITICAL - Socket timeout
Anyone know of a way to encode the send string as HEX using check_udp? The way I tried sending hex from the monitoring system which is recognized by the destination is

Code: Select all

echo '023730353820203132333435207330373030303033200d' | xxd -r -p |nc -u -v -w 15 10.101.6.195 2001

Code: Select all

[root@monitor]# tcpdump -vv -i any port 2001
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
13:30:07.073763 IP (tos 0x0, ttl 64, id 35790, offset 0, flags [DF], proto UDP (17), length 51)
    monitor.example.com.55030 > dmp.example.com.wizard: [bad udp cksum 0x303e -> 0x0e8a!] UDP, length 23
13:30:07.214791 IP (tos 0x0, ttl 126, id 10081, offset 0, flags [none], proto UDP (17), length 36)
    dmp.example.com.wizard > monitor.example.com.55030: [udp sum ok] UDP, length 8

Thank you.
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: check_udp return CRITICAL -Socket timeout

Post by cdienger »

-E can be used for control characters(0x02 and \r), but is limited to \n, \r, \t, or \, and only for the send or quit strings. It would need to be updated to recognize 0x02 and likely to recognize control characters in the expect string as well.

I'm installing the latest plugins - 2.2.1(https://www.nagios.org/downloads/nagios-plugins/) to test and will file a feature request if the feature isn't available.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: check_udp return CRITICAL -Socket timeout

Post by cdienger »

The new version didn't work the way we wanted it to so I've filed:

https://github.com/nagios-plugins/nagio ... issues/363
https://github.com/nagios-plugins/nagio ... issues/364

As you've seen and tested, you can send the string you want with some other commands which can easily be included in a bash script. Only a few more steps would be needed to turn it into a custom plugin:

https://exchange.nagios.org/directory/T ... pt/details
https://assets.nagios.com/downloads/nag ... inapi.html
https://assets.nagios.com/downloads/nag ... inapi.html
http://nagios-plugins.org/doc/guidelines.html

Are some useful documents to help get you started if this is something you'd like to try.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Locked