diff --git a/README.md b/README.md
index 0ddcade9da48f4ae7fa3c0f09a742abec2fa9a3b..de66089b2c9903e1302f52b01d580506647e111f 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-[PACKAGE]: ../../raw/master/mkp/check_radius-0.1.0-20240428.mkp "check_radius-0.1.0-20240428.mkp"
+[PACKAGE]: ../../raw/master/mkp/check_radius-0.1.1-20240428.mkp "check_radius-0.1.1-20240428.mkp"
[PYRADLIB]: ../../raw/master/mkp/pyrad-2.4.0-240421.mkp "pyrad-2.4.0-240421.mkp"
This is a (very) basic active RADIUS check. Tests if a RADIUS server is responsive (accept/reject/timeout). There is (limited) support to add AV-pairs to the RADIUS request.
diff --git a/mkp/check_radius-0.1.1-20240428.mkp b/mkp/check_radius-0.1.1-20240428.mkp
new file mode 100644
index 0000000000000000000000000000000000000000..eb41f06b9cd46531cfa8f267a7cf3d78e009815a
Binary files /dev/null and b/mkp/check_radius-0.1.1-20240428.mkp differ
diff --git a/source/gui/metrics/check_radius.py b/source/gui/metrics/check_radius.py
index 67790d936ba06f7cb8f4428512b353c4ffd0da2b..73f5873d787d8b0157774acb67a4122759f41edc 100644
--- a/source/gui/metrics/check_radius.py
+++ b/source/gui/metrics/check_radius.py
@@ -3,6 +3,7 @@
#
# License: GNU General Public License v2
#
+#
# Author: thl-cmk[at]outlook[dot]com
# URL : https://thl-cmk.hopto.org
# Date : 2024-04-21
@@ -38,6 +39,6 @@ graph_info['check_radius_time'] = {
perfometer_info.append({
'type': 'logarithmic',
'metric': 'radius_response_time',
- 'half_value': 1.0,
- 'exponent': 10.0,
+ 'half_value': 0.1, # 100 ms
+ 'exponent': 2.0,
})
diff --git a/source/gui/wato/check_parameters/check_radius.py b/source/gui/wato/check_parameters/check_radius.py
index 71dd1d8c8eb0d373222188b480412f94e70da35e..c3092ecee7bb52f391faba2c9504e597abad67eb 100644
--- a/source/gui/wato/check_parameters/check_radius.py
+++ b/source/gui/wato/check_parameters/check_radius.py
@@ -6,7 +6,7 @@
#
# Author: thl-cmk[at]outlook[dot]com
# URL : https://thl-cmk.hopto.org
-# Date : 2022-10-04
+# Date : 2024-04-21
# File : wato/active_checks_radius.py
#
# 2024-01-01: modified for cmk 2.2.x
@@ -159,6 +159,18 @@ _service_type = Tuple(
),
],
)
+_cisco_av_pair = Tuple(
+ title='Cisco-AVPair',
+ orientation='horizontal',
+ elements=[
+ FixedValue('Cisco-AVPair'),
+ TextInput(
+ size=20,
+ placeholder='method=mab',
+ allow_empty=False,
+ ),
+ ],
+)
def _valuespec_active_checks_radius():
@@ -237,6 +249,7 @@ def _valuespec_active_checks_radius():
elements=[
_called_station_id,
_calling_station_id,
+ _cisco_av_pair,
_framed_mtu,
_nas_identifier,
_nas_ip_address,
diff --git a/source/lib/nagios/plugins/check_radius b/source/lib/nagios/plugins/check_radius
index 2147c1fb272c5e898485f36d218cd8947869ed58..79568a9aa11d8421b98513a86b0afbd3c9c42751 100755
--- a/source/lib/nagios/plugins/check_radius
+++ b/source/lib/nagios/plugins/check_radius
@@ -57,7 +57,7 @@ class Args(Namespace):
state_not_expected_response: int
-VERSION = '0.1.0-20240428'
+VERSION = '0.1.1-20240428'
cmk_state = {
0: '',
@@ -74,7 +74,7 @@ response_str = {
def parse_arguments(argv: Sequence[str]) -> Args:
def _av_pair(s):
try:
- name, value = s.split(':')
+ name, value = s.split(':', 1)
return name, value
except ValueError:
raise ArgumentTypeError("AV-Pairs must be in the form of name:vale")
@@ -106,18 +106,18 @@ def parse_arguments(argv: Sequence[str]) -> Args:
help='secret RADIUS key',
)
parser.add_argument(
- '--username', default='dummyuser', required=True,
+ '--username', default='dummyuser',
help='user name to test with',
)
parser.add_argument(
- '--password', default='dummypassword', required=True,
+ '--password', default='dummypassword',
help='user password to test with',
)
#
# optional request parameters
#
parser.add_argument(
- '--auth_port', type=int, default=1812,
+ '--auth-port', type=int, default=1812,
help='RADIUS authentication port to use.',
)
parser.add_argument(
@@ -197,7 +197,7 @@ def main(args=None):
for av_pair in args.request_attribute:
name, value = av_pair[0]
try:
- rad_req[name] = value
+ rad_req.AddAttribute(name, value)
except TypeError:
sys_stdout.write(
f'WARNING: attribute value must be the real value not the name of the '
@@ -233,7 +233,7 @@ def main(args=None):
long_output.append(message)
# third: check response time
- message = f'Response time {response_time * 1000:.0f}ms'
+ message = f'Response time {response_time * 1000:.0f} ms'
if args.max_response_time:
warn, crit = args.max_response_time
warn = warn
diff --git a/source/lib/nagios/plugins/dictionary b/source/lib/nagios/plugins/dictionary
index 125de2fc6581f18a66137b2e1ebddc3d3a05c292..f7a30cae93b7d47c1697415fa6dce42e35c6179c 100755
--- a/source/lib/nagios/plugins/dictionary
+++ b/source/lib/nagios/plugins/dictionary
@@ -444,3 +444,14 @@ VALUE Tunnel-Medium-Type Appletalk 12
VALUE Tunnel-Medium-Type DecNet-IV 13
VALUE Tunnel-Medium-Type Banyan-Vines 14
VALUE Tunnel-Medium-Type E.164-NSAP 15
+
+#
+# Cisco AV Pair
+#
+VENDOR Cisco 9
+
+BEGIN-VENDOR Cisco
+
+ATTRIBUTE Cisco-AVPair 1 string
+
+END-VENDOR Cisco
diff --git a/source/lib/nagios/plugins/dictionary.freeradius b/source/lib/nagios/plugins/dictionary.freeradius
deleted file mode 100755
index dc9fb226c925015c2165b2774e67c02ac63c10a0..0000000000000000000000000000000000000000
--- a/source/lib/nagios/plugins/dictionary.freeradius
+++ /dev/null
@@ -1,91 +0,0 @@
-# -*- text -*-
-# Copyright (C) 2015 The FreeRADIUS Server project and contributors
-#
-# The FreeRADIUS Vendor-Specific dictionary.
-#
-# Version: $Id: ea468da88509aeff96b6f0d38ebc97411b9775b3 $
-#
-# For a complete list of Private Enterprise Codes, see:
-#
-# http://www.isi.edu/in-notes/iana/assignments/enterprise-numbers
-#
-
-VENDOR FreeRADIUS 11344
-
-BEGIN-VENDOR FreeRADIUS
-
-#
-# This attribute is really a bitmask.
-#
-ATTRIBUTE FreeRADIUS-Statistics-Type 127 integer
-
-VALUE FreeRADIUS-Statistics-Type None 0
-VALUE FreeRADIUS-Statistics-Type Authentication 1
-VALUE FreeRADIUS-Statistics-Type Accounting 2
-VALUE FreeRADIUS-Statistics-Type Proxy-Authentication 4
-VALUE FreeRADIUS-Statistics-Type Proxy-Accounting 8
-VALUE FreeRADIUS-Statistics-Type Internal 0x10
-VALUE FreeRADIUS-Statistics-Type Client 0x20
-VALUE FreeRADIUS-Statistics-Type Server 0x40
-VALUE FreeRADIUS-Statistics-Type Home-Server 0x80
-
-VALUE FreeRADIUS-Statistics-Type Auth-Acct 0x03
-VALUE FreeRADIUS-Statistics-Type Proxy-Auth-Acct 0x0c
-
-VALUE FreeRADIUS-Statistics-Type All 0x1f
-
-#
-# FreeRADIUS statistic result attributes
-#
-ATTRIBUTE FreeRADIUS-Total-Access-Requests 128 integer
-ATTRIBUTE FreeRADIUS-Total-Access-Accepts 129 integer
-ATTRIBUTE FreeRADIUS-Total-Access-Rejects 130 integer
-ATTRIBUTE FreeRADIUS-Total-Access-Challenges 131 integer
-ATTRIBUTE FreeRADIUS-Total-Auth-Responses 132 integer
-ATTRIBUTE FreeRADIUS-Total-Auth-Duplicate-Requests 133 integer
-ATTRIBUTE FreeRADIUS-Total-Auth-Malformed-Requests 134 integer
-ATTRIBUTE FreeRADIUS-Total-Auth-Invalid-Requests 135 integer
-ATTRIBUTE FreeRADIUS-Total-Auth-Dropped-Requests 136 integer
-ATTRIBUTE FreeRADIUS-Total-Auth-Unknown-Types 137 integer
-
-ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Requests 138 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Accepts 139 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Rejects 140 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Access-Challenges 141 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Responses 142 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Duplicate-Requests 143 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Malformed-Requests 144 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Invalid-Requests 145 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Dropped-Requests 146 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Auth-Unknown-Types 147 integer
-
-ATTRIBUTE FreeRADIUS-Total-Accounting-Requests 148 integer
-ATTRIBUTE FreeRADIUS-Total-Accounting-Responses 149 integer
-ATTRIBUTE FreeRADIUS-Total-Acct-Duplicate-Requests 150 integer
-ATTRIBUTE FreeRADIUS-Total-Acct-Malformed-Requests 151 integer
-ATTRIBUTE FreeRADIUS-Total-Acct-Invalid-Requests 152 integer
-ATTRIBUTE FreeRADIUS-Total-Acct-Dropped-Requests 153 integer
-ATTRIBUTE FreeRADIUS-Total-Acct-Unknown-Types 154 integer
-
-ATTRIBUTE FreeRADIUS-Total-Proxy-Accounting-Requests 155 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Accounting-Responses 156 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Duplicate-Requests 157 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Malformed-Requests 158 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Invalid-Requests 159 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Dropped-Requests 160 integer
-ATTRIBUTE FreeRADIUS-Total-Proxy-Acct-Unknown-Types 161 integer
-
-ATTRIBUTE FreeRADIUS-Queue-Len-Internal 162 integer
-ATTRIBUTE FreeRADIUS-Queue-Len-Proxy 163 integer
-ATTRIBUTE FreeRADIUS-Queue-Len-Auth 164 integer
-ATTRIBUTE FreeRADIUS-Queue-Len-Acct 165 integer
-ATTRIBUTE FreeRADIUS-Queue-Len-Detail 166 integer
-
-ATTRIBUTE FreeRADIUS-Stats-Start-Time 176 date
-ATTRIBUTE FreeRADIUS-Stats-HUP-Time 177 date
-
-ATTRIBUTE FreeRADIUS-Queue-PPS-In 181 integer
-ATTRIBUTE FreeRADIUS-Queue-PPS-In 182 integer
-
-
-END-VENDOR FreeRADIUS
\ No newline at end of file
diff --git a/source/packages/check_radius b/source/packages/check_radius
index bff1f3c988c75b7826db24dbb66a2de962974128..7bbd0d9f0586195edf103d66f1957d02c39f6099 100644
--- a/source/packages/check_radius
+++ b/source/packages/check_radius
@@ -6,17 +6,16 @@
' - (limited) support to add AV-pairs to the RADIUS request\n'
' - checks response code, response time and number of response '
'attributes\n'
- '\n',
+ '\n'
+ 'NOTE: this plugin needs _pyrad_ to work.\n',
'download_url': 'https://thl-cmk.hopto.org',
'files': {'checks': ['check_radius'],
'gui': ['metrics/check_radius.py',
'wato/check_parameters/check_radius.py'],
- 'lib': ['nagios/plugins/check_radius',
- 'nagios/plugins/dictionary',
- 'nagios/plugins/dictionary.freeradius']},
+ 'lib': ['nagios/plugins/check_radius', 'nagios/plugins/dictionary']},
'name': 'check_radius',
'title': 'Check RADIUS',
- 'version': '0.1.0-20240428',
+ 'version': '0.1.1-20240428',
'version.min_required': '2.2.0b1',
'version.packaged': '2.2.0p24',
'version.usable_until': None}