|
1 | 1 | #!/bin/bash |
2 | 2 |
|
3 | | -# This plugin checks for common network issues. Currently, it only checks |
4 | | -# if the conntrack table is full. |
| 3 | +# This plugin checks for common network issues. |
| 4 | +# Currently only checks if conntrack table is more than 90% used. |
5 | 5 |
|
6 | | -OK=0 |
7 | | -NONOK=1 |
8 | | -UNKNOWN=2 |
| 6 | +readonly OK=0 |
| 7 | +readonly NONOK=1 |
| 8 | +readonly UNKNOWN=2 |
9 | 9 |
|
10 | | -[ -f /proc/sys/net/ipv4/netfilter/ip_conntrack_max ] || exit $UNKNOWN |
11 | | -[ -f /proc/sys/net/ipv4/netfilter/ip_conntrack_count ] || exit $UNKNOWN |
| 10 | +# "nf_conntrack" replaces "ip_conntrack" - support both |
| 11 | +readonly NF_CT_COUNT_PATH='/proc/sys/net/netfilter/nf_conntrack_count' |
| 12 | +readonly NF_CT_MAX_PATH='/proc/sys/net/netfilter/nf_conntrack_max' |
| 13 | +readonly IP_CT_COUNT_PATH='/proc/sys/net/ipv4/netfilter/ip_conntrack_count' |
| 14 | +readonly IP_CT_MAX_PATH='/proc/sys/net/ipv4/netfilter/ip_conntrack_max' |
12 | 15 |
|
13 | | -conntrack_max=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max) |
14 | | -conntrack_count=$(cat /proc/sys/net/ipv4/netfilter/ip_conntrack_count) |
15 | | - |
16 | | -if (( conntrack_count >= conntrack_max )); then |
17 | | - echo "Conntrack table full" |
18 | | - exit $NONOK |
| 16 | +if [[ -f $NF_CT_COUNT_PATH ]] && [[ -f $NF_CT_MAX_PATH ]]; then |
| 17 | + readonly CT_COUNT_PATH=$NF_CT_COUNT_PATH |
| 18 | + readonly CT_MAX_PATH=$NF_CT_MAX_PATH |
| 19 | +elif [[ -f $IP_CT_COUNT_PATH ]] && [[ -f $IP_CT_MAX_PATH ]]; then |
| 20 | + readonly CT_COUNT_PATH=$IP_CT_COUNT_PATH |
| 21 | + readonly CT_MAX_PATH=$IP_CT_MAX_PATH |
| 22 | +else |
| 23 | + exit $UNKNOWN |
19 | 24 | fi |
20 | 25 |
|
21 | | -echo "Conntrack table available" |
22 | | -exit $OK |
| 26 | +readonly conntrack_count=$(< $CT_COUNT_PATH) || exit $UNKNOWN |
| 27 | +readonly conntrack_max=$(< $CT_MAX_PATH) || exit $UNKNOWN |
| 28 | +readonly conntrack_usage_msg="${conntrack_count} out of ${conntrack_max}" |
23 | 29 |
|
| 30 | +if (( conntrack_count > conntrack_max * 9 /10 )); then |
| 31 | + echo "Conntrack table usage over 90%: ${conntrack_usage_msg}" |
| 32 | + exit $NONOK |
| 33 | +else |
| 34 | + echo "Conntrack table usage: ${conntrack_usage_msg}" |
| 35 | + exit $OK |
| 36 | +fi |
0 commit comments