Merge branch 'ent-11770-revisar-plugin-dns' into 'develop'

Error Handling,Validation of IP Input,getopts is used to parse command line... See merge request artica/pandorafms!6299
2025-07-28 16:24:54 +02:00 · 2024-03-19 10:52:28 +00:00 · 2024-03-19 10:52:28 +00:00 · 029b959d20
commit 029b959d20
parent 4523eb87ed 1f2a220a8c
1 changed files with 96 additions and 64 deletions
--- a/pandora_server/util/plugin/dns_plugin.sh
+++ b/pandora_server/util/plugin/dns_plugin.sh
@ -1,83 +1,115 @@
 #!/bin/bash
 # DNS Plugin Pandora FMS Server plugin
 # (c) Antonio Delgado, Sancho Lerena 2010
-# Hint: Use this DNS servers as reference:
+# Default variables
-# Google: 8.8.8.8
+TIMEOUT_DURATION=15
 # Telefonica: 194.179.1.101
 function help {
        echo -e "DNS Plugin for Pandora FMS Plugin server. http://pandorafms.com" 
        echo " "
        echo "This plugin is used to check if a specific domain return a specific IP "
        echo -e "address, and to check how time (milisecs) takes the DNS to answer. \n"
        echo -e "Syntax:" 
        echo -e "\t\t-d domain to check"
        echo -e "\t\t-i IP address to check with domain"
        echo -e "\t\t-s DNS Server to check"
        echo -e "\t\t-t Do a DNS time response check instead DNS resolve test"
        echo -e "Samples:"
        echo "   ./dns_plugin.sh -d artica.es -i 69.163.176.17 -s 8.8.8.8"
        echo "   ./dns_plugin.sh -d artica.es -t -s 8.8.8.8"
        echo ""
        exit
 }
 if [ $# -eq 0 ]
 then
        help
 fi
 TIMEOUT_CHECK=0
 DOMAIN_CHECK=""
 IP_CHECK=""
 DNS_CHECK=""
 DOMAIN_CHECK=""
 TIME_CHECK=0
-# Main parsing code
+# Regular expression to validate IP address
-while getopts ":htd:i:s:" optname
+IP_REGEX="^(25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[0-1]?[0-9][0-9]?)$"
-  do
+
-    case "$optname" in
+# Function to display help with command-line options
-      "h")
+function show_help {
-                help
+    echo "DNS Plugin for Pandora FMS Plugin server. http://pandorafms.com"
-        ;;
+    echo " "
-      "d")
+    echo "This plugin is used to check if a specific domain returns a specific IP address,"
    echo "and to check how much time (in milliseconds) it takes the DNS to answer."
    echo " "
    echo "Syntax:"
    echo "    -d domain to check"
    echo "    -i IP address to check with the domain"
    echo "    -s DNS Server to check"
    echo "    -t Do a DNS time response check instead of a DNS resolve test"
    echo " "
    echo "Samples:"
    echo "    ./dns_plugin.sh -d example.com -i 192.168.1.1 -s 8.8.8.8"
    echo "    ./dns_plugin.sh -d example.com -t -s 8.8.8.8"
    exit 1
 }
 # Function to perform DNS query and get IP addresses
 function do_dns_query {
    results=$(timeout "${TIMEOUT_DURATION}s" dig "@$DNS_CHECK" +nocmd "$DOMAIN_CHECK" +multiline +answer A)
    echo "$results"
 }
 # Command-line argument processing with getopts
 while getopts ":htd:i:s:" opt; do
    case "$opt" in
        d)
            DOMAIN_CHECK=$OPTARG
            ;;
-      "t")
+        i)
-                TIMEOUT_CHECK=1
+            # Validate the provided IP address
-        ;;
+            if [[ $OPTARG =~ $IP_REGEX ]]; then
      "i")
                IP_CHECK=$OPTARG
            else
                echo "The provided IP address is incorrect: $OPTARG" >&2
                echo "-1"
                exit 1
            fi
            ;;
-      "s")
+        s)
            # Validate the DNS server IP address
            if [[ $OPTARG =~ $IP_REGEX ]]; then
                DNS_CHECK=$OPTARG
            else
                echo "The provided DNS server IP address is incorrect: $OPTARG" >&2
                echo "-1"
                exit 1
            fi
            ;;
        t)
            TIME_CHECK=1
            ;;
        ?)
-                help
+            show_help
            ;;
      default)
                help
        ;;
    esac
 done
-if [ -z "$DNS_CHECK" ]
+# Check if all necessary values are provided
-then
+if [ -z "$DOMAIN_CHECK" ] || ([ -z "$IP_CHECK" ] && [ $TIME_CHECK -eq 0 ]) || [ -z "$DNS_CHECK" ]; then
-        help
+    echo "Missing or incomplete arguments." >&2
    echo "-1"
    show_help
 fi
 # Check if time response check should be performed
 if [ $TIME_CHECK -eq 1 ]; then
    results=$(do_dns_query)
    RETURN_TIME=$(echo "$results" | awk '/Query time:/ {print $4}')
    echo "$RETURN_TIME"
    exit 0
 fi
-results=`dig @$DNS_CHECK +nocmd $DOMAIN_CHECK +multiline +noall +answer A`
+# Check if IP address check should be performed
-targets=`echo "$results"| awk '{print $5}'`
+if [ -n "$IP_CHECK" ]; then
    results=$(do_dns_query)
    targets=$(echo "$results" | awk '{print $5}')
    found=0
    for x in $targets; do
        if [ "$x" == "$IP_CHECK" ]; then
-                echo 1
+            found=1
-                exit 0
+            break
        fi
    done
-echo 0
+    if [ "$found" -eq 0 ]; then
        echo "0"
    else
        echo "1"
    fi
 else
    # Show error if IP to check is not specified
    echo "No IP to check was specified for the domain: $DOMAIN_CHECK" >&2
    echo "-1"
    exit 1
 fi
 exit 0