+++ /dev/null
-#!/usr/bin/env python
-
-import os
-import sys
-import socket
-import subprocess
-
-
-
-# Reverse DNS lookup - because the eapol_test command must have an IP address as input
-
-def resolv(hostname):
- try:
- host_ip = socket.gethostbyname(hostname)
- return host_ip
-
- except Exception as e:
- raise e
-
-
-
-# Used to get the username(identity), password, key_mgmt, eap and phase2 information needed to log into
-# the Radius service. This information can be found in the .zabbix_radius_config file in the home
-# directory of the user running this script.
-
-def get_config_file():
- config_file = os.getenv('HOME') + '/.zabbix_radius_config'
-
- if os.path.isfile(config_file):
- return config_file
-
- else:
- raise Exception("[ERROR]: The configuration file: %s does not exist" % config_file)
-
-
-
-# Get the secret needed to login to radius from the file .zabbix_radius_secret located in the home dir of the user running this script
-
-def get_secret_file():
- secret_file = os.getenv('HOME') + '/.zabbix_radius_secret'
-
- if os.path.isfile(secret_file):
- try:
- with open(secret_file,'r') as file:
- for line in file:
- radius_secret = line.rstrip()
- return radius_secret
-
- except Exception as e:
- raise Exception("Error: %s\n" % e)
-
- else:
- raise Exception("[ERROR]: The file with the radius secret: %s does not exist" % secret_file)
-
-
-
-# runs eapol_test and returns 0 for successfull login to radius, 1 for login errors and 2 for the rest.
-
-def run_test(command):
- try:
- p = subprocess.Popen(command,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
- out = p.communicate()[0]
- last_line = out.splitlines()[-1]
-
- if last_line == "FAILURE":
- return 1
- elif last_line == "SUCCESS":
- return 0
- else:
- return 2
-
- except Exception as e:
- raise Exception ("Error: %s\n" % e)
-
-
-
-# Puts together a eapol_test command pulling parameters from input and files
-# Default timeout of eapol_test is 30 seconds but here it is set to 10.
-
-if __name__ == "__main__":
- try:
- if len(sys.argv) == 3:
- command = ["eapol_test", "-c", get_config_file(), "-a", resolv(sys.argv[1]), "-p", sys.argv[2], "-s", get_secret_file(), "-t", "10"]
-
- print run_test(command)
-
- else:
- print "Error: Wrong number of parameters"
- print 'Format: ' + sys.argv[0] + ' <hostname>' + ' <port>'
- sys.exit(1)
-
- except Exception as e:
- sys.exit(2)
--- /dev/null
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+#
+# This script will try to log into a radius server and deliver the result to Zabbix
+# This script is a wrapper around eapol_test (part of wpa_supplicant package)
+# This script is executed on a Zabbix proxy with a interval defined in the Zabbix template Template-service-radius
+# This script must be located on the Zabbix proxy /var/lib/zabbix/externalscript/
+# This script will be distributed to Zabbix proxies by the rpm uio-zabbix
+#
+# This script requires a radius config file and a file containing the radius secret located in /var/lib/zabbix/
+#
+# The config file needed has the following syntax:
+# network={
+# identity="zabbix-test"
+# password="zabbix-password"
+# phase2="autheap=MSCHAPV2"
+# key_mgmt=IEEE8021X
+# eap=TTLS
+#}
+# This script will deliver 0 to Zabbix if login to radius was successful
+# This script will deliver 1 to Zabbix if login to radius failed
+# This script will deliver 2 to Zabbix if there is a general script
+# This script will deliver 3 if the config file or the file containing the secret is not found
+#
+
+
+
+import os
+import sys
+import socket
+import subprocess
+
+
+
+
+
+#
+# Reverse DNS lookup - because the eapol_test is unable to run on a hostname and must have the IP
+#
+
+def resolv(hostname):
+
+ try:
+
+ host_ip = socket.gethostbyname(hostname)
+
+ return host_ip
+
+
+ except Exception as e:
+ return 2
+ sys.exit(1)
+
+
+
+#
+# Used to get the username(identity), password, key_mgmt, eap and phase2 information needed to log into
+# the Radius service. This information can be found in the .zabbix_radius_config file in the home
+# directory of the user running this script.
+#
+
+def get_config_file():
+
+ config_file = '/var/lib/zabbix/.zabbix_radius_config'
+
+ try:
+
+ if os.path.isfile(config_file):
+
+ return config_file
+
+ else:
+ return 3
+ sys.exit(1)
+
+
+ except Exception as e:
+ return 2
+ sys.exit(1)
+
+
+
+#
+# Get the secret needed to login to radius from the file .zabbix_radius_secret located in the home dir of the user running this script
+#
+
+def get_secret_file():
+
+ secret_file = '/var/lib/zabbix/.zabbix_radius_secret'
+
+ try:
+
+ if os.path.isfile(secret_file):
+ with open(secret_file,'r') as file:
+ for line in file:
+ radius_secret = line.rstrip()
+
+ return radius_secret
+
+ else:
+ return 3
+ sys.exit(1)
+
+
+ except Exception as e:
+ return 2
+ sys.exit(1)
+
+
+
+#
+# runs eapol_test and returns 0 for successfull login to radius, 1 for login errors and 2 for the rest.
+#
+
+def run_test(command):
+
+ try:
+
+ p = subprocess.Popen(command,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
+ out = p.communicate()[0]
+
+ last_line = out.splitlines()[-1]
+
+ if last_line == "FAILURE":
+ return 1
+
+ elif last_line == "SUCCESS":
+ return 0
+
+ else:
+ return 2
+
+
+ except Exception as e:
+ return 2
+ sys.exit(1)
+
+
+
+#
+# Puts together a eapol_test command pulling parameters from input and files
+# Default timeout of eapol_test is 30 seconds but here it is set to 10
+#
+
+if __name__ == "__main__":
+
+ try:
+
+ if len(sys.argv) == 3:
+
+ command = ["eapol_test", "-c", get_config_file(), "-a", resolv(sys.argv[1]), "-p", sys.argv[2], "-s", get_secret_file(), "-t", "10"]
+
+ print run_test(command)
+
+ else:
+ print "Error: Wrong number of parameters"
+ print 'Format: ' + sys.argv[0] + ' <hostname>' + ' <port>'
+ sys.exit(1)
+
+ except Exception as e:
+ print(e)
+ sys.exit(1)