Current File : //lib64/nagios/plugins/nccustom/check-outmailip-rbl.py
#!/usr/libexec/platform-python
# -*- coding: utf-8 -*-
#from __future__ import print_function

import os, sys
import requests, json, urllib3
from os import R_OK
from os.path import isfile

def check_ncbl_via_api(warning, critical, tkn, urlpath):
    ips = []
    IpsFileName = os.path.join(os.path.realpath(os.path.join(os.getcwd(), os.path.dirname(sys.argv[0]))),
                              '/etc/outgoingmailip')
    if not (isfile(IpsFileName) and os.access(IpsFileName, R_OK)):
        print("IPs file doesn't exist or isn't readable: " + IpsFileName)
        exit(3)
    try:
        if os.path.getsize(IpsFileName) > 0:
            with open(IpsFileName, 'r') as fin:
                ips = fin.read().splitlines()
        else:
            print("IPs file is empty")
            exit(3)
    except OSError as e:
        print("Error reading IPs file: %s" % e)
        exit(3)

    res = []
    check_summ = []
    infoCR = {}
    infoWA = {}
    import requests, json, urllib3
    hdrs = {"accept": "application/json", "Authorization": "Token " + tkn}
    for ip in ips:
        url = urlpath + str(ip).rstrip()
        try:
            r = requests.get(url, headers=hdrs, allow_redirects=False, timeout=2)
            if r.status_code == 200:
                resp = r.json()
                if resp['total_score'] > 0:
                    feeds = {}
                    weight = []
                    for item in resp['ip_reputation']:
                        if not item['source']['source_name'].encode('ascii','ignore') in feeds:
                            feeds[item['source']['source_name'].encode('ascii','ignore')] = item['source']['weight']
                        else:
                            feeds.update({item['source']['source_name'].encode('ascii','ignore'): feeds[item['source']['source_name'].encode('ascii','ignore')] + item['source']['weight']})
                        weight.append(item['source']['weight'])
                    res.append("IP {0}: {1}.".format(str(ip.rstrip()), feeds))
                    check_summ.append(sum(weight))
                    if sum(weight) >= critical:
                        infoCR["IP: " + str(ip.rstrip()) + ", CRIT"] = sum(weight)
                    else:
                        infoWA["IP: " + str(ip.rstrip()) + ", WARN"] = sum(weight)
            else:
                print("Request to ASP API not OK. Status code: " + str(r.status_code))
                print(r.text)
                exit(3)
        except requests.ConnectionError as e:
            print("Connection failed to: " + url + " \n" + str(e))
            exit(2)
    if res:
        if critical > max(check_summ) >= warning:
            for key, value in sorted(infoWA.items(), key=lambda item: item[1], reverse=True):
                print("%s: %s. " % (key, value), end="")
            print(" (via API)")
            print("\n".join(res))
            raise exit(1)
        elif max(check_summ) >= critical:
            for key, value in sorted(infoCR.items(), key=lambda item: item[1], reverse=True):
                print("%s: %s. " % (key, value), end="")
            print(" (via API)")
            print("\n".join(res))
            raise exit(2)
        else:
            print("OK (SpamScore only " + str(max(check_summ)) + " via API)")
            raise exit(0)
    else:
        print("OK (via API)")
        raise exit(0)


if __name__ == '__main__':
    import argparse

    parser = argparse.ArgumentParser(description='Outgoing mail IP reputation status')
    parser.add_argument("-w", "--warning", type=int, default=49, help="Default is 49.")
    parser.add_argument("-c", "--critical", type=int, default=50, help="Default is 50.")
    parser.add_argument("-n", "--token", type=str, default="XXX", help="Auth ASP API token")
    parser.add_argument("-p", "--urlpath", type=str, default="https://phx01ext-ncbl02.et.namecheap.tech:59443/ncbl/v1/ip_reputation/", 
                        help="URL path for APS API")

    args = parser.parse_args()
    check_ncbl_via_api(args.warning, args.critical, args.token, args.urlpath)