#!/bin/bash
#
# Modified the great original check_hping by Whit Blauvelt
#
# copyright Whit Blauvelt 18 Sept. 2012 - GPL3
# copyright Alessandro Cardia 5 Dec. 2019 - GPL3
#
# This script sends 3 TCP SYN pings to a host and compares response flags
# against "SA", "RA", or different.
# SYN ACK = OK, RESET ACK = CRITICAL, other = WARNING
#
# Usage : check_hping_syntcp DestHost TCPport
# 
# hping3 must be installed (e.g. "yum install hping").
# The user (e.g. "nagios") must have sudoers permission to run hping3
# The port may be any used by a TCP service on the host.
# 
# define command{
# 	command_name check_hping_syntcp
#       command_line $USER1$/check_hping_syntcp $HOSTADDRESS$ $ARG1$
#       }
#
# define service{
#       use                 generic-service
#       host_name           some-host
#       service_description TCP port 4602
#       check_command       check_hping_syntcp!4602
#       contact_groups      some-contact-group
#	}
#
###########################################################################

VERSION="check_hping_syn v0.02"

# edit to match location on system; hping2 should also work
HPING="/usr/sbin/hping3"

usage()
{
cat << EOF

Version: $VERSION

Usage: $0 [host] [tcp-port]

This script sends 3 TCP SYN pings to a host and compares response flags
against "SA", "RA", or different.
hping3 must be installed (e.g. "yum install hping").
The user (e.g. "nagios") must have sudoers permission to run hping3.
The port may be any used by a TCP service on the host.

EOF
}

RET="0"

#Check Host inputed
if [ ! -n "$1" ]
then
	echo "- Missing [host]"
	RET="1"
fi   

#Check TCP Port inputed
if [ ! -n "$2" ]
then
	echo "- Missing [tcp-port]"
	RET="1"
fi   

# Set Return Code
if [ $RET == "1" ]
then
	usage
	exit 3
fi

#CTRL - echo parms inputed
#echo IPADDRESS = $1
#echo TCPPORT = $2

#Exec command
PRE=`sudo ${HPING} -S $1 -p $2 -c 3 2>&1`

#CTRL - echo command output
#echo PRE = $PRE
#echo

A1=`echo $PRE | awk -F "=" '{ print $8 }'`
B1=${A1:0:2}
A2=`echo $PRE | awk -F "=" '{ print $17 }'`
B2=${A2:0:2}
A3=`echo $PRE | awk -F "=" '{ print $26 }'`
B3=${A3:0:2}

# CTRL - echo extracted variables
#echo B1=$B1
#echo B2=$B2
#echo B3=$B3
#echo

#Set default values
RES="Indeterminate"
RES1="Indeterminate"
SC="CRITICAL"
EX=2

#check flags responses and set RESult
if [ $B1 == $B2 -a $B1 == $B3 ]
then 
	RES=$B1
fi

#echo RES=$RES
#echo

#check SYN ACK
#set EXit SC and RESult1
if [ $RES == "SA" ]
then
	SC="OK"
	EX=0
	RES1="[SYN-ACK] TCP Port $2 on host $1 is open"
fi

#check RESET ACK
if [ $RES == "RA" ]
then
        RES1="[RESET-ACK] TCP Port $2 on host $1 is closed"
fi

#echo RES1=$RES1
#echo

echo "$SC: $RES1"
exit $EX