#!/usr/libexec/platform-python # -*- coding: utf-8 -*- #from __future__ import print_function import os, sys import requests, json, urllib3 from os import R_OK from os.path import isfile def check_ncbl_via_api(warning, critical, tkn, urlpath): ips = [] IpsFileName = os.path.join(os.path.realpath(os.path.join(os.getcwd(), os.path.dirname(sys.argv[0]))), '/etc/outgoingmailip') if not (isfile(IpsFileName) and os.access(IpsFileName, R_OK)): print("IPs file doesn't exist or isn't readable: " + IpsFileName) exit(3) try: if os.path.getsize(IpsFileName) > 0: with open(IpsFileName, 'r') as fin: ips = fin.read().splitlines() else: print("IPs file is empty") exit(3) except OSError as e: print("Error reading IPs file: %s" % e) exit(3) res = [] check_summ = [] infoCR = {} infoWA = {} import requests, json, urllib3 hdrs = {"accept": "application/json", "Authorization": "Token " + tkn} for ip in ips: url = urlpath + str(ip).rstrip() try: r = requests.get(url, headers=hdrs, allow_redirects=False, timeout=2) if r.status_code == 200: resp = r.json() if resp['total_score'] > 0: feeds = {} weight = [] for item in resp['ip_reputation']: if not item['source']['source_name'].encode('ascii','ignore') in feeds: feeds[item['source']['source_name'].encode('ascii','ignore')] = item['source']['weight'] else: feeds.update({item['source']['source_name'].encode('ascii','ignore'): feeds[item['source']['source_name'].encode('ascii','ignore')] + item['source']['weight']}) weight.append(item['source']['weight']) res.append("IP {0}: {1}.".format(str(ip.rstrip()), feeds)) check_summ.append(sum(weight)) if sum(weight) >= critical: infoCR["IP: " + str(ip.rstrip()) + ", CRIT"] = sum(weight) else: infoWA["IP: " + str(ip.rstrip()) + ", WARN"] = sum(weight) else: print("Request to ASP API not OK. Status code: " + str(r.status_code)) print(r.text) exit(3) except requests.ConnectionError as e: print("Connection failed to: " + url + " \n" + str(e)) exit(2) if res: if critical > max(check_summ) >= warning: for key, value in sorted(infoWA.items(), key=lambda item: item[1], reverse=True): print("%s: %s. " % (key, value), end="") print(" (via API)") print("\n".join(res)) raise exit(1) elif max(check_summ) >= critical: for key, value in sorted(infoCR.items(), key=lambda item: item[1], reverse=True): print("%s: %s. " % (key, value), end="") print(" (via API)") print("\n".join(res)) raise exit(2) else: print("OK (SpamScore only " + str(max(check_summ)) + " via API)") raise exit(0) else: print("OK (via API)") raise exit(0) if __name__ == '__main__': import argparse parser = argparse.ArgumentParser(description='Outgoing mail IP reputation status') parser.add_argument("-w", "--warning", type=int, default=49, help="Default is 49.") parser.add_argument("-c", "--critical", type=int, default=50, help="Default is 50.") parser.add_argument("-n", "--token", type=str, default="XXX", help="Auth ASP API token") parser.add_argument("-p", "--urlpath", type=str, default="https://phx01ext-ncbl02.et.namecheap.tech:59443/ncbl/v1/ip_reputation/", help="URL path for APS API") args = parser.parse_args() check_ncbl_via_api(args.warning, args.critical, args.token, args.urlpath)