[CHECK_DIG] PTR record check not working

Jonathan Angliss jon at netdork.net
Tue Jul 26 03:07:29 CEST 2011

Previous message: [CHECK_DIG] PTR record check not working
Next message: [CHECK_DIG] PTR record check not working
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 07/25/11 08:37, Chris C wrote:
> Hi guys,
> I am having trouble getting a PTR record check working with check_dig
>
> check_dig fails....
> check_dig -H "8.8.8.8" -l "74.203.101.150" -T "PTR" -v
> /usr/bin/dig @8.8.8.8 -p 53 74.203.101.150 -t PTR
> Looking for: '74.203.101.150'
> DNS CRITICAL - 0.169 seconds response time (No ANSWER SECTION
> found)|time=0.169224s;;;0.000000
>
>
> dig works correctly....
> dig @8.8.8.8 -x 74.203.101.150
>

These are 2 different requests.  The -x command sent to dig does an 
automatic reversal for the PTR record.  Notice in your answer section 
below the actual question.


> ;<<>>  DiG 9.3.6-P1-RedHat-9.3.6-16.P1.el5<<>>  @8.8.8.8 -x 74.203.101.150
> ; (1 server found)
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27441
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;150.101.203.74.in-addr.arpa.	IN	PTR

This question here, see the IP reversed, and the syntax is different. 
To make check_dig do the same, you have to do some work...

./check_dig  -H 8.8.8.8 -l 150.101.203.74.in-addr.arpa. -T PTR -v
/usr/bin/dig @8.8.8.8 -p 53 150.101.203.74.in-addr.arpa. -t PTR
Looking for: '150.101.203.74.in-addr.arpa.'
;; ANSWER SECTION:
150.101.203.74.in-addr.arpa. 62035 IN   CNAME 
150.128-255.101.203.74.in-addr.arpa.
DNS OK - 0.044 seconds response time (150.101.203.74.in-addr.arpa. 62035 
IN CNAME 150.128-255.101.203.74.in-addr.arpa.)|time=0.043945s;;;0.000000

Works just fine, if you have the syntax correct.

According to the docs, you're supposed to be able to pass arguments 
straight to dig using the -A arg on check_dig, however because check_dig 
executes "-t A" it doesn't allow you to pass certain syntax, so:

./check_dig -H 8.8.8.8 -l 74.203.101.150 -A "-x"

doesn't work, because the real syntax is:

/usr/bin/dig @8.8.8.8 -p 53 74.203.101.150 -t A -x

Long story short, do proper PTR queries, which isn't what you were doing.

-- 
Jonathan Angliss


------------------------------------------------------------------------------
Magic Quadrant for Content-Aware Data Loss Prevention
Research study explores the data loss prevention market. Includes in-depth
analysis on the changes within the DLP market, and the criteria used to
evaluate the strengths and weaknesses of these DLP solutions.
http://www.accelacomm.com/jaw/sfnl/114/51385063/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: [CHECK_DIG] PTR record check not working
Next message: [CHECK_DIG] PTR record check not working
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list