Testing the 'Net isn't there with Nagios

We’ve recently had to deliberately disable some machines this week to ensure they can’t connect out to the internet - we’re building testing versions of some of our more restricted secure environments and this is one of the steps.

It was actually easier to do with IPTables than I thought (mostly because I didn’t have to do it - my co-worker did) but once the work was done we needed to ensure it didn’t accidently get broken so that networking was functional again. And yes that’s an odd thing to type. So naturally we turned to Nagios and so, for my own memory as much as anything else, here is the check we’re using:

# put this in the machines nrpe config file.

/usr/lib/nagios/plugins/negate -t 30 "/usr/lib/nagios/plugins/check_http -w 5 -c 10 -H www.google.com -u /"

In the Nagios ‘Status Information’ field you’ll get a message that looks like this - CRITICAL - Socket timeout after 10 seconds - but the check returns the correct error code so it’s all green.