#!/bin/bash
#written Andrew , 11/1/11 onwards. A date which is a palindrome.
#Purpose is to check DataCash DNS for changes and check that https is accepting connections.
#Temp Files
BASE=/usr/local/dnschecks
DCAUTHTEMP=${BASE}/dc-nocache-dnstemp.txt
DCCACHETEMP=${BASE}/dc-cache-dnstemp.txt
#keep past log files
LOGFILE=${BASE}/dnscheck.log
mv ${LOGFILE}.2 ${LOGFILE}.3
mv ${LOGFILE}.1 ${LOGFILE}.2
mv ${LOGFILE} ${LOGFILE}.1
#Datacash not listening on port token file
DCHTTPSFILE=${BASE}/DCnotOpenOnHttps.token
echo `date` > ${LOGFILE}
#Test https port
PORT=443
#Data Cash host
DCHOST=mars.transaction.data.com
#Find out auth dns server for Data Cash
DCAUTHDNS=`ssh -q -i ~/.ssh/id_dsa -l scope inet01 "dig +noall +authority ${DCHOST}" | grep ".co.uk" | awk '{print $5}'`
echo "DC Auth DNS is ${DCAUTHDNS}" >> ${LOGFILE}
EMAIL=${BASE}/emailtmp-$$
MAILTO=support@example.com
SENDEMAIL=no
#Persistent data files
CURRENT=${BASE}/dc-current-ip.txt
PREVIOUS=${BASE}/dc-previous-ip.txt
echo "Files are ${CURRENT} and ${PREVIOUS}" >> ${LOGFILE}
#Start
#write out start of email log file
echo "From /usr/local/dnschecks/datacashtest.sh at `date +%H:%M:%S`" > ${EMAIL}
echo "" >> ${EMAIL}
echo "Testing Data Cash DNS:- " >> ${EMAIL}
echo "======================= " >> ${EMAIL}
echo "" >> ${EMAIL}
echo "Expected ipaddresses are 92.43.40.20, 92.43.42.20 or 195.224.203.20 (old)" >> ${EMAIL}
echo "" >> ${EMAIL}
#read in previous ipaddress
PREVIOUSIP=`cat ${PREVIOUS}`
echo "Previous IP read in is ${PREVIOUSIP}" >> ${LOGFILE}
#Get Datacash current ipaddress
ssh -q -i ~/.ssh/id_dsa -l scope inet01 "dig @${DCAUTHDNS} ${DCHOST}" > ${DCAUTHTEMP}
#get ipaddress from tmp file
CURRENTIP=`cat ${DCAUTHTEMP} | grep -v ";" | grep ${DCHOST} | awk '{print $5}' `
echo ${CURRENTIP} > ${CURRENT}
echo "Current ip from auth server is ${CURRENTIP}" >> ${LOGFILE}
#Get lookup time for connection
CURRENTIPTIME=`cat ${DCAUTHTEMP} | grep Query | awk '{print $4, $5}'`
echo "Lookup took ${CURRENTIPTIME}" >> ${LOGFILE}
#Get cached Datacash ipaddress from inet01
ssh -q -i ~/.ssh/id_dsa -l scope inet01 "dig ${DCHOST}" > ${DCCACHETEMP}
CURRENTCACHEIP=`cat ${DCCACHETEMP} | grep -v ";" | grep ${DCHOST} | awk '{print $5}' `
CURRENTCACHEIPTIME=`cat ${DCCACHETEMP} | grep Query | awk '{print $4, $5}'`
echo "Cached ip from inet01 is ${CURRENTCACHEIP} and it took ${CURRENTCACHEIPTIME}" >> ${LOGFILE}
if [ "${PREVIOUSIP}" == "${CURRENTIP}" ]
then
echo "No change, ipaddress is the same as previously, ${CURRENTIP}." >> ${EMAIL}
echo "Auth Lookup took ${CURRENTIPTIME}." >> ${EMAIL}
else
SUBJECT=" - mars ipaddress changed"
echo "IPaddress has changed from ${PREVIOUSIP} to ${CURRENTIP}." >> ${EMAIL}
echo "Auth Lookup took ${CURRENTIPTIME}." >> ${EMAIL}
#write out current ip to previousip file (ready for next run where current now will be previous)
echo ${CURRENTIP} > ${PREVIOUS}
SENDEMAIL=yes
fi
#Check if cache is fresh
if [ ${CURRENTCACHEIP} == ${CURRENTIP} ]
then
echo "Cached lookup is the same as Auth Lookup" >> ${EMAIL}
IPCONSISTENT="true"
else
echo "Cached lookup is stale, ${CURRENTCACHEIP} should be ${CURRENTIP}." >> ${EMAIL}
IPCONSISTENT="false"
SENDEMAIL=yes
fi
echo "" >> ${EMAIL}
echo "" >> ${EMAIL}
echo "" >> ${EMAIL}
echo " " >> ${LOGFILE}
echo -n "Previous ip file contents is " >> ${LOGFILE}
echo `cat ${PREVIOUS}` >> ${LOGFILE}
echo -n "Current ip file contents is " >> ${LOGFILE}
echo `cat ${CURRENT}` >> ${LOGFILE}
echo " " >> ${LOGFILE}
echo "Testing Data Cash tcp connection on port ${PORT}:-" >> ${EMAIL}
echo "==============================================" >> ${EMAIL}
echo "" >> ${EMAIL}
echo "" >> ${EMAIL}
#Do tcp connection test
#This has to be done on app01 because the app servers are the only servers allowed to
#connect to Data.
#Use ipaddress derived above from Auth dns $CURRENTIP, not name $DCHOST which will be resolved locally.
#Run test from app01 as mon01 has no access
TCPCONNETION=`ssh -q -i ~/.ssh/id_dsa -l scope app01 "/export/home/scope/scripts/datacash/datacash-check.sh ${CURRENTIP} ${PORT}"`
echo $TCPCONNETION | grep -i yes 2>&1 > /dev/null
TCPOPEN=$?
if [ ${TCPOPEN} -eq 0 ]
then
echo "Data C is listening on ${CURRENTIP}:${PORT}." >> ${EMAIL}
echo "Data C https is listening on ${CURRENTIP}:${PORT}." >> ${LOGFILE}
SENDEMAIL=no
if [ -f ${DCHTTPSFILE} ]
then
echo "Previous state was \"Not Listening\"" >> ${EMAIL}
echo "Previous state was \"Not Listening\"" >> ${LOGFILE}
rm ${DCHTTPSFILE}
SENDEMAIL=yes
fi
else
SUBJECT=" - Data C not listening on 443"
echo "Data C is closed on ${CURRENTIP}:${PORT}." >> ${EMAIL}
echo "Data C https is closed on ${CURRENTIP}:${PORT}." >> ${LOGFILE}
touch ${DCHTTPSFILE}
echo "`date` - Data C https is closed on ${CURRENTIP}:${PORT}." > ${DCHTTPSFILE}
SENDEMAIL=yes
fi
if [ ${IPCONSISTENT} = "false" ]
then
TCPCONNETIONCACHE=`ssh -q -i ~/.ssh/id_dsa -l scope app01 "/export/home/scope/scripts/datacash/datacash-check.sh ${CURRENTCACHEIP} ${PORT}"`
echo $TCPCONNETIONCACHE | grep -i yes 2>&1 > /dev/null
TCPCACHEOPEN=$?
if [ ${TCPCACHEOPEN} -eq 0 ]
then
echo "Data C is listening on ${CURRENTCACHEIP}:${PORT}." >> ${EMAIL}
echo "Data C https is listening on ${CURRENTCACHEIP}:${PORT}." >> ${LOGFILE}
#SENDEMAIL=yes
else
SUBJECT=" - Data C not listening on 443"
echo "Data C is closed on ${CURRENTCACHEIP}:${PORT}." >> ${EMAIL}
echo "Data C https is closed on ${CURRENTCACHEIP}:${PORT}." >> ${LOGFILE}
SENDEMAIL=yes
fi
#end IPCONSISTENT loop
fi
echo "" >> ${EMAIL}
echo "" >> ${EMAIL}
echo "" >> ${EMAIL}
#Mail Out
if [ ${SENDEMAIL} == yes ]
then
#echo ${SENDEMAIL} >> ${EMAIL}
echo "Sending notification mail at `date +%H:%M:%S`." >> ${EMAIL}
mail ${MAILTO} -s "Data C DNS and connection Test ${SUBJECT}" < ${EMAIL}
else
#don't send mail, so mail command is commented out. Left in for testing
#DONTSEND is a dummy statement to prevent an error when everything else is commented out.
DONTSEND=true
echo "Sending notification mail at `date +%H:%M:%S`." >> ${EMAIL}
#mail ${MAILTO} -s "Data C DNS and connection Test" < ${EMAIL}
fi
#cleanup
rm ${EMAIL}
echo "Done." >> ${LOGFILE}
exit 0