#!/usr/bin/python
# -*- encoding: utf-8; py-indent-offset: 4 -*-
# +------------------------------------------------------------------+
# |             ____ _               _        __  __ _  __           |
# |            / ___| |__   ___  ___| | __   |  \/  | |/ /           |
# |           | |   | '_ \ / _ \/ __| |/ /   | |\/| | ' /            |
# |           | |___| | | |  __/ (__|   <    | |  | | . \            |
# |            \____|_| |_|\___|\___|_|\_\___|_|  |_|_|\_\           |
# |                                                                  |
# | Copyright Mathias Kettner 2014             mk@mathias-kettner.de |
# +------------------------------------------------------------------+
#
# This file is part of Check_MK.
# The official homepage is at http://mathias-kettner.de/check_mk.
#
# check_mk is free software;  you can redistribute it and/or modify it
# under the  terms of the  GNU General Public License  as published by
# the Free Software Foundation in version 2.  check_mk is  distributed
# in the hope that it will be useful, but WITHOUT ANY WARRANTY;  with-
# out even the implied warranty of  MERCHANTABILITY  or  FITNESS FOR A
# PARTICULAR PURPOSE. See the  GNU General Public License for more de-
# ails.  You should have  received  a copy of the  GNU  General Public
# License along with GNU Make; see the file  COPYING.  If  not,  write
# to the Free Software Foundation, Inc., 51 Franklin St,  Fifth Floor,
# Boston, MA 02110-1301 USA.

# OID: 1.3.6.1.4.1.9.9.171.1.2.3.1.7.###
# cikeTunRemoteValue
# Description
#       "The value of the remote peer identity.
#       If the remote peer type is an IP Address, then this
#       is the IP Address used to identify the remote peer.
#       If the remote peer type is a host name, then
#       this is the host name used to identify the
#       remote peer."

def inventory_cisco_vpn_tunnel(info):
    return [(item[0], {}) for item in info]


def check_cisco_vpn_tunnel(item, params, info):
    tunnel_not_found_state = params.get('state', 2) # default error state

    # Try to find individual error states by tunnel IP/name
    alias = ""
    for tunnel_ip, tunnel_alias, not_found_state in params.get('tunnels', []):
        if item == tunnel_ip:
            alias = "[%s] " % tunnel_alias
            tunnel_not_found_state = not_found_state

    if [item] not in info:
        return tunnel_not_found_state, "%sTunnel is missing" % alias
    else:
        return 0, "%sTunnel is OK" % alias


check_info["cisco_vpn_tunnel"] = {
    "check_function"        : check_cisco_vpn_tunnel,
    "inventory_function"    : inventory_cisco_vpn_tunnel,
    "service_description"   : "VPN Tunnel %s",
    "group"                 : "vpn_tunnel",
    "snmp_scan_function"    : lambda oid: oid(".1.3.6.1.2.1.1.1.0").lower().startswith("cisco adaptive security") \
                                        or "vpn 3000 concentrator" in oid(".1.3.6.1.2.1.1.1.0").lower(),
    "snmp_info"             : ( ".1.3.6.1.4.1.9.9.171.1.2.3.1", [ 7 ] ),
}
