Module: check_mk
Branch: master
Commit: 3e8f4d1041b14baf5b253adf9c96b3314465a755
URL:
http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=3e8f4d1041b14b…
Author: Tom Baerwinkel <tb(a)mathias-kettner.de>
Date: Mon May 7 15:15:38 2018 +0200
iptables: compute config hash with hashlib
Change-Id: Ia70831e957732e405d7013fc681e4fcf0e13d7d9
---
checks/iptables | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/checks/iptables b/checks/iptables
index b99f72a..a0be9e4 100644
--- a/checks/iptables
+++ b/checks/iptables
@@ -55,6 +55,10 @@
#-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
#COMMIT
+def iptables_hash(config):
+ import hashlib
+ return hashlib.sha256(config).hexdigest()
+
def parse_iptables(info):
config_lines = [" ".join(sublist) for sublist in info]
@@ -63,7 +67,7 @@ def parse_iptables(info):
def inventory_iptables(parsed):
- return [(None, {"config_hash": hash(parsed)})]
+ return [(None, {"config_hash": iptables_hash(parsed)})]
def check_iptables(_no_item, params, parsed):
@@ -71,11 +75,11 @@ def check_iptables(_no_item, params, parsed):
if not item_state:
set_item_state("iptables.config",
- {"config": parsed, "hash": hash(parsed)})
+ {"config": parsed, "hash":
iptables_hash(parsed)})
return 0, "saved initial configuration"
initial_config_hash = params["config_hash"]
- new_config_hash = hash(parsed)
+ new_config_hash = iptables_hash(parsed)
if initial_config_hash == new_config_hash:
if initial_config_hash != item_state.get("hash"):