[checkmk-commits] iptables: compute config hash with hashlib

Module: check_mk Branch: master Commit: 3e8f4d1041b14baf5b253adf9c96b3314465a755 URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=3e8f4d1041b14b… Author: Tom Baerwinkel <tb(a)mathias-kettner.de> Date: Mon May 7 15:15:38 2018 +0200 iptables: compute config hash with hashlib Change-Id: Ia70831e957732e405d7013fc681e4fcf0e13d7d9 --- checks/iptables | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/checks/iptables b/checks/iptables index b99f72a..a0be9e4 100644 --- a/checks/iptables +++ b/checks/iptables @@ -55,6 +55,10 @@ #-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited #COMMIT +def iptables_hash(config): + import hashlib + return hashlib.sha256(config).hexdigest() + def parse_iptables(info): config_lines = [" ".join(sublist) for sublist in info] @@ -63,7 +67,7 @@ def parse_iptables(info): def inventory_iptables(parsed): - return [(None, {"config_hash": hash(parsed)})] + return [(None, {"config_hash": iptables_hash(parsed)})] def check_iptables(_no_item, params, parsed): @@ -71,11 +75,11 @@ def check_iptables(_no_item, params, parsed): if not item_state: set_item_state("iptables.config", - {"config": parsed, "hash": hash(parsed)}) + {"config": parsed, "hash": iptables_hash(parsed)}) return 0, "saved initial configuration" initial_config_hash = params["config_hash"] - new_config_hash = hash(parsed) + new_config_hash = iptables_hash(parsed) if initial_config_hash == new_config_hash: if initial_config_hash != item_state.get("hash"):