check whitelist match

[rvva]

Problem: In case the tunnel name is changed then whitleist regex may not match. Then the script returns OK status without checking any tunnel!

Here is an example: Before renaming:

$ check_fortigate.pl -v 3 -H fg.mgmt.internal -U nagios -A auth -a sha1 -X pass -x AES -T VPN -V ipsec -W “Lion”
OK: fg1.mgmt.internal (Master: FGT90GTKXXXXX): IPSEC Tunnels: Configured/Active: 1/1 |'ActiveSSL-VPN'=0 'ActiveIPSEC'=1

After renaming (does not detect any tunnel and returns ok):

$ check_fortigate.pl -v 3 -H fortigate.internal -U nagios -A auth -a sha1 -X pass -x AES -T VPN -V ipsec -W “Lion”
OK: fg1.mgmt.interna (Master: FGT90GTKXXXXX): IPSEC Tunnels: Configured/Active: 0/0 |'ActiveSSL-VPN'=0 'ActiveIPSEC'=0

The changes are intended to give feedback that the whitelist does not cover anything and no tunnel is checked. The status returned is UNKNOWN.

Here's an example of what the response looks like (status unknown, message and general summary):

$ check_fortigate.pl -v 3 -H fortigate.internal -U nagios -A auth -a sha1 -X pass -x AES -T VPN -V ipsec -W “Lion”
UNKNOWN: Whitelist not match any VPN name. fg1.mgmt.internal (Master: FGT90GTKXXXXX): IPSEC Tunnels: Configured/Active: 3/2 DOWN[Exadata]|'ActiveSSL-VPN'=0 'ActiveIPSEC'=2