Faking Services using Netcat (For Testing Nagios)

Tags: , , , , February 3, 2014 4:41 AM

Simulating the health of services can be pain if we should install and turn them on/off the real services such HTTP Server, SSH Server, FTP, etc one-by-one on each VM. In this experiment I just faking 2 services which are: HTTP and SSH. Based on this simple topology we would end up with:

Services which Monitored

  • VM 1
    • HTTP
    • PING
  • VM 2
    • HTTP (Simulate the Always 404 Error)
    • PING
  • VM 3
    • HTTP
    • PING
    • SSH
 

The Host: Creating Fake HTTP Server (200 OK)

I made a shell script to wrap the netcat command. This fake server will listen to port 9999 when no argument given. The infinite while loop used to make netcat spawn new instance every time the connection is closed. 
cat > fake-http-200-daemon.sh
#!/bin/bash
#
# Fake HTTP 200 OK Daemon
#
PORT=$1
HTTP_BODY='It Works!'
BODY_LENGTH=$( expr length "$HTTP_BODY" )
HTTP_HEADER="HTTP/1.1 200 OK\r\n"\
"Content-Type: text/plain\r\n"\
"Content-Length: ${BODY_LENGTH}\r\n"\
"Pragma: no-cache\r\n"\
"Expires: Thu, 01 Jan 1970 00:00:00 GMT\r\n"\
"Connection: Close\r\n\r\n"\
"$HTTP_BODY"

if [ -z "$PORT" ]; then
    PORT=9999
fi

echo "Fake 200 server listening on port $PORT"
while true; do echo -e $HTTP_HEADER | nc -l $PORT; done;
Let's run the fake HTTP 200 OK server. Issue netstat -ntap to make sure the fake server running. 
chmod +x fake-http-200-daemon.sh
./fake-http-200-daemon.sh &

The Host: Creating Fake HTTP Server (404 Not Found)

This fake server will listen to port 8888 when no argument given. This fake server should trigger "Warning" on Nagios since it returns 404 not 200. 
cat > fake-http-404-daemon.sh
#!/bin/bash
#
# Fake HTTP 404 Not Found Daemon
#
PORT=$1
HTTP_BODY='<h1>Ouch! Are you lost bro?</h1>'
BODY_LENGTH=$( expr length "$HTTP_BODY" )
HTTP_HEADER="HTTP/1.1 404 Not Found\r\n"\
"Content-Type: text/html\r\n"\
"Content-Length: ${BODY_LENGTH}\r\n"\
"Pragma: no-cache\r\n"\
"Expires: Thu, 01 Jan 1970 00:00:00 GMT\r\n"\
"Connection: Close\r\n\r\n"\
"$HTTP_BODY"

if [ -z "$PORT" ]; then
   PORT=8888
fi
echo "Fake 404 server listening on port $PORT"
while true; do echo -e $HTTP_HEADER | nc -l $PORT; done
Let's run the fake HTTP 404 Not Found server. Issue netstat -ntap to make sure the fake server running. 
chmod +x fake-http-404-daemon.sh
./fake-http-404-daemon.sh &

The Host: Creating Fake SSH Server

This fake ssh server just do one thing print some dummy SSH header string and quit. By default this fake server run on port 2222. 
cat > fake-ssh-daemon.sh
#!/bin/bash
#
# Fake SSH Daemon
#
PORT=$1
WELCOME="SSH-2.0-OpenSSH_5.9p1 FakeDaemon-1.0\n"
if [ -z "$PORT" ]; then
    PORT=2222
fi

echo "Fake SSH server listening on port $PORT"
while true; do echo -e $WELCOME | nc -l $PORT; done;
Let's run the fake SSH server. 
chmod +x fake-ssh-daemon.sh
./fake-ssh-daemon.sh &

VM 1: Running Fake HTTP Server (200 OK)

Basically we just forward the content of the fake server at 192.168.1.9:9999 to the VM itself (192.168.1.10). Again netcat is used here. 
while true;
do
  nc 192.168.1.9 9999 > http.out | nc -l -p 80 -e cat http.out
done
Done. Now we have a web server (fake of course) running at VM 1 (192.168.1.10). To test it just fire up telnet and shoot it to 192.168.1.10 port 80. We should getting something like this: 
telnet 192.168.1.10 80
Trying 192.168.1.10...
Connected to 192.168.1.10.
Escape character is '^]'.
HTTP/1.1 200 OK
Content-Type: text/plain
Content-Length: 9
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: Close

It Works!
Connection closed by foreign host.

VM 2: Running Fake HTTP Server (404 Not Found)

while true;
do
  nc 192.168.1.9 8888 > http.out | nc -l -p 80 -e cat http.out
done
Done. Now we have a web server (which always return 404) running at VM 2 (192.168.1.11). To test it just fire up telnet and shoot it to 192.168.1.11 port 80. We should getting something like this: 
telnet 192.168.1.11 80
Trying 192.168.1.11...
Connected to 192.168.1.11.
Escape character is '^]'.
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 32
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: Close

<h1>Ouch! Are you lost bro?</h1>
Connection closed by foreign host.

VM 3: Running Fake HTTP Server (200 OK)

Since we will run two services on this VM I wrap the fake HTTP server to shell script so I can daemonized it. 
cat > http.sh
while true;
do
  nc 192.168.1.9 9999 > http.out | nc -l -p 80 -e cat http.out
done
Let's run the HTTP Server. 
/bin/sh http.sh &

VM 3: Running Fake SSH Server

Same as the HTTP server we just forward the result, but this time from 192.168.1.9:2222 to VM-3 192.168.2.2 port 22. 
while true;
do
  nc 192.168.1.9 2222 > ssh.out | nc -l -p 22 -e cat ssh.out
done
Done. Now we have fake SSH Server, time to test it. 
telnet 192.168.2.2 22
Trying 192.168.2.2...
Connected to 192.168.2.2.
Escape character is '^]'.
SSH-2.0-OpenSSH_5.9p1 FakeDaemon-1.0

Connection closed by foreign host.
That's it? yeah but it's quite good enough to make Nagios happy.

References

Share on Facebook Twitter

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)