NTLM Authenticated Proxy External Monitor

Problem this snippet solves:

NTLM Authenticated Proxy External Monitor

How to use this snippet:

This monitor is used to monitor the availability of a web page through a NTLM authenticated proxy.

The default HTTP monitor relies on receiving a 401 Authenticate message to trigger the NTLM handshake, proxies respond with a 407 Proxy Authenticate message instead, which causes the monitor to fail.

Set the following variable: URI-The requested host/page to send the request to. (e.g. www.host.com/page1 or https://www.host.com/page.html) USER-Proxy Username PASS-Proxy Password RECV-Receive String to look for

Code :

#!/bin/sh
#
#Name:external_monitor_NTLM_Proxyauth
#Author:Matt Elkington
#Contact:melkington@integrity360.com
#Date:23/01/2017
#Description:An external monitor to allow monitoring of a host through a NTLM Authenticated proxy
#This is to work around the fact that the standard http monitor will only use NTLM if 
#it receives a 401 Authenticate message and ignores a 407 Proxy Authenticate message

#
#Change Log
#VersionChangeDate
#1.0Initial Monitor23/01/2017
#
#
#Port and IP address are supplied automatically a variables $1 and $2 byt the LTM:
#$1 = IP (nnn.nnn.nnn.nnn notation)
#$2 = port (decimal, host byte order)
#
#The following variables must be set in the monitor definitation:
#
#URI-The requested host/page to send the request to. (e.g. www.host.com/page1 or https://www.host.com/page.html)
#USER-Proxy Username
#PASS-Proxy Password
#RECV-Receive String to look for
#
# remove IPv6/IPv4 compatibility prefix (LTM passes addresses in IPv6 format)
NODE=`echo ${1} | sed 's/::ffff://'`
PORT=${2}
 
 
 
PIDFILE="/var/run/`basename ${0}`.${NODE}_${PORT}.pid"
# kill of the last instance of this monitor if hung and log current pid
if [ -f $PIDFILE ]
then
   echo "EAV exceeded runtime needed to kill ${IP}:${PORT}" | logger -p local0.error
   kill -9 `cat $PIDFILE` > /dev/null 2>&1
fi
echo "$$" > $PIDFILE
 
# send request & check for expected response
curl ${URI} --proxy ${NODE}:${PORT} -U ${USER}:${PASS} --proxy-ntlm -k | grep -i "${RECV}" 2>&1 > /dev/null
 
# mark node UP if expected response was received
if [ $? -eq 0 ]
then
    # Remove the PID file
    rm -f $PIDFILE
 
    echo "UP"
else
    # Remove the PID file
    rm -f $PIDFILE
fi
 
exit

Tested this on version:

11.6
Published Jan 23, 2017
Version 1.0
application delivery
authenticate
BIG-IP
LTM
monitor
ntlm
proxy

Was this article helpful?

No CommentsBe the first to comment