Check if IP is blacklisted in Nagios

Sometimes you may experience that your outgoing IP has been blacklisted. This will most likely affect several things like visiting webpages, sendingmail etc. The reason for this may be due to several reasons. Maybe your server has been hacked, maybe there are some errors in your mailservers configuration or in the records of your domain name.  Quite often you are not aware that your ip is blacklisted until you hear this from a user or experience problems when sening mail.

Luckily there is a great plug in to keep track of this. In my case I am using OP5 and the plugin check_blacklist.pl. The plugin can be downloaded here:

https://github.com/robruma/nagios-plugins/blob/master/check_blacklist.pl

When downloading get the file directly (download the zip, unpack and use sftp to transfer). I got bad interpreter in perl first when just copying the file via text.

Test the command in the terminal on your Nagios server:

./check_blacklist.pl –ip 8.8.8.8

This will check all 60 sites. Or you can check specific sites when using something like below.

./check_blacklist.pl –ip 8.8.8.8 –dnsbl  [b.barracudacentral.org,dnsbl.sorbs.net]

In Nagios/OP5 configure a command like this:

$USER1$/check_blacklist.pl –ip   $HOSTADDRESS$

And the result may look something like this:

blacklist