Sslchecker script


 #!/usr/bin/perl
 # Copyright (c) 2006 Bob Beck <beck@ualberta.ca>
 #
 # Permission to use, copy, modify, and distribute this software for any
 # purpose with or without fee is hereby granted, provided that the above
 # copyright notice and this permission notice appear in all copies.
 #
 # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 #
 # script to monitor an ssl enabled service, for all servers in a file,
 # and maintain the list of those that respond in a pf table
 #
 # Typical use, 
 # 
 # /etc pf.conf:
 # table <servicehosts> file "/etc/servicehosts" persist
 # rdr pass from any to $service_ip port 443 -> <servicehosts> port 443 round-robin sticky-address
 # 
 # then invoke script as
 # sslchecker servicehosts /etc/servicehosts
 #
 use Sys::Syslog qw(:DEFAULT setlogsock);
 $SCAN_INTERVAL = 5;
 $CONNECT_TIMEOUT = 2;
 $DEBUG = 0;

 sub addhost {
 	system "pfctl -t$_[0] -Tadd $_[1] > /dev/null 2>&1";
 }
 sub removehost {
        system "pfctl -t$_[0] -Tdelete $_[1] > /dev/null 2>&1";
 }