NETLINT(8)                                                          NETLINT(8)

       netlint - scan this host for network configuration errors

       netlint [-t timezone]
       netlint -R repo [-d delay] [-p port] [-t timezone]
       netlint -F
       netlint -h
       netlint -V

       The  network  configuration  of a node is critical to production opera-
       tions of all hosts attached to that network, even a small  error  on  a
       host  (viz.  a duplicate IP address) could seriously impact the perfor-
       mance of every host on that  segment.   No  invariant  assumption  made
       about  a  node is valid, on a modern system, unless the network is con-
       figured correctly.

       Netlint provides a structured report about the network configuration of
       a node.  This report is processed by the reporter to generate a list of
       unexpected configuration facts.  See report(1).

       The output is usually sent to a reporting agent to notify the  Adminis-
       trator  of errors or inconsistent information found on the host.  An ad
       hoc visual scan of netlint's output might be useful to find  configura-
       tion errors on a host that has an (as yet) undiagnosed issue.

       -d delay
              Set  the  maximum  delay  in seconds to start the scan, when run
              from automation like cron(8).  This takes effect if stdin is not
              a tty.

              The  netlint  script contains some useful ksh functions that the
              plugins use (these are documented in the  plugin  manual  page).
              Since  ksh  doesn't  have a portable way to export this from the
              running shell netlint has an option to produce them.

              Print only a brief help message.

       -p port
              Specify a non-standard port to connect to the rsync server.

       -R repo
              Specify that the a remote policy, rather than the local one from
              /usr/local/libexec/netlint-plugins should be executed.  The pol-
              icy is downloaded via rsync to a temporary directory, then  exe-
              cuted  in  place of the local policy.  Note this trusts a remote
              server to provide code  to  be  locally  executed.   The  module
              requested is "netlint".

       -t timezone
              The timezone value expected for this node.  If a node is distant
              from the reporter service we might ne in a  different  timezone,
              this confirms that fact.

              Show only the standerd version banner.

       10 2 * * 1 /usr/local/libexec/netlint |Mail -s "NETLINT: '/bin/hostname'" netlint@netlint
              A  crontab(5) fragment one might use to run netlint every Monday
              morning, directing  the  output  to  the  reporter  account  for

       /usr/local/libexec/netlint -V
              List  the version of netlint and the versions of all the plugins

       /usr/local/libexec/netlint -F >/tmp/me$$ && . /tmp/me$$; rm /tmp/me$$
              Output the common shell functions to a  temporary  file,  source
              them  into  this  shell, and cleanup the file.  This is a common
              idiom in the plugin code-base.

       The environment set for the plugins contains  (at  least)  these  vari-

              A  shell  command  (viz. echo(1)) that sends a collected fact to
              the report.  A fact should always be reported via  the  command,
              rather than assuming stdout is the report stream.

              The  output of uname -s, or something like it.  This has already
              been reported under the topic "OS:" before the plugins are  exe-

              A white-space separated list of network interfaces, given as:
              interface(ip mac network/CIDR type)

              A  white-space  separated list of IP addresses the host has con-
              figured as UP on the network.

              A white-space separated list of networks the  host  is  directly
              attached to, given as:

              The path to a file that contains "netlint -F" output.

       $rREPO and $rPORT
              These  are  only  exported if a remote repository was specified.
              They have the obvious meaning.

       The fact's topic tags could have been better organized.

       Kevin Braunsdorf, Pete Fritchman
       netlint At,

       sh(1),  ksh(1),  ifconfig(8),  hostlint(8l),  report(1l),   robodoc(1),

                                     LOCAL                          NETLINT(8)