Monitoring systems behind a firewall.

Sloane, Robert Raymond sloane at ku.edu
Fri Jun 25 20:36:55 CEST 2004


Hi All,

I am just getting started with Nagios 1.2, and I need to monitor some
systems that are behind a firewall.  There is no network access to these
systems from the Nagios system, so I have to use passive checks to
determine the remote system status.  I created the host entry as
follows:

define host {
name                           generic-host	; The name of this host
template notifications_enabled          1	; Host notifications are
enabled
event_handler_enabled          1	; Host event handler is enabled
flap_detection_enabled         1	; Flap detection is enabled
process_perf_data              1	; Process performance data
retain_status_information      1	; Retain status information
across program restarts
retain_nonstatus_information   1	; Retain non-status information
across program restarts
register                       0	; DONT REGISTER THIS DEFINITION
- ITS NOT A REAL HOST, JUST A TEMPLATE!
}

define host {
use                            generic-host
host_name                      firewall1
alias                          test firewall system
address                        192.168.1.1
#check_command                  check-host-alive
max_check_attempts             10
notification_interval          120
notification_period            24x7
notification_options           d,u,r
}

and set up the service as:

define service {
name                           generic-service	; The 'name' of this
service template, referenced in other service definitions
active_checks_enabled          1	; Active service checks are
enabled
passive_checks_enabled         1	; Passive service checks are
enabled/accepted
parallelize_check              1	; Active service checks should
be parallelized (disabling this can lead to major performance problems)
obsess_over_service            1	; We should obsess over this
service (if necessary)
check_freshness                0	; Default is to NOT check
service 'freshness'
notifications_enabled          1	; Service notifications are
enabled
event_handler_enabled          1	; Service event handler is
enabled
flap_detection_enabled         1	; Flap detection is enabled
process_perf_data              1	; Process performance data
retain_status_information      1	; Retain status information
across program restarts
retain_nonstatus_information   1	; Retain non-status information
across program restarts
register                       0	; DONT REGISTER THIS DEFINITION
- ITS NOT A REAL SERVICE, JUST A TEMPLATE!
}

define service {
use			       generic-service
host_name                      firewall1
service_description            TESTNSCA
active_checks_enabled          0
passive_checks_enabled         1
check_freshness                1
is_volatile                    0
check_period                   24x7
max_check_attempts             3
normal_check_interval          5
retry_check_interval           1
contact_groups                 linux-admins
notification_interval          120
notification_period            24x7
notification_options           w,u,c,r
check_command                  check_dummy!0
}

The check_dummy command simply returns its argument.  Note that active
checks are disabled and that passive checks are enabled, and the
freshness check is turned on.  I expected this configuration to require
that the remote system send a status every so often
(freshness_check_interval=600) or be marked as down.  It turns out that
the system always appears to be up.  If I send a passive service check
saying the system is down, it gets marked as down for one check period
and then comes back up again.  As a test, I put "/bin/echo running
>/tmp/checkout" in for the check command, and it appears that the
check_command is running, even though active_checks_enabled is set to 0.
What do I need to do to configure this system so that it only uses the
passive checks?  I have nsca working and reporting the system status,
but I don't get any problems reported if nsca fails to report the
status.
-- 
Bob Sloane, University of Kansas Computer Center, Lawrence, KS, 66045 
Email:sloane at ku.edu http://www.ku.edu/home/sloane Phone:(785)864-0444
 


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list