how to check smtps, pop3s, imaps, ldpas withy nrpe ?
J. Bakshi
joydeep at infoservices.in
Tue Sep 2 11:26:03 CEST 2008
Arno Lehmann wrote:
> Hello,
>
> please respond to the list.
>
> 02.09.2008 10:44, J. Bakshi wrote:
>
>> Arno Lehmann wrote:
>>
>>> Hi,
>>>
>>> 02.09.2008 09:37, J. Bakshi wrote:
>>>
>>>> Dear list,
>>>>
>>>> I have installed
>>>>
>>>> nagios-nrpe 2.0
>>>> nagios-plugins 1.4
>>>> nagios-plugins-extras 1.4
>>>>
>>>> How can I check smtps, ldaps, pop3s, imaps with nrpe ?
>>>> the default check_smtp ; check_imap etc can't check the SSL version of
>>>> the services.
>>>>
>>> Mine can; call them with -h for help and read the output. I usually
>>> use the -S swich plus, as needed, -p for the target port.
>>>
>>> Example output:
>>> $ /usr/local/nagios3/libexec/check_imap -H 192.168.1.2 -S -p 993 -D 12
>>> OK - Certificate will expire on 04/27/2009 21:13.
>>> IMAP OK - 0.060 second response time on port 993 [* OK IMAP4 Ready
>>> balrog.privat.lehleute.de 0001b1a4]|time=0.059891s;;;0.000000;10.000000
>>>
>>>
>> Hi Arno,
>>
>> first of all thanks for your kind response. I have also found the "-S"
>> option but the story is different here and it is
>> negative :-(
>>
>> here is the nmap output which proves the required port are open
>>
>
> It does not actually prove the services are listening on localhost,
> and that access is not filtered, for example by hosts files.
>
>
>> PORT STATE SERVICE
>> 25/tcp open smtp
>> 80/tcp open http
>> 143/tcp open imap
>> 389/tcp open ldap
>> 443/tcp open https
>> 465/tcp open smtps
>> 993/tcp open imaps
>> 995/tcp open pop3s
>> 1234/tcp open hotline
>> 2000/tcp open callbook
>> 3306/tcp open mysql
>>
>> more important I can use the SSL enabled services, like pop3s , smtps etc...
>>
>> If I check with check_smtp I get the following
>>
>> /usr/lib/nagios/plugins/check_smtp -H localhost -p 465 -S -v
>> CRITICAL - Socket timeout after 10 seconds
>>
>
> Check with the ip address that is usually used - it's quite possible
> the service is not bound to localhost.
>
>
>> And here is the check fir ftp :-(
>>
>> /usr/lib/nagios/plugins/check_ftp -H localhost -p 60021 -S -v
>> CRITICAL - Cannot make SSL connection 13948:error:140770FC:SSL
>> routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:478:
>>
>> Plese note I am practically using ftps, smtps, pop3s
>>
>> I have no clue really.
>> Hope you can enlighten me to point out my mistake.
>>
>
> Try what I suggested... that's what I'd do now.
>
> Arno
>
Dear Arno and Alex,
thanks a lot for your kind guidance.
Arno, I have also checked with IP but no success.
Here is some more feedback which you can find interesting
#### IMAPS successful ##########
/usr/lib/nagios/plugins/check_imap -H localhost -p 993 -S -w 5 -c 8 -t 10
IMAP OK - 0.099 second response time on port 993 [* OK Cyrus IMAP4
v2.2.12 server ready] |time=0.098621s;5.000000;8.000000;0.000000;10.000000
######## POP3S successful ##########
/usr/lib/nagios/plugins/check_pop -H localhost -p 995 -w 5 -c 8 -t 10 -S
POP OK - 0.101 second response time on port 995 [+OK lvps872308228.
Cyrus POP3 v2.2.12 server ready
<4156316096.1220347347 at lvps872308228.dedicated.hosteurope.de>]
|time=0.101278s;5.000000;8.000000;0.000000;10.000000
######## SMTPS failed but telnet successful #########
/usr/lib/nagios/plugins/check_smtp -H <replaced by my server IP> -p
465 -w 5 -c 8 -t 10 -S
CRITICAL - Socket timeout after 10 seconds
telnet 87.230.8.228 465
Trying 87.230.8.228...
Connected to 87.230.8.228.
Escape character is '^]'.
quit
quit
Connection closed by foreign host.
####### FTPS failed but successful by telnet ###############33
/usr/lib/nagios/plugins/check_ftp -H <replaced by my server IP> -p
60021 -w 5 -c 8 -t 10 -S
CRITICAL - Cannot make SSL connection 30050:error:140770FC:SSL
routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:478:
telnet localhost 60021
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 *******This server is configured by Jatasankar*******
530 Please login with USER and PASS.
530 Please login with USER and PASS.
quit
221 Goodbye.
Connection closed by foreign host.
Any clue ?
thanks
>
>> with many thanks
>>
>>
>>> Arno
>>>
>>>
>>>> thanks
>>>>
>>>>
>>>>
>>
>
>
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Joydeep Bakshi, Linux System Admin
Kolkatainfoservices Pvt Ltd,
23A Royd Street, Kolkata 700016, India
Work Phone 91 033 40014784
http://infoservices.in/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list