Any firewall gotchas for NRPE?

Marc Powell marc at ena.com
Wed Apr 22 15:59:50 CEST 2009


On Apr 22, 2009, at 8:25 AM, Gabriel - IP Guys wrote:

> Some extra information,
>
> Nagios Version                  3.0.6
> NRPE Version                    2.12
> OS                                          CentOS 5.2
>
> From: Gabriel - IP Guys [mailto:Gabriel at impactteachers.com]
> Sent: 22 April 2009 13:34
> To: nagios-users at lists.sourceforge.net
> Subject: [Nagios-users] Any firewall gotchas for NRPE?
>
> I’ve just finished configuring a Nagios instance, and I have also  
> install NRPE locally on the same machine. I have configured NRPE and  
> checked that it’s working by running the following,
>
> # /usr/lib/nagios/plugins/check_nrpe -H 127.0.0.1
> NRPE v2.12

It's listening on localhost, but not necessarily working or working  
for other addresses on that machine. Why would you use NRPE for  
localhost checks anyway? Just playing around/testing?

>
> The result comes back as expected. Also, checking swap returns the  
> following.
>
> # /usr/lib/nagios/plugins/check_swap -w 20% -c 10%
> SWAP OK - 100% free (1983 MB out of 1983 MB) |swap=1983MB; 
> 396;198;0;1983
>
> So I know that NRPE itself is working, what I can’t figure out is  
> why Nagios not giving me the extra data, I just get the error msg

The above test says nothing about NRPE working or not, of course. It  
also doesn't mean it will work as the user NRPE runs as. You should  
never test nagios plugins or tools as root. You'll get caught  
troubleshooting issues that are really permissions problems without  
any insight.

> CHECK_NRPE: Socket timeout after 10 seconds.
>
> Any advice appreciated. Just to clarify, Nagios and NRPE are running  
> on the same box.

Actual configuration information will help you get help.

- How was NRPE installed
- Is it running as a daemon or from (x)inetd
	- if (x)inetd, what is that configuration
- what allowed_hosts do you have permitted?
- What firewall restrictions do you have in place related to the IP/ 
port NRPE is configured to use.
- *full* service definition for an example 'broken' service check (get  
it from objects.cache)
- What did you see from your system logs when you put NRPE in debug  
mode?

--
Marc
------------------------------------------------------------------------------
Stay on top of everything new and different, both inside and 
around Java (TM) technology - register by April 22, and save
$200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
300 plus technical and hands-on sessions. Register today. 
Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list