only_from = 127.0.0.1
Martyn
martyn at chetnet.co.uk
Thu Apr 23 13:05:43 CEST 2009
I changed the line as suggested but I still get the SSL handshake issue, the
"host.domain.co.uk" is made up on here but I have the real one in the live
config, again thanks for your time
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 192.168.3.247 host.domain.co.uk
}
-----Original Message-----
From: Christian Schneemann [mailto:cschneemann at suse.de]
Sent: 23 April 2009 11:05
To: nagios-users at lists.sourceforge.net
Subject: Re: [Nagios-users] only_from = 127.0.0.1
On Thursday April 23 2009 11:07:06 am Martyn wrote:
> Can anybody tell me how I use domains names instead of IP address in
> the nrpe file, I have read somewhere that you can use tcp wrappers
> which I have tried.
>
> My nrpe file looks like this:
>
> # default: on
> # description: NRPE (Nagios Remote Plugin Executor) service nrpe {
> flags = REUSE
> socket_type = stream
> port = 5666
> wait = no
> user = nagios
> group = nagios
> server = /usr/local/nagios/bin/nrpe
> server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
> log_on_failure += USERID
> disable = no
> only_from = 127.0.0.1
> }
>
>
> And my hosts.allow looks like
>
> #
> # hosts.allow This file describes the names of the hosts which are
> # allowed to use the local INET services, as decided
> # by the '/usr/sbin/tcpd' server.
> #
> nrpe: 17.0.0.1 monitor.domain.co.uk
>
> But I'm still getting Could not complete SSL handshake, is the above
> configuration correct or can I not use domain names instead of IP's
You have to adjust the "olny_from" line, your hosts.allow allows 17.0.0.1 to
connect to nrpe, but xinetd rejects the request, because you just allows
connections from 127.0.0.1 (or is there the 2 missing in the hosts.allow
line?)
you can simply write the domain name to only_from.
If you use the hosts.allow you could even exclude the only_from line from
the xinetd configuration by setting 3 in front of the line.
Greetings,
Christian
>
> Thanks
>
> Martyn
--
Christian Schneemann
-------------------------------------
SUSE LINUX Products GmbH,
Maxfeldstr. 5, D - 90409 Nürnberg
Phone: +49 (0)911 - 740 53 0
e-mail: cschneemann at suse.de
-------------------------------------
SUSE LINUX Products GmbH, GF: Markus Rex HRB 16746 (AG Nürnberg)
----------------------------------------------------------------------------
--
Stay on top of everything new and different, both inside and around Java
(TM) technology - register by April 22, and save $200 on the JavaOne (SM)
conference, June 2-5, 2009, San Francisco.
300 plus technical and hands-on sessions. Register today.
Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue.
::: Messages without supporting info will risk being sent to /dev/null
------------------------------------------------------------------------------
Stay on top of everything new and different, both inside and
around Java (TM) technology - register by April 22, and save
$200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
300 plus technical and hands-on sessions. Register today.
Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list