Hello, it's ok...<br>But now, when I restart the iptables' service, the nagios works good... but at the next update of Nagios the follow message looks me: CHECK_NRPE - socket timeout after 10 seconds...<br>Anyone could help me again??
<br><br>Thanks<br><br><br><br><br><div><span class="gmail_quote">2006/8/14, Hari Sekhon <<a href="mailto:hpsekhon@googlemail.com">hpsekhon@googlemail.com</a>>:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<div bgcolor="#ffffff" text="#000000">
If you want the rule to match any ip then you should just leave the -s
any and -d any out of the line<br>
<br>
iptables -A INPUT -p udp --dport 5666 -j ACCEPT<br>
iptables -A FORWARD -p udp --dport=5666 -j ACCEPT<br>
<br>
This will allow anything from anywhere to port 5666 on this host. The
second line is not needed unless this box is a router. It's better to
do something like <br>
<br>
iptables -A INPUT -p udp -s <a href="http://192.168.1.0/24" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.1.0/24</a> --dport 5666 -j ACCEPT<br>
<br>
assuming your network is in the 192.168.1.1-255 range, since this would
limit the port opening to only those machine on your network (or more
specifically those machines in the <a href="http://192.168.1.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.1.0</a> network).<br>
<br>
If it causes you too much trouble, you could be forgiven for doing
iptables -F and disable it's re-application in the init scripts
(assuming this host is protected behind a firewall!)<br></div><div><span class="sg">
<br>
Hari</span></div><div><span class="e" id="q_10d0db5c9da08cf3_2"><br>
<br>
<br>
Rodrigo Maceno wrote:
<blockquote cite="http://mid27acffb00608141016p3f84bcb6v9b63bff03f26bf58@mail.gmail.com" type="cite">Ok, I understood what you said... But you could help me
one more time? I tried to put two rules in IpTables:<br>
<div style="margin-left: 40px;">iptables -A INPUT -p udp -s any/0 -d
any/0 --dport=5666 -j ACCEPT<br>
iptables -A FORWARD -p udp -s any/0 -d any/0 --dport=5666 -j ACCEPT
<br>
<br>
</div>
but I don't know if there is anything wrong... Could you help again??<br>
<br>
Thanks...<br>
<br>
<br>
<br>
<br>
<div><span class="gmail_quote">2006/8/14, Hari Sekhon <<a href="mailto:hpsekhon@googlemail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">hpsekhon@googlemail.com
</a>>:</span>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<div bgcolor="#ffffff" text="#000000">Rodrigo Maceno wrote:
</div>
<div><span>Hello,<br>
I have the nagios installed and working normal, but it only works if I
stop he iptables service. I would like to know how do it to run the
Nagios without stop iptables. Anyone could help me??<br>
<br>
Thanks,<br>
Rodrigo L. Maceno <br>
<br>
PS: Sorry for my english... :/<br>
</span></div>
<div>
<pre><hr size="4" width="90%">
-------------------------------------------------------------------------<br>Using Tomcat but need to do more? Need to support web services, security?<br>Get stuff done quickly with pre-integrated technology to make your job easier
<br><br>Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo<br><a href="http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642</a></pre>
<pre><hr size="4" width="90%">
_______________________________________________<br>Nagios-users mailing list<br><a href="mailto:Nagios-users@lists.sourceforge.net" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">Nagios-users@lists.sourceforge.net
<br></a>
<a href="https://lists.sourceforge.net/lists/listinfo/nagios-users" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">https://lists.sourceforge.net/lists/listinfo/nagios-users</a>
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null</pre>
<br>
you need to learn iptables to open the necessary ports.<br>
<br>
<br>
man iptables<br>
<br>
would be a good place to start.<br>
<br>
also, check out which ports are used by services etc using netstat. It
will take you a lot of time to figure out, but it's too complicated and
specific to your setup for anybody to guide you all the way through.<br>
<br>
man netstat<br>
man iptables<br>
<br>
will get you started.<br>
<br>
Hari<br>
</div>
</div>
</blockquote>
</div>
<br>
</blockquote>
<br>
</span></div><div></div>
</div></blockquote></div><br>