<div dir="ltr">Use check_tcp or check_udp to see if you can connect to these ports Lex <div class="gmail_quote">On Tue, Sep 2, 2008 at 9:42 AM, J. Bakshi <<a href="mailto:joydeep@infoservices.in">joydeep@infoservices.in</a>> wrote: <blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class="Ih2E3d">Alex Dehaini wrote: > Your smtp server and your ftp server, are they different from your pop > and imap server? > > Your imaps and pop3s are connected locally i.e. on the nagios server > if I am correct? Your ftp and smtp are not. Is this correct? > </div>Hi Alex, My ftp (vsftpd with ssl support), postfix, Cyrus all are in the same server where nrpe is running. thanks <div class="Ih2E3d"> > Lex > > On Tue, Sep 2, 2008 at 9:26 AM, J. Bakshi <<a href="mailto:joydeep@infoservices.in">joydeep@infoservices.in</a> </div><div class="Ih2E3d">> <mailto:<a href="mailto:joydeep@infoservices.in">joydeep@infoservices.in</a>>> wrote: > > Arno Lehmann wrote: > > Hello, > > > > please respond to the list. > > > > 02.09.2008 10:44, J. Bakshi wrote: > > > >> Arno Lehmann wrote: > >> > >>> Hi, > >>> > >>> 02.09.2008 09:37, J. Bakshi wrote: > >>> > >>>> Dear list, > >>>> > >>>> I have installed > >>>> > >>>> nagios-nrpe 2.0 > >>>> nagios-plugins 1.4 > >>>> nagios-plugins-extras 1.4 > >>>> > >>>> How can I check smtps, ldaps, pop3s, imaps with nrpe ? > >>>> the default check_smtp ; check_imap etc can't check the SSL > version of > >>>> the services. > >>>> > >>> Mine can; call them with -h for help and read the output. I > usually > >>> use the -S swich plus, as needed, -p for the target port. > >>> > >>> Example output: > >>> $ /usr/local/nagios3/libexec/check_imap -H <a href="http://192.168.1.2" target="_blank">192.168.1.2</a> </div>> <<a href="http://192.168.1.2" target="_blank">http://192.168.1.2</a>> -S -p 993 -D 12 <div class="Ih2E3d">> >>> OK - Certificate will expire on 04/27/2009 21:13. > >>> IMAP OK - 0.060 second response time on port 993 [* OK IMAP4 Ready </div>> >>> <a href="http://balrog.privat.lehleute.de" target="_blank">balrog.privat.lehleute.de</a> <<a href="http://balrog.privat.lehleute.de" target="_blank">http://balrog.privat.lehleute.de</a>> <div><div></div><div class="Wj3C7c">> 0001b1a4]|time=0.059891s;;;0.000000;10.000000 > >>> > >>> > >> Hi Arno, > >> > >> first of all thanks for your kind response. I have also found > the "-S" > >> option but the story is different here and it is > >> negative :-( > >> > >> here is the nmap output which proves the required port are open > >> > > > > It does not actually prove the services are listening on localhost, > > and that access is not filtered, for example by hosts files. > > > > > >> PORT STATE SERVICE > >> 25/tcp open smtp > >> 80/tcp open http > >> 143/tcp open imap > >> 389/tcp open ldap > >> 443/tcp open https > >> 465/tcp open smtps > >> 993/tcp open imaps > >> 995/tcp open pop3s > >> 1234/tcp open hotline > >> 2000/tcp open callbook > >> 3306/tcp open mysql > >> > >> more important I can use the SSL enabled services, like pop3s , > smtps etc... > >> > >> If I check with check_smtp I get the following > >> > >> /usr/lib/nagios/plugins/check_smtp -H localhost -p 465 -S -v > >> CRITICAL - Socket timeout after 10 seconds > >> > > > > Check with the ip address that is usually used - it's quite possible > > the service is not bound to localhost. > > > > > >> And here is the check fir ftp :-( > >> > >> /usr/lib/nagios/plugins/check_ftp -H localhost -p 60021 -S -v > >> CRITICAL - Cannot make SSL connection 13948:error:140770FC:SSL > >> routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:478: > >> > >> Plese note I am practically using ftps, smtps, pop3s > >> > >> I have no clue really. > >> Hope you can enlighten me to point out my mistake. > >> > > > > Try what I suggested... that's what I'd do now. > > > > Arno > > > > Dear Arno and Alex, > > thanks a lot for your kind guidance. > > Arno, I have also checked with IP but no success. > > Here is some more feedback which you can find interesting > > #### IMAPS successful ########## > > /usr/lib/nagios/plugins/check_imap -H localhost -p 993 -S -w 5 -c > 8 -t 10 > IMAP OK - 0.099 second response time on port 993 [* OK Cyrus IMAP4 > v2.2.12 server ready] > |time=0.098621s;5.000000;8.000000;0.000000;10.000000 > > ######## POP3S successful ########## > /usr/lib/nagios/plugins/check_pop -H localhost -p 995 -w 5 -c 8 > -t 10 -S > POP OK - 0.101 second response time on port 995 [+OK lvps872308228. > Cyrus POP3 v2.2.12 server ready > <4156316096.1220347347@lvps872308<a href="http://228.dedicated.hosteurope.de" target="_blank">228.dedicated.hosteurope.de</a> </div></div>> <<a href="http://228.dedicated.hosteurope.de" target="_blank">http://228.dedicated.hosteurope.de</a>>>] <div class="Ih2E3d">> |time=0.101278s;5.000000;8.000000;0.000000;10.000000 > > ######## SMTPS failed but telnet successful ######### > > /usr/lib/nagios/plugins/check_smtp -H <replaced by my server IP> > -p > 465 -w 5 -c 8 -t 10 -S > CRITICAL - Socket timeout after 10 seconds > </div>> telnet <a href="http://87.230.8.228" target="_blank">87.230.8.228</a> <<a href="http://87.230.8.228" target="_blank">http://87.230.8.228</a>> 465 <div class="Ih2E3d">> Trying 87.230.8.228... </div>> Connected to <a href="http://87.230.8.228" target="_blank">87.230.8.228</a> <<a href="http://87.230.8.228" target="_blank">http://87.230.8.228</a>>. <div><div></div><div class="Wj3C7c">> Escape character is '^]'. > > quit > quit > Connection closed by foreign host. > > > ####### FTPS failed but successful by telnet ###############33 > > /usr/lib/nagios/plugins/check_ftp -H <replaced by my server IP> -p > 60021 -w 5 -c 8 -t 10 -S > CRITICAL - Cannot make SSL connection 30050:error:140770FC:SSL > routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:478: > > telnet localhost 60021 > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > 220 *******This server is configured by Jatasankar******* > > 530 Please login with USER and PASS. > > 530 Please login with USER and PASS. > quit > 221 Goodbye. > Connection closed by foreign host. > > > Any clue ? > thanks > > > > > > > >> with many thanks > >> > >> > >>> Arno > >>> > >>> > >>>> thanks > >>>> > >>>> > >>>> > >> > > > > > > > -- > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Joydeep Bakshi, Linux System Admin > Kolkatainfoservices Pvt Ltd, > 23A Royd Street, Kolkata 700016, India > Work Phone 91 033 40014784 > <a href="http://infoservices.in/" target="_blank">http://infoservices.in/</a> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > > > > -- > Alex Dehaini > Developer </div></div>> Site - <a href="http://www.alexdehaini.com" target="_blank">www.alexdehaini.com</a> <<a href="http://www.alexdehaini.com" target="_blank">http://www.alexdehaini.com</a>> > Email - <a href="mailto:alexdehaini@gmail.com">alexdehaini@gmail.com</a> <mailto:<a href="mailto:alexdehaini@gmail.com">alexdehaini@gmail.com</a>> -- <div><div></div><div class="Wj3C7c">~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Joydeep Bakshi, Linux System Admin Kolkatainfoservices Pvt Ltd, 23A Royd Street, Kolkata 700016, India Work Phone 91 033 40014784 <a href="http://infoservices.in/" target="_blank">http://infoservices.in/</a> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ </div></div></blockquote></div> -- Alex Dehaini Developer Site - <a href="http://www.alexdehaini.com">www.alexdehaini.com</a> Email - <a href="mailto:alexdehaini@gmail.com">alexdehaini@gmail.com</a> </div>