[Nagiosplug-help] NRPE allowed_hosts directive doesn't work?
esac at javanet.info
Fri Jun 24 18:11:07 CEST 2005
I'm trying to make nrpe accept connection from my host
but it seems ignoring allowed_host directive.
When is run in inetd + tcpwrapper _it works_ but I don't whant this
setup I whant it run as daemon and use the firewall for access control.
I've read the FAQ(s) about "CHECK_NRPE: Error - Could not complete SSL
handshake" and several mails in the archive this are things I checked:
· telnetting to 5666 closes connection
· Different versions? on server (gentoo) nagios-nrpe is 2.0 on client
(the monitored host) there is debian-sarge and apt-cache show
nagios-nrpe-server Version: 2.0-7
maybe this is the problem...
· SSL: both on server and client side is installed
· Incorrect file permissions:
-rw-rw---- 1 nagios nagios 5.0K /etc/nagios/nrpe.cfg
· nrpe.cfg have allowed_hosts=127.0.0.1,[my_current_ip] and debug option
· netstat -pta |grep nrpe
tcp 0 0 *:nrpe *:* LISTEN 31399/nrpe
· nmap -sT -p 5666 -PT client-IP
5666/tcp open unknown
on server it shouldn't needed to open up ports but I enable both in and
out connection to 5666.
· command line used to run the client:
su -c '/usr/sbin/nrpe -d -c /etc/nagios/nrpe.cfg' nagios
· logs (not very helpfull)
Added command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
Added command[check_load]=/usr/lib/nagios/plugins/check_load -w 15,10,5
Added command[check_zombie_procs]=/usr/lib/nagios/plugins/check_procs -w
5 -c 10 -s Z
Added command[check_total_procs]=/usr/lib/nagios/plugins/check_procs -w
150 -c 200
INFO: SSL/TLS initialized. All network traffic will be encrypted.
Starting up daemon
Listening for connections on port 5666
Allowing connections from: 127.0.0.1, [my_temp_IP]
Connection from [my_temp_IP] port 57860
Host [my_temp_IP] is not allowed to talk to us!
Connection from [my_temp_IP] closed.
I hope someone has good ideas...
I wrote to nagios-user two days ago but got no reply sorry for the cross
post and thanks
More information about the Help