I’m so need of help!
For the life of me, I can’t figure out why I get a “Connection refused by host” message when running a “check_???” command.
/usr/local/nagios/libexec/check_nrpe -H 'client ip' -c check_users -t 30
Connection refused by host
/usr/local/nagios/libexec/check_nrpe -H 'client ip'
Connection refused by host
I have added ‘-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5666 -j ACCEPT’ rule on the iptables.
Added ‘nrpe: server ip’ on hosts.allow.
Made sure the /etc/xinetd.d/nrpe file had the ‘server ip’ address on ‘only_from’ line.
Made sure that ‘sudo vim /etc/services’ has ‘nrpe 5666/tcp # NRPE’
The hosts.deny has a ALL:ALL - but the hosts.allow with the nrpe: server ip should’ve handled this problem - right?
When I try to ssh [email protected], I get ‘ssh_exchange_identification: Connection closed by remote host’ error message.
Is there another firewall rules that I’m missing?
Please help - thanks.
ssh into the nagios machine and try:
telnet CLIENT_IP 5666
That will tell you if the client is accepting connections on that port. That’s the first thing you have to check (after a ping of course).
Yes, I’ve tried ssh to the nagios client by:
telnet ‘client IP’ 5666
telnet 'cleint ip' 5666
Trying 'cleint ip'...
telnet: connect to address 'cleint ip': Connection refused
telnet: Unable to connect to remote host: Connection refused
or by
ssh username@client IP
Yes, I can ping the client IP address from the nagios server and ping nagios server’s IP address from the client.
From Nagios Server
ping 'client ip'
PING 'client ip' ('client ip') 56(84) bytes of data.
64 bytes from 'client ip': icmp_seq=1 ttl=57 time=3.28 ms
64 bytes from 'client ip': icmp_seq=2 ttl=57 time=1.05 ms
64 bytes from 'client ip': icmp_seq=3 ttl=57 time=1.05 ms
64 bytes from 'cleint ip': icmp_seq=4 ttl=57 time=1.06 ms
From Nagiosclientclientclientclientclient client
ping 'server ip'
PING 'server ip' ('server ip') 56(84) bytes of data.
64 bytes from 'server ip': icmp_seq=1 ttlclientclientclient=57 time=1.05 ms
64 bytes from 'server ip': icmp_seq=2 ttlclientclientclient=57 time=1.05 ms
64 bytes from 'server ip': icmp_seq=3 ttl=57 time=1.03 ms
64 bytes from 'server ip': icmp_seq=4 ttl=57 time=1.04 ms
Something is blocking/refusing it, I just don’t know what though.
Telnet is not ssh
Using telnet in this way will not actually establish a “shell” session. Telnet is a simple tool that does nothing more than establish a TCP connection.
Because your client would not establish a connection on 5666, that means that
- Nothing is listening on that port
or
- Something is blocking that port.
So now you have to work your way back from the client. Dumb question; are you sure that nrpe is actually running and listening at the client? If you do a “ps aux | grep nrpe” what do you see? How about a “netstat -l”?