Nagios on a box with two interfaces?


#1

Hello all, first post here.

I have a question. I am working on a box that will have two nics in it. One nic will be used to monitor one network segment. This network segment is considered untrusted and therefore inaccessable from the trusted network. The other interface will be used to connect to the box from the trusted network, so as to allow the viewing of the monitoring console http page. Is this even possible, and if it is, then what needs to be done so that it works correctly?

Thanks,

~AP


#2

Sounds like you would just configure nagios like normal.

The only think you might be concerned about, is “which network will be allowed to view the http pages.” That is an apache issue and not nagios. The default in apache is to listen on all ports/networks so just change the default setting:
#Listen 12.34.56.78:80
Listen 80
to…
Listen mytrustednetworkipaddy:80
or if you only want to view it on the untrusted, then make it listen on that interface ip:Port


#3

Would I also need to add in iptables to firewall off that interface on all ports BUT 80 so as to prevent anything from coming through?


#4

That’s up to your security design I suppose.