I’m running version 2.8.1 of nrpe daemon and check_nrpe.
We have Cisco PIX/ASA firewalls that are noticing TCP RESETS (RST) coming from the daemon that is being sent after the connection fully closes from both sides.
This was seen in packet dumps(see attachment) from systems in both the same subnet(without firewall) and different subnets(with firewall).
This is more of an annoyance than anything as the only negative is that our firewall logs are getting flooded from the TCP RST connections not belonging to any existing connection. I’ve seen older posts that somewhat relate to this but I have not seen any resolutions.
It almost seems as the daemon is paranoid about the connection closing and sends a redundant RST…even though both sides successfully closed the connection (FIN, FIN-ACK).