Problem with nagios client config


#1

Hello,

I have configured a nagios client (Red Hat Enterprise Linux AS release 4 )

when i run the command it gives me an error

/usr/local/nagios/libexec/check_nrpe -n -H

CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.

On remote(client) server, i get foll in messages

Nov 11 07:53:29 nrpe[29524]: Host 172.16.128.54 is not allowed to talk to us!
Nov 11 07:54:45 nrpe[25475]: Host 172.16.128.54 is not allowed to talk to us!
Nov 11 07:55:23 nrpe[25643]: Host 172.16.128.54 is not allowed to talk to us!

what am i missing here…

I have checked following things

  1. ping is successful between nagios server and nagios client

  2. [root@cleint ~]# netstat -an | grep 5666
    tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN
    [root@cleint ~]# netstat -lp | grep 5666

  3. [root@client ~]# telnet 5666
    Trying 10.18.24.35…
    Connected to xxxxxxx (10.18.24.35).
    Escape character is ‘^]’.
    Connection closed by foreign host.

  4. [root@server ~]# telnet 5666
    Trying 10.18.24.35…
    Connected to xxxxxxx (10.18.24.35).
    Escape character is ‘^]’.
    Connection closed by foreign host.

Thanks for your help

Sunny


#2

are you running some sort of firewall? is port 5666 open? a ping isn’t a connection on port 5666 so it doesn’t really mean much :slight_smile:


#3

How do i check if a firewall is configured?
How do i open the port. It seems to be closed, as telnet on port 5666 is failing


#4

[root@client]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp – server anywhere tcp dpt:nrpe
ACCEPT tcp – server anywhere tcp dpt:nrpe

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


#5

firewall is disabled

Also, please note, i was stuck up while configuring nagios plugins on the client. On searching a workaround i came across following post

./configure appears to hang
If you find that the configure script appears to hang on this line:
checking for redhat spopen problem…

Then you probably have a badly configured DNS server. This part of configure is testing for a pthread problem in Bind that is a kernel problem on some Red Hat derived versions of Linux (around kernel 2.6.9-11). It runs 10 x 100 nslookup calls to see if your kernel has this problem. If it does, then at least 1 of those calls will fail. Failure rate could be anywhere between 1% and 50%.

To force the workaround and ignore the test, run ./configure with the --enable-redhat-pthread-workaround switch.

You can run ./configure with --disable-redhat-pthread to ignore this test.

Hence i configured nagios plugins with the option --enable-redhat-pthread-workaround

Do you think this is causing the problem


#6

you probably have some other firewall between the diffeent servers…
Even the routers could be blocking some ports with some sort of firewall. It depends from your network.
the redhat problem could have something to do with it but i doubt it would be blocking a telnet on the port. (mainly because it has to do with a DNS server which you are NOT using while telnetting to the IP address)