UDP port for monitor
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: UDP port for monitor
Can you attach your current check_udp_port file
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: UDP port for monitor
We've tested this with the same setup you have without error so the | isn't the problem, Lets go back to just the attached file for the plugin
then run the following and return the results
Code: Select all
su nagios -c '/usr/local/nagios/libexec/check_udp_port -H xxxxxxxx -p 1162 -s "health-trap"'You do not have the required permissions to view the files attached to this post.
-
Vigneshwar.A
- Posts: 25
- Joined: Fri May 12, 2017 2:02 am
Re: UDP port for monitor
hi scottwilkerson,scottwilkerson wrote:We've tested this with the same setup you have without error so the | isn't the problem, Lets go back to just the attached file for the plugin then run the following and return the resultsCode: Select all
su nagios -c '/usr/local/nagios/libexec/check_udp_port -H xxxxxxxx -p 1162 -s "health-trap"'
We have tested with the same plugin and PFB command output
[root@xxxxxxxxx libexec]# su nagios -c '/usr/local/nagios/libexec/check_udp_port -H xx.xxx.xxx.xx -p 1162 -s "health-trap"'
You requested a scan type which requires root privileges.
QUITTING!
result:
f_result:
p_result:
CRITICAL:
[root@xxxxxxxx libexec]# ./check_udp_port -H xx.xxx.xxx.xx -p 1162 -s "health-trap"
result:
Starting Nmap 6.47 ( http://nmap.org ) at 2018-10-12 11:53 BST
Nmap scan report for xx.xxx.xxx.xx
Host is up (0.00021s latency).
PORT STATE SERVICE
1162/udp open|filtered health-trap
MAC Address: 00:15:5D:6E:4E:27 (Microsoft)
Nmap done: 1 IP address (1 host up) scanned in 0.29 seconds
f_result: 1162/udp open|filtered health-trap MAC Address: 00:15:5D:6E:4E:27 (Microsoft) Nmap done
p_result: 1162/udp open|filtered health-trap
OK: health-trap listening on port 1162: 1162/udp open|filtered health-trap
You have mail in /var/spool/mail/root
[root@xxxxxxxxx libexec]#
Re: UDP port for monitor
Try this, edit the /etc/sudoers file and add the following entries
Save the file and edit the check_udp_port script and change this line from
to
Save it out and run this test again to see if it allows nmap to run as root in the script.
Code: Select all
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_udp_port
nagios ALL=NOPASSWD: /usr/bin/nmap Code: Select all
result=`/usr/bin/nmap -sU -p $port -P0 $host`Code: Select all
result=`sudo /usr/bin/nmap -sU -p $port -P0 $host`Code: Select all
su nagios -c '/usr/local/nagios/libexec/check_udp_port -H xx.xxx.xxx.xx -p 1162 -s "health-trap"'Be sure to check out our Knowledgebase for helpful articles and solutions!
-
Vigneshwar.A
- Posts: 25
- Joined: Fri May 12, 2017 2:02 am
Re: UDP port for monitor
Hi tgriep,tgriep wrote:Try this, edit the /etc/sudoers file and add the following entriesSave the file and edit the check_udp_port script and change this line fromCode: Select all
nagios ALL=NOPASSWD: /usr/local/nagios/libexec/check_udp_port nagios ALL=NOPASSWD: /usr/bin/nmaptoCode: Select all
result=`/usr/bin/nmap -sU -p $port -P0 $host`Save it out and run this test again to see if it allows nmap to run as root in the script.Code: Select all
result=`sudo /usr/bin/nmap -sU -p $port -P0 $host`Code: Select all
su nagios -c '/usr/local/nagios/libexec/check_udp_port -H xx.xxx.xxx.xx -p 1162 -s "health-trap"'
As you said i did the changes but still issue remains same.
so while digging into this issue suddenly one thing came to my mind and i tried with the old plugin and command but i changed the macarons path $USER1$=LC_ALL=C /usr/local/nagios/libexec this to $USER2$=/usr/local/nagios/libexec so after changing the path issue has been resolved and came to end finally. PFB SS as you have told to do changes and i have tested in the udp port 1162 copy1 working output.
Output:
[root@xxxxxxxxxx libexec]# su nagios -c '/usr/local/nagios/libexec/check_udp_port -H xx.xxx.xxx.xx -p 1162 -s "health-trap"'
result:
Starting Nmap 6.47 ( http://nmap.org ) at 2018-10-15 15:25 BST
Nmap scan report for xx.xxx.xxx.xx
Host is up (0.00020s latency).
PORT STATE SERVICE
1162/udp open|filtered health-trap
MAC Address: 00:15:5D:6E:4E:27 (Microsoft)
Nmap done: 1 IP address (1 host up) scanned in 5.78 seconds
f_result: 1162/udp open|filtered health-trap MAC Address: 00:15:5D:6E:4E:27 (Microsoft) Nmap done
p_result: 1162/udp open|filtered health-trap
OK: health-trap listening on port 1162: 1162/udp open|filtered health-trap
You have mail in /var/spool/mail/root
[root@xxxxxxxxxxx libexec]#
[root@xxxxxxxxx libexec]# ./check_udp1 -H xx.xxx.xxx.xx -p1162 -s "health-trap"
OK: health-trap listening on port 1162: 1162/udp open|filtered health-trap
Command:
check_udp_port_copy_1 $USER2$/check_udp1 -H $HOSTADDRESS$ -p $ARG1$ -s $ARG2$
You do not have the required permissions to view the files attached to this post.
Re: UDP port for monitor
I am glad your issue has been resolved, but wonder - why did you have this:
You should've had this:
Let us know if it is OK to lock this topic. Thank you!
Code: Select all
$USER1$=LC_ALL=C /usr/local/nagios/libexecCode: Select all
$USER1$=/usr/local/nagios/libexecBe sure to check out our Knowledgebase for helpful articles and solutions!
-
Vigneshwar.A
- Posts: 25
- Joined: Fri May 12, 2017 2:02 am
Re: UDP port for monitor
Hi lmiltchev,lmiltchev wrote:I am glad your issue has been resolved, but wonder - why did you have this:You should've had this:Code: Select all
$USER1$=LC_ALL=C /usr/local/nagios/libexecLet us know if it is OK to lock this topic. Thank you!Code: Select all
$USER1$=/usr/local/nagios/libexec
Actually i don't know what for $USER1$=LC_ALL=C /usr/local/nagios/libexec macarons created in our environment, i will be coordinate with my team members and modify asap.
Thanks for each and every one who have supported in this issue, you can lock this topic.