Nagios & NRPE: Source Port & Destination Port

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
jake2019
Posts: 3
Joined: Mon Jan 15, 2018 2:15 pm

Nagios & NRPE: Source Port & Destination Port

Post by jake2019 »

When nagios makes a NRPE query to a host, documentation suggests that by default we're hitting the target host's port 5666.

But what's the source port that nagios uses to make this query?

When the target host running nrpe replies back to Nagios, what port does the system use?

Is it all on 5666?

Found a few documents online such as the below but not sure if this is covering the whole communication process.

https://assets.nagios.com/downloads/nag ... tocols.pdf

https://www.speedguide.net/port.php?port=5666

Thank you in advance for your insights.
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Nagios & NRPE: Source Port & Destination Port

Post by npolovenko »

Hello, @jake2019. Nagios will probably use a random port within the TCP port range. Many Linux kernels use the port range 32768 to 61000.
Check out this documentation for a better understanding of how nrpe works:
https://assets.nagios.com/downloads/nag ... e/NRPE.pdf
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
jake2019
Posts: 3
Joined: Mon Jan 15, 2018 2:15 pm

Re: Nagios & NRPE: Source Port & Destination Port

Post by jake2019 »

Thank you @npolovenko :)

Is there further documentation I could use to dive deeper?

My current situation is a physical firewall standing between my nagios server subnet and the subnet where one of my target nrpe hosts resides. It would be awesome if i could implement an ACL to allow nrpe traffic in-between the subnets but with as much restriction as possible, to only a few ports.

Thank you again for any additional insights :)
User avatar
cdienger
Support Tech
Posts: 5045
Joined: Tue Feb 07, 2017 11:26 am

Re: Nagios & NRPE: Source Port & Destination Port

Post by cdienger »

They're also known as ephemeral ports: https://en.wikipedia.org/wiki/Ephemeral_port. As far as forcing it to a specific source port, I'm afraid that would take some custom dev of the software and likely kernel.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
jake2019
Posts: 3
Joined: Mon Jan 15, 2018 2:15 pm

Re: Nagios & NRPE: Source Port & Destination Port

Post by jake2019 »

Thank you for the information @cdienger ! :)
npolovenko
Support Tech
Posts: 3457
Joined: Mon May 15, 2017 5:00 pm

Re: Nagios & NRPE: Source Port & Destination Port

Post by npolovenko »

@jake2019, Do you have any more questions for us before I close the thread?
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Locked