Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
I have been searching Google and these forums for a while trying to solve my NSCA Problem. Ideally we are working to implement Nagios Core for monitoring our clients servers, which it works like a champ when doing active checks but to spare processor time. I have core up and running and ran the install for NSCA and then setup the first server. I was using encryption and decryption method 8 which worked on a later version of all the software. Now I get the following message on the server when a NSCA Check is received:
Nov 10 14:01:45 natasharomanov xinetd[1175]: START: nsca pid=1291 from=::ffff:[IPofClient]
Nov 10 14:01:45 natasharomanov nsca[1291]: Invalid decryption method (2) in config file '/usr/local/nagios/etc/nsca.cfg' - Line 202
Nov 10 14:01:45 natasharomanov nsca[1291]: Daemon was not compiled with mcrypt library, so decryption is unavailable.
Nov 10 14:01:45 natasharomanov xinetd[1175]: EXIT: nsca status=2 pid=1291 duration=0(sec)
From the Client side I see this error/message:
**Checks Information**
2016-11-10 13:02:42: debug:modules\NSCAAgent\NSCAThread.cpp:272: Sending to server...
2016-11-10 13:02:42: debug:modules\NSCAAgent\NSCAThread.cpp:279: Looked up [IPofServer] to [IPofServer]
2016-11-10 13:02:42: message:modules\NSCAAgent\NSCAThread.cpp:305: Could not read a full NSCA hdr packet from socket, only got: 0
So unfortunately this did not solve the problem, that error did go away but has now been replaced with
Nov 10 22:36:26 natasharomanov xinetd[551]: START: nsca pid=807 from=::ffff:162.250.124.104
Nov 10 22:36:26 natasharomanov nsca[807]: Invalid decryption method (2) in config file '/usr/local/nagios/etc/nsca.cfg' - Line 202
Nov 10 22:36:26 natasharomanov nsca[807]: Daemon was not compiled with mcrypt library, so decryption is unavailable.
Nov 10 22:36:26 natasharomanov xinetd[551]: EXIT: nsca status=2 pid=807 duration=0(sec)
"The companion to MCrypt is Libmcrypt, which contains the actual encryption functions themselves, and provides a standardized mechanism for accessing them."
after you install mcrypt and libmcrypt re-compile NSCA and check for any errors. please check if it was compiled without any errors. if there is any error please past it here.
lesnikov wrote:"The companion to MCrypt is Libmcrypt, which contains the actual encryption functions themselves, and provides a standardized mechanism for accessing them."
after you install mcrypt and libmcrypt re-compile NSCA and check for any errors. please check if it was compiled without any errors. if there is any error please past it here.
Okay so I found the problem with it, the file was not being overwritten when I hit the make all command. So I had to execute a RM on the formerly compiled nsca and then remake it. So now it appears to be working on the server side but I am getting what I think is a client error?
Nov 11 09:09:22 natasharomanov xinetd[551]: START: nsca pid=824 from=::ffff:162.250.124.104
Nov 11 09:09:23 natasharomanov nsca[824]: Dropping packet with invalid CRC32 - possibly due to client using wrong password or crypto algorithm?
Nov 11 09:09:23 natasharomanov xinetd[551]: EXIT: nsca status=0 pid=824 duration=1(sec)
So when I check the server is running version 2.9 and the client is on 0.3.9. I have not read the security file yet, I tested it with no security because I figured everything is setup by iptables so unless someone gets direct access to the server or tries really hard to spoof their data then I am okay. With the encryption option set to 0 on both ends I get
Nov 11 13:51:32 natasharomanov xinetd[551]: START: nsca pid=2658 from=::ffff:162.250.124.104
Nov 11 13:51:33 natasharomanov nsca[2658]: Dropping packet with invalid CRC32 - possibly due to client using wrong password or crypto algorithm?
Nov 11 13:51:33 natasharomanov xinetd[551]: EXIT: nsca status=0 pid=2658 duration=1(sec)