I inadvertently edited my IP Tables and cannot SSH into my NagiosNA VM any longer. The chain of events:
- Installed NCPA
- XI could not complete the NCPA checks
- Disabled the firewall on the NA machine
- XI successfully completed the NCPA checks
- Attempted to edit my IP Table on the NA machine
Current issue: Cannot SSH or access NA via the web GUI
Two questions:
1) Can someone please send me an OOTB IP Table configuration for NA so I can replace mine? Still able to FTP in as well as access through vsphere console
2) What type of traffic is NCPA? Need to open up the port on the firewall of the VM
Thanks!
IP Tables & NCPA
-
npolovenko
- Support Tech
- Posts: 3457
- Joined: Mon May 15, 2017 5:00 pm
Re: IP Tables & NCPA
Hello, @rkane. Let me confirm: you have a NCPA agent installed on the Network analyzer and you're monitoring it from the XI server?
I don't think Nagios NA comes with any iptable rules out of the box.
Are you able to access the NA machine from the VSPhere and disable the iptables?
NCPA uses TCP traffic.
I don't think Nagios NA comes with any iptable rules out of the box.
Are you able to access the NA machine from the VSPhere and disable the iptables?
NCPA uses TCP traffic.
As of May 25th, 2018, all communications with Nagios Enterprises and its employees are covered under our new Privacy Policy.
Re: IP Tables & NCPA
Correct. I installed the NCPA client on my NagiosNA box so I could monitor it from NagiosXI. When executing the NCPA checks from NagiosXI they fail. Turning off the firewall service on the NagiosNA machine allows the service checks to successfully complete.
With this info I went to create an iptable entry to allow the communication through to the NagiosNA NCPA client. I put in the wrong traffic type and attempted to delete the entry. In doing so I deleted something that cut off ssh / web GUI access. Turning the firewall service back off (via vsphere) restores these.
With this info I went to create an iptable entry to allow the communication through to the NagiosNA NCPA client. I put in the wrong traffic type and attempted to delete the entry. In doing so I deleted something that cut off ssh / web GUI access. Turning the firewall service back off (via vsphere) restores these.
npolovenko wrote:Hello, @rkane. Let me confirm: you have a NCPA agent installed on the Network analyzer and you're monitoring it from the XI server?
I don't think Nagios NA comes with any iptable rules out of the box.
Are you able to access the NA machine from the VSPhere and disable the iptables?
NCPA uses TCP traffic.
Re: IP Tables & NCPA
Pulled up the specific command I ran, how do I reverse this?
Code: Select all
iptables -D INPUT 1
Re: IP Tables & NCPA
Stop the iptables on the NNA machine:
Open the iptables config file in a text editor:
Make sure you have these two lines:
Save and exit:
Add some rules by modifying the /etc/sysconfig/iptable file.
Example:
where <source1 port>, <source2 port>, etc. are the NNA sources UDP ports.
Save and exit. Start iptables:
You can run nmap on the Nagios XI server against the NNA machine to see which ports are open or you could test a specific port, e.g.
Hope this helps.
Code: Select all
service iptables stopCode: Select all
vi /etc/sysconfig/iptables-configCode: Select all
IPTABLES_SAVE_ON_STOP="yes"
IPTABLES_SAVE_ON_RESTART="yes"Code: Select all
:wqExample:
Code: Select all
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 5693 -j ACCEPT
-A INPUT -p udp -m udp --dport <source1 port> -j ACCEPT
-A INPUT -p udp -m udp --dport <source2 port> -j ACCEPTSave and exit. Start iptables:
Code: Select all
service iptables startCode: Select all
nmap <NNA server's IP address> -p 5693Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: IP Tables & NCPA
Appreciate it. These two lines are set to "NO" in my iptables-config...do I need to edit them?
As well, service iptables stop results in the following error:lmiltchev wrote: Make sure you have these two lines:Code: Select all
IPTABLES_SAVE_ON_STOP="yes" IPTABLES_SAVE_ON_RESTART="yes"
Code: Select all
Failed to stop iptables.service: unit iptables.service not loadedYou do not have the required permissions to view the files attached to this post.
Re: IP Tables & NCPA
If you see the messages above, than you most probably are using firewalld, NOT iptables, so ignore my previous message.Failed to stop iptables.service: unit iptables.service not loaded
To see if firewalld is running, run:
Code: Select all
systemctl status firewalld.serviceCode: Select all
firewall-cmd --zone=public --list-portsCode: Select all
firewall-cmd --zone=public --permanent --add-port=22/tcp
firewall-cmd --zone=public --permanent --add-port=80/tcp
firewall-cmd --zone=public --permanent --add-port=5693/tcp
firewall-cmd --zone=public --permanent --add-port=<source port>/udp
Code: Select all
firewall-cmd --reloadCode: Select all
firewall-cmd --zone=public --list-portsBe sure to check out our Knowledgebase for helpful articles and solutions!
Re: IP Tables & NCPA
Done and done, thank you sir.
Case closed
Case closed
lmiltchev wrote:If you see the messages above, than you most probably are using firewalld, NOT iptables, so ignore my previous message.Failed to stop iptables.service: unit iptables.service not loaded
To see if firewalld is running, run:To see what ports are opened, run:Code: Select all
systemctl status firewalld.serviceTo open ports, run:Code: Select all
firewall-cmd --zone=public --list-portsTo reload the firewall, run:Code: Select all
firewall-cmd --zone=public --permanent --add-port=22/tcp firewall-cmd --zone=public --permanent --add-port=80/tcp firewall-cmd --zone=public --permanent --add-port=5693/tcp firewall-cmd --zone=public --permanent --add-port=<source port>/udpAfter you are done, check the rules again:Code: Select all
firewall-cmd --reloadCode: Select all
firewall-cmd --zone=public --list-ports
Re: IP Tables & NCPA
I am glad I could help!
I am closing this topic.
I am closing this topic.
Be sure to check out our Knowledgebase for helpful articles and solutions!