Agent On Oracle VM server release 3.2.3

[abrist]

Replace the line:

Code: Select all

only_from       = 127.0.0.1 192.168.74.134

In /etc/xinetd.d/nrpe, with:

Code: Select all

only_from       = 127.0.0.1 <your xi server ip>

Restart xinetd:

Code: Select all

service xinetd restart

Now from the XI server, nmap the remote host:

Code: Select all

nmap <ip of remote host> -p 5666 

[cokj72]

Replace the line:

Code: Select all

only_from       = 127.0.0.1 192.168.74.134

In /etc/xinetd.d/nrpe, with:

Code: Select all

only_from       = 127.0.0.1 <your xi server ip>

Restart xinetd:

Code: Select all

service xinetd restart

I had already changed this line

Code: Select all

only_from       = 127.0.0.1 192.168.110.150

Now from the XI server, nmap the remote host:

Code: Select all

nmap <ip of remote host> -p 5666 

this is the result:

Code: Select all

[root@nagios ~]# nmap 192.168.110.218 -p 5666

Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-24 09:45 CEST
Nmap scan report for ovmm.fpf.local (192.168.110.218)
Host is up (0.00031s latency).
PORT     STATE  SERVICE
5666/tcp closed nrpe
MAC Address: 00:21:F6:00:00:06 (Virtual Iron Software)

Nmap done: 1 IP address (1 host up) scanned in 0.17 seconds

[abrist]

Is xinetd running on the remote host?

Code: Select all

service xinetd status

What firewall rules is the remote currently using?

Code: Select all

iptables -L

[cokj72]

Is xinetd running on the remote host?

Code: Select all

service xinetd status

Code: Select all

[root@ovmn ~]# service xinetd status
xinetd (pid  18802) is running...

What firewall rules is the remote currently using?

Code: Select all

iptables -L

[root@ovmn ~]# iptables -L

Code: Select all

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ndmp
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ntp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54322
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54321
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:15901
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:afs3-prserver
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ndmp
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ntp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54322
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54321
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:15901
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:afs3-prserver
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:nsca
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:nrpe
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ndmp
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ntp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54322
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54321
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:15901
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:afs3-prserver
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ndmp
ACCEPT     udp  --  anywhere             anywhere            state NEW udp dpt:ntp
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54322
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:54321
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:15901
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:afs3-prserver
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp any
ACCEPT     esp  --  anywhere             anywhere
ACCEPT     ah   --  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ipp
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere            reject-with icmp-host-prohibited

[abrist]

You will need to open up port 5666 on the iptables chain 'RH-Firewall-1-INPUT'.

[cokj72]

You will need to open up port 5666 on the iptables chain 'RH-Firewall-1-INPUT'.

I've insert this line in the file "iptables":

Code: Select all

-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 5666 -j ACCEPT

Restart nrpe on the host (pag.5 NRPE Troubleshooting and Common Solutions), but:

Code: Select all

[root@ovmn sysconfig]# /etc/init.d/nrpe restart
-bash: /etc/init.d/nrpe: No such file or directory
[root@ovmn sysconfig]# service xinetd restart
Stopping xinetd:                                           [  OK  ]
Starting xinetd:                                           [  OK  ]

From CLI on the Nagios Server I' ve:

Code: Select all

[root@nagios ~]# nmap 192.168.110.218 -p 5666
Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-28 10:13 CET
Nmap scan report for ovmm.fpf.local (192.168.110.218)
Host is up (0.00034s latency).
PORT     STATE  SERVICE
5666/tcp closed nrpe
MAC Address: 00:21:F6:00:00:06 (Virtual Iron Software)
Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds

I've install nrpe, from "http://exchange.nagios.org/directory/Pl ... pt/details".
Change the lines 21-25,
ORIGINAL:

Code: Select all

[ -f /etc/nrpe.cfg ] || exit 0

NRPE="/usr/sbin/nrpe"
PIDFILE="/var/run/nrpe.pid"
CFG="/etc/nrpe.cfg

"

NEW:

Code: Select all

[ -f /usr/local/nagios/etc/nrpe.cfg ] || exit 0

NRPE="/usr/local/nagios/etc/nrpe"
PIDFILE="/var/run/nrpe.pid"
CFG="/usr/local/nagios/etc/nrpe.cfg"

Copy the file in /etc/init.d

Code: Select all

chkconfig --add nrpe

Start the Service

Code: Select all

[root@ovmn init.d]# service nrpe restart
Starting NRPE: /etc/init.d/nrpe: line 31: /usr/local/nagios/etc/nrpe: is a directory
OK

but:

Code: Select all

[root@ovmn init.d]# ps -ef |grep -i nrpe |grep -v grep
[root@ovmn init.d]#

and in the Nagios server:

Code: Select all

[root@nagios ~]# nmap 192.168.110.218 -p 5666

Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-28 11:09 CET
Nmap scan report for ovmm.fpf.local (192.168.110.218)
Host is up (0.00030s latency).
PORT     STATE  SERVICE
5666/tcp closed nrpe
MAC Address: 00:21:F6:00:00:06 (Virtual Iron Software)

Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds

Modify line 23 to:

Code: Select all

NRPE="/etc/xinetd.d/nrpe"

but:

Code: Select all

[root@ovmn /]# service nrpe start
Starting NRPE: /etc/xinetd.d/nrpe: line 5: flags: command not found
/etc/xinetd.d/nrpe: line 6: socket_type: command not found
/etc/xinetd.d/nrpe: line 7: port: command not found
/etc/xinetd.d/nrpe: line 8: wait: `=': not a pid or valid job spec
/etc/xinetd.d/nrpe: line 8: wait: `no': not a pid or valid job spec
/etc/xinetd.d/nrpe: line 9: user: command not found
/etc/xinetd.d/nrpe: line 10: group: command not found
/etc/xinetd.d/nrpe: line 11: server: command not found
/etc/xinetd.d/nrpe: line 12: server_args: command not found
/etc/xinetd.d/nrpe: line 13: log_on_failure: command not found
/etc/xinetd.d/nrpe: line 14: disable: command not found
/etc/xinetd.d/nrpe: line 15: only_from: command not found
/etc/xinetd.d/nrpe: line 16: per_source: command not found
/etc/xinetd.d/nrpe: line 17: instances: command not found
OK

[abrist]

Starting NRPE: /etc/init.d/nrpe: line 31: /usr/local/nagios/etc/nrpe: is a directory

This is not right. the config should be located at: /usr/local/nagios/etc/nrpe.cfg

[cokj72]

OK.
I have modified the file /etc/rc.d/init.d/nrpe on te lines 21-25

Code: Select all

NRPE="/usr/local/nagios/etc/nrpe.cfg"
PIDFILE="/var/run/nrpe.pid"
CFG="/usr/local/nagios/etc/nrpe.cfg"

Code: Select all

[root@ovmn init.d]# chkconfig --list
nrpe            0:off   1:off   2:on    3:on    4:on    5:on    6:off
nscd            0:off   1:off   2:off   3:off   4:off   5:off   6:off

Start the service:
[root@ovmn init.d]# service nrpe restart
Starting NRPE: OK
[root@ovmn init.d]# ps -ef |grep -i nrpe
root 10849 9933 0 05:54 pts/0 00:00:00 grep -i nrpe

And from NagiosXI Server:

Code: Select all

[root@nagios ~]# nmap 192.168.110.253 -p 5666

Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-29 11:51 CET
Nmap scan report for vtfi.fpf.local (192.168.110.253)
Host is up (0.00031s latency).
PORT     STATE SERVICE
5666/tcp open  nrpe
MAC Address: 00:0C:29:80:BE:70 (VMware)

Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds

But from consolle:

[abrist]

We are getting closer. This current issue has to be due to the allowed_hosts or only_from directives. Are you now starting nrpe from its init script, or from xinetd?

[cokj72]

I made him start from inet.d (though not the 'I eliminated from xinet.d), but I see the active process ...

Code: Select all

[root@ovmn init.d]# ps -ef |grep -i nrpe |grep -v grep
[root@ovmn init.d]#