Nagios Support Forum

The iptables rule looks just fine, provided your source was configured to use port 2055 as you mentioned. How long has it been since both the source collector(sfdump) and the firewall rules have been running and configured? It will take some time for enough data to be collected to actually act upon it.

Hi,
the maximum time it has been listening was 3 hours aprox, I dont know if it is enough. Anyway, I still try to check that my port is open on the server I want to analyze:
# nmap 127.0.0.1

Starting Nmap 6.00 ( http://nmap.org ) at 2014-02-10 17:06 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000012s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
631/tcp open ipp
8080/tcp open http-proxy

I am pretty sure that port 2055 should be listed there, shouldn't be?

Thanks again

My guess would be that 2025 is not a standard port that nmap would scan, you can always specify the exact port with:

So yes, it seems to be still closed:
# nmap -p 2055 localhost

Starting Nmap 6.00 ( http://nmap.org ) at 2014-02-11 01:05 CET
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000078s latency).
PORT STATE SERVICE
2055/tcp closed unknown

Anyway, I have set the source to port 8080 (that is open in the server I want to monitor) and nagiosna has been running all night long with this configuration. Unfortunately, No Data has been registered to the source. What else could be tha cause of this apart from the port closed problem?

Thanks again

As sreinhardt mentioned, and I do not believe this has been covered yet.. Have you actually configured the collector on the remote host to gather data on the proper port, and then directed your source to the same port?:

http://assets.nagios.com/downloads/nagi ... alyzer.pdf

Be sure you choose a port that is not currently being used by another application, such as apache, for cleanliness purposes.

Hi,
it seems that I was missing this step. I have already done it:
fprobe <nagiosna_IP>:2055

But no output come out from this command. Should I expect some message? How long does it take to NagiosNA service start receiveing data from the server?

Thanks again

Another question regarding this problem:
After running fprobe:
fprobe <sender_ip>:2055 // sender_ip is the server I want to monitor

I can see this line with lsof -i:
fprobe 7544 root 3u IPv4 11341603 0t0 UDP <sender_ip>:58610-><nagiosna_ip>:2055

But I think it should be: UDP <sender_ip>:2055-><nagiosna_ip>:80 // nagiosna_ip is the machine where the nagios network analyzer is running

I feel a bit confused about about how this configuration should be.

Thanks

Modify the "/etc/sudoers.d/nna_conf" file by adding the following line (colored in red):

Defaults:%nnacmd !requiretty

Host_Alias HOST = localhost

Cmnd_Alias LIST = /sbin/iptables --list
Cmnd_Alias SAVE = /etc/init.d/iptables save
Cmnd_Alias UPDATE = /sbin/iptables -I INPUT -p udp -j ACCEPT --dport *
Cmnd_Alias DAEMON = /usr/local/nagiosna/bin/nagiosna *

%nnacmd HOST=(root) NOPASSWD: LIST
%nnacmd HOST=(root) NOPASSWD: SAVE
%nnacmd HOST=(root) NOPASSWD: UPDATE
%nnacmd HOST=(nna) NOPASSWD: /bin/kill *
%nnacmd HOST=(nna) NOPASSWD: DAEMON

Let me know if this helped.

Hi,
Yes thanks! It seems it works, at least partially. Some sources show complete statistics whilst others only show statistics in "Bandwitdh graph", not in "Top 5 talkers part".
What could it be caused by?

Thanks for your help

It may take some time before this gets populated.