Hash: SHA1
nap schrieb:
> Hi List,
>
>
> I wrote a patch for ndo 1.4b7 (ndomod and ndo2db) : the SSL
> connection. The code come from nrpe. I think this can be useful
> with distributed Nagios, the communications between the secondary
> nagios and ndo2db are in plaintext and we can see the name of the
> host in it.
>
Nice thing.
> The patch just apply the SSL connection to the sock of the
> connection between ndomod and ndo2db (just for a tcp connection, i
> don't think it is useful for unix socket...).
I guess it becomes very useful for the situation of "outside-my-lan"
nagios servers with "internal" db hosts.
But do you have ideas about the performance situation?
encryption takes cpu time and ndomod is usual not very quiet on wire.
>
> In the patch you can see the dh.h file from nrpe. In nrpe it's
> generated by ./configure but I don't know how to modified it. The
> Makefile need the ssl lib too, but I don't know how to modify the
> autoconf (I leave a Makefile.new in the patch to show what to
> modify), if someone can help me on this
I will have a look at it.
>
> For the moment the patch apply the SSL for all connections, but
> maybe we can put the use_ssl argument into ndo2db.conf and
> ndomod.conf.
>
That would be the best way.
> I test with a small server and 4000 services and I don't see any
> overload of ndo2db or nagios due to the SSL. It can't be null, just
> small.
>
mkay... drop my above question
Nice thing, I am on your side for testing and helping hands.
Hendrik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFJEu/9lI0PwfxLQjkRAkUsAJ0T4PmN5cmtJjQ+SuDr6PEEXhzzswCZAQDx
h/Zbezr0h0P0ujl4yPJxZ1E=
=3D9L
-----END PGP SIGNATURE-----
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]