ROUND TWO: Purposely sending metachars to NRPE

[highness]

Ok - I modified one of my checks from yesterday that I'm trying to pass a string to, but am getting the same issue as yesterday - this time, I'm ignoring what the Test Check Command says, but when I add it and execute the check, it still is failing.

The output under the "Service Status Detail" looks like this:

Code: Select all

CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.

The logs on the remote server logs look like this

Code: Select all

Feb  3 16:39:10 ip-10-yyy-yyy-yyy xinetd[17020]: START: nrpe pid=20340 from=::ffff:10.XXX.XXX.XXX
Feb  3 16:39:10 ip-10-yyy-yyy-yyy nrpe[20340]: Error: Request contained illegal metachars!
Feb  3 16:39:10 ip-10-yyy-yyy-yyy nrpe[20340]: Client request was invalid, bailing out...
Feb  3 16:39:10 ip-10-yyy-yyy-yyy xinetd[17020]: EXIT: nrpe status=0 pid=20340 duration=0(sec)

The check in CCM --> Services looks like this:

-a '-u https://www.ourwebsite.org -w 900 -c 1500 -s "Terms & Service" '

Ergh...

[tgriep]

Are you trying to check a web site for this string "Terms & Service" on that site?

If so, you should use the check_http command instead and the check would look like this .

Code: Select all

./check_http -H www.ourwebsite.org -u https://www.ourwebsite.org -w 900 -c 1500 -s "Terms & Service"

[highness]

Are you trying to check a web site for this string "Terms & Service" on that site?

If so, you should use the check_http command instead and the check would look like this .

Code: Select all

./check_http -H www.ourwebsite.org -u https://www.ourwebsite.org -w 900 -c 1500 -s "Terms & Service"

I am, but I'm gathering a ton of other behind the scenes info that check_http doesn't give me...

[tgriep]

Try changing the check to

Code: Select all

-a '-u https://www.ourwebsite.org -w 900 -c 1500 -s "Terms \& Service" '

Save the changes, Apply the config and go to the service and schedule a forced immediate check.

[highness]

Try changing the check to

Code: Select all

-a '-u https://www.ourwebsite.org -w 900 -c 1500 -s "Terms \& Service" '

Save the changes, Apply the config and go to the service and schedule a forced immediate check.

Yeah, tried that a few times - even changed the text I'm searching for. Still no joy... looks like the issue is the quotes.

Service Status Detail still shows:

Code: Select all

CHECK_NRPE: Received 0 bytes from daemon. Check the remote server logs for error messages.

and the remote logs show this:

Code: Select all

Feb  3 17:33:00 ip-10-yyy-yyy-yyy xinetd[17020]: START: nrpe pid=25835 from=::ffff:10.xxx.xxx.xxx
Feb  3 17:33:00 ip-10-yyy-yyy-yyy nrpe[25835]: Error: Request contained illegal metachars!
Feb  3 17:33:00 ip-10-yyy-yyy-yyy nrpe[25835]: Client request was invalid, bailing out...
Feb  3 17:33:00 ip-10-yyy-yyy-yyy xinetd[17020]: EXIT: nrpe status=0 pid=25835 duration=0(sec)

[abrist]

looks like the issue is the quotes.

Indeed, quotes are illegal meta characters.

You may want to hard code this check into the remote systems nrpe.cfg.
Or you could look at using the nrpe master branch that has quotes removed from the illegal metacharacter list. But beware! This may open the system up to specific vulnerabilities.
https://github.com/NagiosEnterprises/nr ... its/master