Page 1 of 1
NRPE listening on IPV6
Posted: Wed Aug 16, 2017 4:08 pm
by brianbelden
I currently run our Nagios monitoring servers on Debian, and all of our debian servers in our environment have Nagios-Plugins installed. Everything Nagios runs correctly, but I have been auditing our systems to make sure no services are listening on IPV6. I have done all the required changes to Debian to disable IPV6 from working or services from listening, but NRPE still listens on tcp6. NRPE also listens on TCP both on port :5666. I do not think there is any traffic being transmitted on IPV6, but I would like to disable it from listening on IPV6. Has anyone run into this issue before or know a solution?
Thanks
Re: NRPE listening on IPV6
Posted: Wed Aug 16, 2017 5:22 pm
by scottwilkerson
How was NRPE installed? RPM, Source? What version are you running?
Is is running under xinetd or directly?
Re: NRPE listening on IPV6
Posted: Thu Aug 17, 2017 8:04 am
by brianbelden
NRPE was installed from the package using the following command:
apt-get install nagios-nrpe-server nagios-plugins
The version of NRPE running is 3.0.1 I believe, but I have one system that is running an older version of NRPE like 2.1.5 or something.
Most other services have an option in the Config file to disable IPV6 functionality even though I followed all steps through Debian to disable IPV6. Right now if I run Netstat -Plunta the only service listening on tcp6 is NRPE.
Re: NRPE listening on IPV6
Posted: Thu Aug 17, 2017 12:00 pm
by bolson
What does netstat -atnl return?
Put flags=IPv4 in your /etc/xinetd.conf if you're running nrpe as a xinetd service and try netstat -atnl again.