Nagios Support Forum

Posted: **Thu Feb 14, 2013 9:48 am**

Hi!

First of all, I will summarize my environment, maybe it can help you to help me

I am using Nagios 3.4.4 on Debian 6, running in a virtual machine (Vmware Infrastructure).
I have 40 hosts (servers and switches) being monitored only by "check alive" (ping).

The issue is that NSClient (0.3.8) is not sending information to Nagios.

On host (Win7) I have already checked nsc.ini, the allowed host and password are set on nsc.ini and commands.cfg (on Nagios).
Host is listening to port 12489 as well and the firewall is disabled. NSC service is running and authorized to interact with desktop.

I have already looked for solutions on several forums and I am 90% sure that the problem is that Debian is not listening to port 12489 (grep -w 12489 /etc/services returns no results).

How can I set Debian to listen to port 12489 and forward the requisitions to Nagios Core?

Thanks in advance!

Posted: **Thu Feb 14, 2013 11:18 am**

Are you using check_nt or check_nrpe?

Posted: **Thu Feb 14, 2013 11:26 am**

Do you have IPTABLES up and running on your Debian box? If so you can allow that port with this command:

Code: Select all

iptables -I INPUT -p tcp --dport 12489 -j ACCEPT

Then restart IPTABLES:

Code: Select all

service iptables restart

Posted: **Thu Feb 14, 2013 1:08 pm**

Hi abrist, thanks for the quick reply

I am using check_nt.

I had already changed iptables, although I was unable to restart it ("iptables: unrecognized service")

Code: Select all

iptables -L

ACCEPT tcp -- anywhere anywhere tcp dpt:12489

But if I check if the port 12489 is being listened, I get no results:

Code: Select all

sudo netstat -tlpn | grep 12489

Any thoughts?

Posted: **Thu Feb 14, 2013 1:43 pm**

If you are using IPtables full time on your system you will need a script to control it in the Debian environment, or a manager such as Bastille or Firestarter.

Do you use a different firewall?

Posted: **Thu Feb 14, 2013 2:05 pm**

slansing wrote: If you are using IPtables full time on your system you will need a script to control it in the Debian environment, or a manager such as Bastille or Firestarter.
Do you use a different firewall?

No, I do not use any firewall. I installed Debian "vanilla" then followed the steps from Quickstart Guide to install Nagios.
In fact, I have no experience with Linux at all

How does the script that you mentioned work? Can it enable 12489 port to listen nsclient inputs then forward it to Nagios?

Posted: **Thu Feb 14, 2013 3:20 pm**

First, we need to find out if you have an iptables init script. Post the output of:

Code: Select all

ls -la /etc/init.d/

Posted: **Fri Feb 15, 2013 7:52 am**

Here you go:

Code: Select all

[*]srvnagios:~# ls -la /etc/init.d/
total 428
drwxr-xr-x   2 root root  4096 Feb  7 12:18 .
drwxr-xr-x 125 root root 12288 Feb 13 14:19 ..
-rwxr-xr-x   1 root root  2233 May  4  2012 acpid
-rwxr-xr-x   1 root root  9651 Oct  4  2010 alsa-utils
-rwxr-xr-x   1 root root  1336 Nov  1  2009 anacron
-rwxr-xr-x   1 root root  7621 Nov 30 06:33 apache2
-rwxr-xr-x   1 root root  1071 Nov 23  2009 atd
-rwxr-xr-x   1 root root  2315 Feb 23  2011 avahi-daemon
-rwxr-xr-x   1 root root  1785 Feb 17  2010 binfmt-support
-rwxr-xr-x   1 root root  4637 Dec 18  2010 bluetooth
-rwxr-xr-x   1 root root  2444 Mar 27  2012 bootlogd
-rwxr-xr-x   1 root root  1579 Mar 27  2012 bootlogs
-rwxr-xr-x   1 root root  1381 Mar 27  2012 bootmisc.sh
-rwxr-xr-x   1 root root  3978 Mar 27  2012 checkfs.sh
-rwxr-xr-x   1 root root 10822 Mar 27  2012 checkroot.sh
-rwxr-xr-x   1 root root  1279 Jun 26  2010 console-setup
-rwxr-xr-x   1 root root  2489 Aug  3  2011 cpufrequtils
-rwxr-xr-x   1 root root  3753 Dec 18  2010 cron
-rwxr-xr-x   1 root root  3016 Dec 29 12:02 cups
-rwxr-xr-x   1 root root  2832 Jun 12  2011 dbus
-rw-r--r--   1 root root  2610 Feb  7 12:18 .depend.boot
-rw-r--r--   1 root root  1589 Feb  7 12:18 .depend.start
-rw-r--r--   1 root root  1292 Feb  7 12:18 .depend.stop
-rwxr-xr-x   1 root root  6441 Jan 25  2010 exim4
-rwxr-xr-x   1 root root  1523 May 26  2010 fancontrol
-rwxr-xr-x   1 root root  1935 Aug 15  2009 firestarter
-rwxr-xr-x   1 root root  2909 Sep 18  2010 fuse
-rwxr-xr-x   1 root root  2965 Apr 20  2011 gdm3
-rwxr-xr-x   1 root root  1329 Mar 27  2012 halt
-rwxr-xr-x   1 root root 10572 Sep 30  2010 hdparm
-rwxr-xr-x   1 root root  1423 Mar 27  2012 hostname.sh
-rwxr-xr-x   1 root root  5079 Jan 25  2011 hwclockfirst.sh
-rwxr-xr-x   1 root root  5061 Jan 25  2011 hwclock.sh
-rwxr-xr-x   1 root root  2518 Sep 15  2006 ifupdown
-rwxr-xr-x   1 root root  1047 Sep  6  2009 ifupdown-clean
-rwxr-xr-x   1 root root  7743 Oct 13  2010 kbd
-rwxr-xr-x   1 root root  1562 Apr 23  2009 kerneloops
-rwxr-xr-x   1 root root  1486 Jun 26  2010 keyboard-setup
-rwxr-xr-x   1 root root  1293 Mar 27  2012 killprocs
-rwxr-xr-x   1 root root   869 May 26  2010 lm-sensors
-rwxr-xr-x   1 root root  6906 Aug  3  2011 loadcpufreq
-rwxr-xr-x   1 root root  1334 Jan 22  2012 module-init-tools
-rwxr-xr-x   1 root root   620 Mar 27  2012 mountall-bootclean.sh
-rwxr-xr-x   1 root root  1668 Mar 27  2012 mountall.sh
-rwxr-xr-x   1 root root  1560 Mar 27  2012 mountdevsubfs.sh
-rwxr-xr-x   1 root root  1924 Mar 27  2012 mountkernfs.sh
-rwxr-xr-x   1 root root   628 Mar 27  2012 mountnfs-bootclean.sh
-rwxr-xr-x   1 root root  2330 Mar 27  2012 mountnfs.sh
-rwxr-xr-x   1 root root  1315 Mar 27  2012 mountoverflowtmp
-rwxr-xr-x   1 root root  5843 Jul 28  2010 mpt-statusd
-rwxr-xr-x   1 root root  3649 Mar 27  2012 mtab.sh
-rwxr-xr-x   1 root root  5310 Jan 31 12:08 nagios
-rwxr-xr-x   1 root root  2451 Apr 18  2010 networking
-rwxr-xr-x   1 root root  1751 Sep 12 10:56 network-manager
-rwxr-xr-x   1 root root  6013 Dec 30  2011 nfs-common
-rwxr-xr-x   1 root root  1814 Dec 26  2009 ntp
-rwxr-xr-x   1 root root  2192 Feb 24  2010 portmap
-rwxr-xr-x   1 root root  4840 May  4  2011 postfix
-rwxr-xr-x   1 root root   549 Jul 18  2010 pppd-dns
-rwxr-xr-x   1 root root  1298 Feb  1  2010 procps
-rwxr-xr-x   1 root root  8635 Mar 24  2012 rc
-rwxr-xr-x   1 root root   801 Mar 27  2012 rc.local
-rwxr-xr-x   1 root root   117 Mar 24  2012 rcS
-rw-r--r--   1 root root  2427 Mar 24  2012 README
-rwxr-xr-x   1 root root   639 Mar 27  2012 reboot
-rwxr-xr-x   1 root root  1074 Mar 27  2012 rmnologin
-rwxr-xr-x   1 root root  3080 Nov 30  2010 rsyslog
-rwxr-xr-x   1 root root  2348 Apr 22  2010 saned
-rwxr-xr-x   1 root root  3286 Mar 27  2012 sendsigs
-rwxr-xr-x   1 root root   590 Mar 27  2012 single
-rw-r--r--   1 root root  4304 Mar 27  2012 skeleton
-rwxr-xr-x   1 root root  3704 Mar 31  2010 ssh
-rwxr-xr-x   1 root root   567 Mar 27  2012 stop-bootlogd
-rwxr-xr-x   1 root root  1143 Mar 27  2012 stop-bootlogd-single
-rwxr-xr-x   1 root root   551 Feb 20  2011 sudo
-rwxr-xr-x   1 root root  7578 Oct 26  2010 udev
-rwxr-xr-x   1 root root  1153 Oct 26  2010 udev-mtab
-rwxr-xr-x   1 root root  2869 Mar 27  2012 umountfs
-rwxr-xr-x   1 root root  2143 Mar 27  2012 umountnfs.sh
-rwxr-xr-x   1 root root  1456 Mar 27  2012 umountroot
-rwxr-xr-x   1 root root   810 Nov 17  2010 unattended-upgrades
-rwxr-xr-x   1 root root  1985 Mar 27  2012 urandom
-rwxr-xr-x   1 root root  1758 Oct 13  2010 x11-common
-rwxr-xr-x   1 root root  2063 Mar 26  2008 xinetd

Posted: **Fri Feb 15, 2013 10:45 am**

Follow the directions on the following github site. You will have to download the init script and copy it into /etc/init.d. Make the script executable:

Code: Select all

chmod +x /etc/init.d/iptables

And then add the iptables to the default runtime level:

Code: Select all

update-rc.d iptables defaults

And now start iptables (if you have not already)

Code: Select all

service iptables start

To make your changes to iptables rules permanent, you should add your rules to the file:

Code: Select all

/etc/init.d/iptables.rules

https://github.com/Sirtea/iptables-init-debian

Posted: **Fri Feb 15, 2013 11:23 am**

abrist

I followed the steps to download and place the script on /etc/init.d but I got some warnings:

srvnagios:~# chmod +x /etc/init.d/iptables
srvnagios:~# update-rc.d iptables defaults
update-rc.d: using dependency based boot sequencing
insserv: warning: script 'S99nagios.cfg' missing LSB tags and overrides
insserv: warning: script 'nagios' missing LSB tags and overrides
srvnagios:~# service iptables start
No rules saved for iptables.

I dont know if it is relevant, but nagios is not starting with system. Every time I reboot Debian I must start Nagios.

Nagios Support Forum

Socket timeout / Connection Refused

Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused

Re: Socket timeout / Connection Refused