16
16.7 Legacy Series / [SOLVED] NRPE 2.15 - Socket Timeout After 10 Seconds
« on: January 19, 2017, 01:46:53 pm »
Hey guys,
i am troubleshooting since 2 days now and i can't see the light at the end of the tunnel.
What i try to accomplish is to led my Nagios Server talk to my OPNsense over TCP 5666 and let the Firewall talk back and give some feedback about "average load", "root folder", tcp check and some other services like ntp, ssh and icmp.
What i did was the following:
- install nrpe out of the repository.
- cp /usr/local/etc/nrpe.cfg-sample /usr/local/etc/nrpe.cfg
- changed allowed hosts inside of nrpe.cfg and put in the ip of my Nagios Server + 127.0.0.1.
- created a firewall rule (floating Rule - first match) accepting incoming traffic on port 5666
(To make sure that rules are not the problem, i kinda changed the rule to "PERMIT ANY ANY port 5666" over time)
- enable NRPE by doing: ee /etc/rc.conf --> nrpe2_enable="YES"
(Btw... is it normal that the file was not there from the beginning?)
- chown -R nagios:nagios /usr/local/libexec/nagios/
- insert into /etc/services --> nrpe 5666/tcp # NRPE
- inside /etc/hosts.allow i put in two rules (because i wasn't sure about the syntax)
nrpe : xxx.xxx.xxx.xxx/255.255.255.0 : allow
and
nrpe : xxx.xxx.xxx.xxx/24 : allow
- sudo /usr/local/etc/rc.d/nrpe2 start
- ps 40630
output: PID TT STAT TIME COMMAND
40630 - Is 0:00.00 /usr/local/sbin/nrpe2 -c /usr/local/etc/nrpe.cfg -d
Things i did to troubleshoot my problem:
- From Nagios: telnet <remote_ip> 5666 ---> worked
- From Nagios: nmap <remote_ip> ---> was able to see open Port 5666
- tried doing the "-t 20" trick which did not change anything.
- From OPNsense: /usr/local/libexec/nagios/check_nrpe2 -H localhost ---> "NRPE 2.15" as response
- ps -aef | grep nrpe --> gives me no response
- ps ax | grep nrpe --> gives me:
40630 - Is 0:00.00 /usr/local/sbin/nrpe2 -c /usr/local/etc/nrpe.cfg -d
44893 0 S+ 0:00.00 grep nrpe
- From Nagios: using a check command while watching the traffic with Tcpdump.
Nagios sends 4 packets but is not getting any answers back from OPNsense.
- i watched the Firewall Log while Nagios was sending the packets but there were no entries made in the meantime.
My Problem:
- Socket Timeout After 10 Seconds
Nagios is able to check_<anything> from other remote Hosts already. For the other clients they are all using 2.13 instead of 2.15, which OPNsense is using. The issue must be something regarding the OPNsense version 2.15 which i can't find...
Did anyone ever had any trouble installing NRPE into OPNsense and can tell me what i may forgot to configure?
Best regards and thank you very much in advance
Oxy
i am troubleshooting since 2 days now and i can't see the light at the end of the tunnel.
What i try to accomplish is to led my Nagios Server talk to my OPNsense over TCP 5666 and let the Firewall talk back and give some feedback about "average load", "root folder", tcp check and some other services like ntp, ssh and icmp.
What i did was the following:
- install nrpe out of the repository.
- cp /usr/local/etc/nrpe.cfg-sample /usr/local/etc/nrpe.cfg
- changed allowed hosts inside of nrpe.cfg and put in the ip of my Nagios Server + 127.0.0.1.
- created a firewall rule (floating Rule - first match) accepting incoming traffic on port 5666
(To make sure that rules are not the problem, i kinda changed the rule to "PERMIT ANY ANY port 5666" over time)
- enable NRPE by doing: ee /etc/rc.conf --> nrpe2_enable="YES"
(Btw... is it normal that the file was not there from the beginning?)
- chown -R nagios:nagios /usr/local/libexec/nagios/
- insert into /etc/services --> nrpe 5666/tcp # NRPE
- inside /etc/hosts.allow i put in two rules (because i wasn't sure about the syntax)
nrpe : xxx.xxx.xxx.xxx/255.255.255.0 : allow
and
nrpe : xxx.xxx.xxx.xxx/24 : allow
- sudo /usr/local/etc/rc.d/nrpe2 start
- ps 40630
output: PID TT STAT TIME COMMAND
40630 - Is 0:00.00 /usr/local/sbin/nrpe2 -c /usr/local/etc/nrpe.cfg -d
Things i did to troubleshoot my problem:
- From Nagios: telnet <remote_ip> 5666 ---> worked
- From Nagios: nmap <remote_ip> ---> was able to see open Port 5666
- tried doing the "-t 20" trick which did not change anything.
- From OPNsense: /usr/local/libexec/nagios/check_nrpe2 -H localhost ---> "NRPE 2.15" as response
- ps -aef | grep nrpe --> gives me no response
- ps ax | grep nrpe --> gives me:
40630 - Is 0:00.00 /usr/local/sbin/nrpe2 -c /usr/local/etc/nrpe.cfg -d
44893 0 S+ 0:00.00 grep nrpe
- From Nagios: using a check command while watching the traffic with Tcpdump.
Nagios sends 4 packets but is not getting any answers back from OPNsense.
- i watched the Firewall Log while Nagios was sending the packets but there were no entries made in the meantime.
My Problem:
- Socket Timeout After 10 Seconds
Nagios is able to check_<anything> from other remote Hosts already. For the other clients they are all using 2.13 instead of 2.15, which OPNsense is using. The issue must be something regarding the OPNsense version 2.15 which i can't find...
Did anyone ever had any trouble installing NRPE into OPNsense and can tell me what i may forgot to configure?
Best regards and thank you very much in advance
Oxy