nsca problem

Marko Riedel mriedel at neuearbeit.de
Wed Nov 13 17:41:56 CET 2002

Previous message: host checks and parent checks
Next message: VMS monitoring
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi there,

I sent a message concerning nsca not working. We fixed the problem in
the meantime. Here is the text of my message:

Marko Riedel writes:
 > 
 > Hello there,
 > 
 > we have a script that checks whether wget works and reports to
 > netsaint if it does (MSGHOSTNAME is set by the caller):
 > 
[...]
 > 
 > We run nsca via inetd and hosts.allow contains the line
 > 
 >    nsca: 172.16.0.0/255.255.0.0 
 > 
 > This works for the internal LAN. There are some machines (ISDN/DSL)
 > that are connected through a tunnel and a firewall. The script works
 > on one of them but not on the others.
 > 
 > It always says
 > 
 >    sending
 >    1 data packet(s) sent to host successfully.
 > 
 > The syslog on the netsaint machine contains the entries:
 > 
 > Oct 16 16:20:19 *** nsca[18305]: Handling the connection...
 > Oct 16 16:20:19 *** nsca[18305]: End of connection or could not read request from client...
 > 
 > The log for the machine that submits successfully is
 > 
 > Oct 16 16:20:01 *** nsca[18294]: Handling the connection...
 > Oct 16 16:20:03 *** nsca[18298]: Host Name: 'tdslgw', Service Description: 'WGET', Return Code: '0', Output: 'tdslgw 
 > Oct 16 16:20:02 *** nsca[18294]: End of connection or could not read request from client...
 > 
 > Does anyone know what is happening here?
 > 
[...]

First we upgraded from NETSAINT to NAGIOS, but the problem persisted.

The problem was that the nsca server would send a query to the "ident"
port (113) on the client. There was no answer and the client timed out
after 10 seconds. The solution was to add a firewall rule on the
client that would respond to port "113" with a "reject."  The server
would get the "reject" and then accept the data. Note that setting the
firewall rule to "deny" or "drop" wouldn't work, because the server
would receive no reply.

Best regards,

-- 
+------------------------------------------------------------+
| Marko Riedel, EDV Neue Arbeit gGmbH, mriedel at neuearbeit.de |
| http://www.geocities.com/markoriedelde/index.html          |
+------------------------------------------------------------+


-------------------------------------------------------
This sf.net email is sponsored by: Are you worried about 
your web server security? Click here for a FREE Thawte 
Apache SSL Guide and answer your Apache SSL security 
needs: http://www.gothawte.com/rd523.html

Previous message: host checks and parent checks
Next message: VMS monitoring
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list