NSCA Auth Problem?

Marc Powell marc at ena.com
Thu Feb 12 21:55:25 CET 2004

Previous message: NSCA Auth Problem?
Next message: NSCA Auth Problem?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday, February 12, 2004 2:24 PM, Bill Corcoran shared with us:

> I'm having a problem getting the NSCA add-on working right (should
> this go to the plugins list or the nagios list?  i guessed here
> first).  
> 
> i've written a small wrapper in perl for the standard check_disk
> plugin so that it produces the output formatted as required by NSCA
> as specified in the README.  then, i pipe it to send_nsca and here's
> what   
> happens:
> 
> (client side):
> [user at host test]$ ./check_disk_wrapper | ./send_nsca -H <nagios_host>
> -p <remote_port> -c ./send_nsca.cfg 
> Error: Server closed connection before init packet was received
> Error: Could not read init packet from server
> 
> (server side):
> [user at shost nagios]# ps -waux | grep nsca
> nagios   12026  0.0  0.2  1860  660 ?        S    Feb10   0:00
> /usr/local/nagios/bin/nsca -c /usr/local/nagios/etc/nsca2.cfg
> --single [user at shost nagios]# tail -f /var/log/messages Feb 11
> 08:06:44 <nagios_host> nsca[12026]: Host <client_ip> is not allowed
> to talk to us!   
> 
> Both the nsca daemon and nagios were both started standalone/manually.
> Both nsca.cfg on the server and send_nsca.cfg on the client have the
> same encryption method and password, and are using the same port. 
> The client ip has been allowed in iptables on the server (most other
> things are blocked), as well as hosts.allow/xinetd config (but when i
> try running the nsca daemon under xinetd, i get the same thing on the
> client but no indication whatsoever on the server).  And of course
> the host/service have been specified as usual in nagios' hosts.cfg
> and services.cfg, with active checks off and passive checks on.       
> 
> what the heck is going on here?  is there some hidden place/way i
> need to tell nsca to allow my client to send passive checks?  thanks
> for any and all help.  


It's really not hidden. In nsca.cfg on your server --

# ALLOWED HOST ADDRESSES
# This is a comma-delimited list of IP address of hosts that are allowed
# to talk to the NSCA daemon.
#
# Note: The daemon only does rudimentary checking of the client's IP
# address.  I would highly recommend running as a service under
# inetd instead of as a standalone daemon and using TCP wrappers to
# limit access.

allowed_hosts=127.0.0.1,<your client ip>

--
Marc


-------------------------------------------------------
SF.Net is sponsored by: Speed Start Your Linux Apps Now.
Build and deploy apps & Web services for Linux with
a free DVD software kit from IBM. Click Now!
http://ads.osdn.com/?ad_id56&alloc_id438&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: NSCA Auth Problem?
Next message: NSCA Auth Problem?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list