only_from = 127.0.0.1

Christian Schneemann cschneemann at suse.de
Thu Apr 23 13:42:53 CEST 2009
Previous message: only_from = 127.0.0.1
Next message: only_from = 127.0.0.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thursday 23 April 2009 13:35:26 Martyn wrote:
> That has now done the trick but I'm a little confused as to why this work
> under host.allow and not when used in my nrpe file, does anybody have the
> answer to that?
As I've written in the first mail, hosts.allow is the first instance which 
looks if the IP is allowed to connect to this service, then xinetd looks at 
the only_from and compares the IPs.
Your only_from contains just 127.0.0.1, thats localhost, nothing else as your 
server itself is allowed to connect to nrpe.

This has nothing to do with nagios/nrpe, please read about networking, xinetd, 
and linux in generall if you are not familiar with it.

Greetings

>
> Its on Centos 5.3, I'm going to try Fedora to see if that is the same
>
> Thanks for your help
>
> Martyn
>
> PS what his top posting, once I find out I will stop it
>
> -----Original Message-----
> From: Christian Schneemann [mailto:cschneemann at suse.de]
> Sent: 23 April 2009 12:06
> To: nagios-users at lists.sourceforge.net
> Subject: Re: [Nagios-users] only_from = 127.0.0.1
>
> On Thursday April 23 2009 01:01:41 pm Martyn wrote:
> > I'm not being ignorant but as I complete novice on none windows boxes,
> > how do I  put "setting 3" in front of the line
>
> Sorry, it should be #, no 3 (dumb shift mistake).
>
> just comment the line out by putting the # in the front of the line:
> #         only_from       = 127.0.0.1
>
>
> Sorry for that,
>  Christian
>
> > Many thanks for your reply
> >
> > Martyn
> >
> > -----Original Message-----
> > From: Christian Schneemann [mailto:cschneemann at suse.de]
> > Sent: 23 April 2009 11:05
> > To: nagios-users at lists.sourceforge.net
> > Subject: Re: [Nagios-users] only_from = 127.0.0.1
> >
> > On Thursday April 23 2009 11:07:06 am Martyn wrote:
> > > Can anybody tell me how I use domains names instead of IP address in
> > > the nrpe file, I have read somewhere that you can use tcp wrappers
> > > which I have tried.
> > >
> > > My nrpe file looks like this:
> > >
> > > # default: on
> > > # description: NRPE (Nagios Remote Plugin Executor) service nrpe {
> > >         flags           = REUSE
> > >         socket_type     = stream
> > >         port            = 5666
> > >         wait            = no
> > >         user            = nagios
> > >         group           = nagios
> > >         server          = /usr/local/nagios/bin/nrpe
> > >         server_args     = -c /usr/local/nagios/etc/nrpe.cfg --inetd
> > >         log_on_failure  += USERID
> > >         disable         = no
> > >         only_from       = 127.0.0.1
> > > }
> > >
> > >
> > > And my hosts.allow looks like
> > >
> > > #
> > > # hosts.allow   This file describes the names of the hosts which are
> > > #               allowed to use the local INET services, as decided
> > > #               by the '/usr/sbin/tcpd' server.
> > > #
> > > nrpe: 17.0.0.1 monitor.domain.co.uk
> > >
> > > But I'm still getting Could not complete SSL handshake, is the above
> > > configuration correct or can I not use domain names instead of IP's
> >
> > You have to adjust the "olny_from" line, your hosts.allow allows
> > 17.0.0.1 to connect to nrpe, but xinetd rejects the request, because
> > you just allows connections from 127.0.0.1 (or is there the 2 missing
> > in the hosts.allow
> > line?)
> >
> > you can simply write the domain name to only_from.
> >
> > If you use the hosts.allow you could even exclude the only_from line
> > from the xinetd configuration by setting 3 in front of the line.
> >
> > Greetings,
> > 	Christian
> >
> > > Thanks
> > >
> > > Martyn
> >
> > --
> > Christian Schneemann
> >
> > -------------------------------------
> > SUSE LINUX Products GmbH,
> > Maxfeldstr. 5, D - 90409 Nürnberg
> >
> > Phone:  +49 (0)911 - 740 53 0
> > e-mail: cschneemann at suse.de
> > -------------------------------------
> > SUSE LINUX Products GmbH, GF: Markus Rex HRB 16746 (AG Nürnberg)
> >
> >
> >-----------------------------------------------------------------------
> >----
> >- --
> > Stay on top of everything new and different, both inside and around
> >Java
> > (TM) technology - register by April 22, and save $200 on the JavaOne
> >(SM)  conference, June 2-5, 2009, San Francisco.
> > 300 plus technical and hands-on sessions. Register today.
> > Use priority code J9JMT32. http://p.sf.net/sfu/p
> >_______________________________________________
> > Nagios-users mailing list
> > Nagios-users at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/nagios-users
> >
> > ::: Please include Nagios version, plugin version (-v) and OS when
> > ::: reporting
> >
> > any issue.
> >
> > ::: Messages without supporting info will risk being sent to /dev/null
>
> --
> Christian Schneemann
>
> -------------------------------------
> SUSE LINUX Products GmbH,
> Maxfeldstr. 5, D - 90409 Nürnberg
>
> Phone:  +49 (0)911 - 740 53 0
> e-mail: cschneemann at suse.de
> -------------------------------------
> SUSE LINUX Products GmbH, GF: Markus Rex HRB 16746 (AG Nürnberg)
>
> ---------------------------------------------------------------------------
>- --
> Stay on top of everything new and different, both inside and around Java
> (TM) technology - register by April 22, and save $200 on the JavaOne (SM)
> conference, June 2-5, 2009, San Francisco.
> 300 plus technical and hands-on sessions. Register today.
> Use priority code J9JMT32. http://p.sf.net/sfu/p
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
>
> ::: Please include Nagios version, plugin version (-v) and OS when
> ::: reporting
>
> any issue.
>
> ::: Messages without supporting info will risk being sent to /dev/null



-- 
----------------------------------------
SUSE Linux Products GmbH
Maxfeldstr. 5, D - 90409 Nürnberg

Phone:	+49 (0)911 - 740 53 0
e-mail:	cschneemann at suse.de
----------------------------------------
SUSE Linux Products GmbH, GF: Markus Rex
HRB 16746 (AG Nürnberg)

------------------------------------------------------------------------------
Stay on top of everything new and different, both inside and 
around Java (TM) technology - register by April 22, and save
$200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
300 plus technical and hands-on sessions. Register today. 
Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null
Previous message: only_from = 127.0.0.1
Next message: only_from = 127.0.0.1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Users mailing list