Firewall Rules

[jmoseley at corp.xanadoo.com]

It would seem obvious, but there are no minimum required firewall rules.
You simply need to open a firewall hole for the remote server for every
service you plan to monitor by the HQ machine.

If you are monitoring the remote host via ICMP and SNMP, then you need to
open up those two holes on the remote firewall.  If you are using NRPE on
the remote host, you'll need to open that as well, etc, etc.  By default,
most folks monitor their host-alive states using check_ping (ICMP), so at a
minimum you'll need to open up ICMP on the remote to allow the HQ box to
ping those hosts.

This assumes that all outbound traffic is allowed from each host and that
your HQ box is behind a firewall that performs stateful inspection (which
is helpful for things like DNS, etc)


James Moseley



"Gabriel - IP Guys" <Gabriel at impactteachers.com>  wrote:

Dear all,

I’ve got my Nagios server up and running, and for some reason, I cannot get
the two servers, NagiosHQ, and RemoteServer, to talk to each other.

Each of the boxes have very OTT firewalls, basically, everything is denied,
except expected traffic. I was wondering, if someone can show me the
minimum required firewall rules I should have on my server and also
clients. Thank you

---
Kind Regards,
Mr Gabriel
------------------------------------------------------------------------------
Stay on top of everything new and different, both inside and 
around Java (TM) technology - register by April 22, and save
$200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco.
300 plus technical and hands-on sessions. Register today. 
Use priority code J9JMT32. http://p.sf.net/sfu/p
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null