nrpe - high port connection from nrpe agent to nagois server?

Terry td3201 at gmail.com
Mon Jul 20 16:07:28 CEST 2009

Previous message: nrpe - high port connection from nrpe agent to nagois server?
Next message: nrpe - high port connection from nrpe agent to nagois server?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 20, 2009 at 9:21 AM, Assaf Flatto<assaf.flatto at ssp-intl.com> wrote:
>
>
> On Monday 20 July 2009 13:18:35 Terry wrote:
>> On Fri, Jul 17, 2009 at 1:10 PM, Terry<td3201 at gmail.com> wrote:
>> > Hello,
>> >
>> > I am seeing these rules on our firewall and don't understand them.
>> >
>> > Jul 17 13:00:20 10.98.1.1 %ASA-6-106015: Deny TCP (no connection) from
>> > 10.51.1.20/5666 to 10.98.1.120/56716 flags RST  on interface VLAN51
>> >
>> > The nagios server is able to hit the agent on 5666 just fine but why
>> > would the agent try to connect back to the nagios server on a high
>> > port?
>> >
>> > Thanks!
>>
>> Any ideas on this?
>
> This may be a shot in the dark here , but are you also using passive checks ?
>
>
>
> --
> Assaf Flatto
> SSP Ops Team
> Linux System Administrator
> 169 Euston Road, London, NW1 2AE
>
>
>
>
>
> IMPORTANT . this email and the information in it may be confidential, legally
> privileged and/or protected by law. It is intended solely for the use of the
> person to whom it is addressed. If you are not the intended recipient, please
> notify the sender immediately and do not disclose the contents to any other
> person, use it for any purpose, or store or copy the information in any medium.
> Please also delete all copies of this email and any attachments from your
> system.
>
> We cannot guarantee the security or confidentiality of email communications. We
> do not accept any liability for losses or damages that you may suffer as a
> result of your receipt of this email including but not limited to computer
> service or system failure, access delays or interruption, data non-delivery or
> mis-delivery, computer viruses or other harmful components.
>
> Copyright in this email and any attachments belong to Select Service Partner UK
> Limited. Should you communicate with anyone at Select Service Partner UK Limited by
> email, you consent to us monitoring and reading any such correspondence.
>
> Nothing in this email shall be taken or read as suggesting, proposing or
> relating to any agreement concerted practice or other practice that could
> infringe UK or EC competition legislation.
>
> Select Service Partner UK Limited is a company registered in England and Wales
> (company number 05687183) whose registered office is at 1 The Heights, Brooklands, Weybridge. Surrey. KT13 0NY
>
>
>
> ------------------------------------------------------------------------------
> Enter the BlackBerry Developer Challenge
> This is your chance to win up to $100,000 in prizes! For a limited time,
> vendors submitting new applications to BlackBerry App World(TM) will have
> the opportunity to enter the BlackBerry Developer Challenge. See full prize
> details at: http://p.sf.net/sfu/Challenge
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null
>

Ok, well, you got me thinking here (i know, hard to believe).  I have
one passive check that gets globbed in to pretty much all my hosts:

define service{
        hostgroup_name                  1-servers,2-servers,3-servers,windows
        service_description             it assistant trap
        servicegroups                   it assistant trap
        is_volatile                     1
        flap_detection_enabled          0
        active_checks_enabled           0
        passive_checks_enabled          1
        max_check_attempts              1
        check_period                    24x7
        check_command                   check_none
}

Why would this force the NRPE clients, which is NSClient++, to check
back with the server on a high port?  Doesn't make sense.

------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge  
This is your chance to win up to $100,000 in prizes! For a limited time, 
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize  
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: nrpe - high port connection from nrpe agent to nagois server?
Next message: nrpe - high port connection from nrpe agent to nagois server?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list