Local firewall changes on Nagios core server

Jim Avery jim at jimavery.me.uk
Mon Feb 22 14:09:41 CET 2010


On 22 February 2010 09:06, Jerry Joy <jerryapr7 at gmail.com> wrote:
> Hi,
>
> I have setup a Nagios server on RHEL 5 and it has the local firewall "ON".
> What exactly are the changes required on the local firewall so that Nagios
> core server is able to accept reports from NRPE and NSClient++ agents. I
> don't see a fixed port used by Nagios core.
>
> Thanks,
> Jerry

The Nagios server will pull check results using nrpe so you shouldn't
need to open a specific port.

Likewise, usually the Nagios server will query the NSClient++ agent
either using the same nrpe protocol or using the check_nt protocol in
which case you also shouldn't need to open a specific port.  However,
if you have configure NSClient++ to send check results to Nagios using
the NSCA protocol, you will need to configure the nsca daemon on your
Nagios server to receive these checks and forward them to Nagios.  The
port the nsca daemon listens on is configurable - by default it's port
5667.

Another problem I have seen in the past with RedHat variants of Linux
is that SELinux can be a right pain to configure to get things like
nsca working.  I used to disable SELinux, but now I tend to use Debian
derived versions of Linux rather then RedHat so don't see this
problem.

hth,

Jim

------------------------------------------------------------------------------
Download Intel® Parallel Studio Eval
Try the new software tools for yourself. Speed compiling, find bugs
proactively, and fine-tune applications for parallel performance.
See why Intel Parallel Studio got high marks during beta.
http://p.sf.net/sfu/intel-sw-dev
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list