Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nrpe service not found #140

Open
sbury opened this issue May 18, 2016 · 4 comments
Open

nrpe service not found #140

sbury opened this issue May 18, 2016 · 4 comments

Comments

@sbury
Copy link

sbury commented May 18, 2016

I am trying to set-up my firewall to allow nagios checks on a workstation. I am using RHEL 6. Even though nrpe is listed as a firehol service here: https://firehol.org/firehol-manual/firehol-services/#service-nrpe
I receive the error that nrpe is an unknown service. I created a custom service but that is still not working.
@philwhineray
Copy link
Member

philwhineray commented May 18, 2016 via email

@sbury
Copy link
Author

sbury commented May 18, 2016
edited

Firehol version: v 1.296 2013/01/06
Error message for using nrpe without custom service defined:

FireHOL: Processing file /etc/firehol/firehol.conf:/etc/init.d/firehol: line 5574: rules_nrpe: command not found

ERROR #: 1
WHAT : Running complex rules function rules_nrpe() for client 'nrpe'
WHY : There is no service 'nrpe' defined.
COMMAND: client nrpe accept
SOURCE : line 27 of /etc/firehol/firehol.conf

/etc/init.d/firehol: line 5574: rules_nrpe: command not found

ERROR #: 2
WHAT : Running complex rules function rules_nrpe() for server 'nrpe'
WHY : There is no service 'nrpe' defined.
COMMAND: server nrpe accept
SOURCE : line 31 of /etc/firehol/firehol.conf

Config producing the above error:

version 5
mers_ips="10.2.119.0/24"
other_byu="ssh.et.byu.edu, ssh.fsl.byu.edu, m7int01.fsl.byu.edu, m7int02.fsl.byu.edu"
interface em1 internal src "${mers_ips} ${other_byu}"
client all accept
client vnc accept
client nrpe accept
server ssh accept
server vnc accept
server nrpe accept
interface em1 campus src not "${mers_ips} ${other_byu}"
client all accept

There is no error message for after defining the nrpe service, but the nagios checks still fail. Below is the config with the nrpe service definition:

version 5
mers_ips="10.2.119.0/24"
other_byu="ssh.et.byu.edu, ssh.fsl.byu.edu, m7int01.fsl.byu.edu, m7int02.fsl.byu.edu"
server_nrpe_ports="tcp/5666"
client_nrpe_ports="default 5666"
interface em1 internal src "${mers_ips} ${other_byu}"
client all accept
client vnc accept]
client nrpe accept
server ssh accept
server vnc accept
server nrpe accept
interface em1 campus src not "${mers_ips} ${other_byu}"
client all accept

Thank you for your help! It very well may be a nagios issue.

@philwhineray
Copy link
Member

The nrpe service was not added until v2, which explains that part of the problem.

I think you probably want this definition:

server_nrpe_ports="tcp/5666"
client_nrpe_ports="default"

i.e. no 5666 on the client ports. If that does not work, you need to look at the iptables logs to check which ports are being used.

@sbury
Copy link
Author

sbury commented May 18, 2016

I will try that thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@philwhineray @sbury