Nagios & NRPE 插件连接被拒绝

Posted 2023-02-23

【中文标题】Nagios & NRPE 插件连接被拒绝

【英文标题】：Nagios & NRPE plugins Connection refused

【发布时间】：2019-10-13 14:16:58

【问题描述】：

当我从 Nagios 服务器运行 NRPE 检查时，我遇到了连接问题。“连接被拒绝”。

环境： - Nagios 服务器 - Linux Centos 7 客户端

从客户端，似乎工作：

[root@client nagios]# systemctl status nrpe
? nrpe.service - Nagios Remote Program Executor
   Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2019-10-13 14:06:55 GMT; 26s ago
     Docs: http://www.nagios.org/documentation
  Process: 4024 ExecStopPost=/bin/rm -f /var/run/nrpe/nrpe.pid (code=exited, status=0/SUCCESS)
 Main PID: 4027 (nrpe)
   CGroup: /system.slice/nrpe.service
           +-4027 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f

Oct 13 14:06:55 client systemd[1]: Started Nagios Remote Program Executor.
Oct 13 14:06:55 client systemd[1]: Starting Nagios Remote Program Executor...
Oct 13 14:06:55 client nrpe[4027]: Starting up daemon
Oct 13 14:06:55 client nrpe[4027]: Server listening on 127.0.0.1 port 5666.
Oct 13 14:06:55 client nrpe[4027]: Warning: Daemon is configured to accept command arguments from clients!
Oct 13 14:06:55 client nrpe[4027]: Listening for connections on port 5666
Oct 13 14:06:55 client nrpe[4027]: Allowing connections from: 127.0.0.1,<SERVER IP>
[root@client nagios]#
[root@client nagios]# ps aux | grep nrpe
nrpe       4027  0.0  0.0  44824  2732 ?        Ss   14:06   0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f
root       4135  0.0  0.0 112648   948 pts/3    S+   14:07   0:00 grep --color=auto nrpe
[root@client nagios]#
[root@client nagios]# /usr/lib64/nagios/plugins/check_nrpe -H 127.0.0.1
NRPE v3.2.1
[root@client nagios]#
[root@client nagios]# netstat -tulpn |grep 5666
tcp        0      0 127.0.0.1:5666          0.0.0.0:*               LISTEN      4027/nrpe
[root@client nagios]#

从服务器端：

[root@server var]# systemctl is-active nagios
active
[root@server var]# /usr/lib64/nagios/plugins/check_nrpe -H <CLIENT IP> -p 5666
connect to address <CLIENT IP> port 5666: Connection refused
connect to host <CLIENT IP> port 5666: Connection refused[root@server var]#
[root@server var]# telnet <CLIENT IP> 5666
Trying <CLIENT IP>...
telnet: connect to address <CLIENT IP>: Connection refused
[root@server var]# tcptraceroute <CLIENT IP> 5666
traceroute to <CLIENT IP> (<CLIENT IP>), 30 hops max, 60 byte packets
 1  <CLIENT IP> (<CLIENT IP>) <rst,ack>  0.247 ms  0.248 ms  0.232 ms
[root@server var]# nmap <CLIENT IP> -Pn -p 5666

Starting Nmap 6.40 ( http://nmap.org ) at 2019-10-13 16:11 CEST
Nmap scan report for <CLIENT IP>
Host is up (0.00087s latency).
PORT     STATE  SERVICE
5666/tcp closed nrpe
MAC Address: 50:6B:8D:2C:70:90 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.41 seconds
[root@server var]#

NMAP 命令输出对我来说很奇怪，为什么它被关闭了？

我注意到 Firewalld 服务因故障排除原因而停止..

这可能是更多的网络原因，但我需要帮助:)

杰里米

【参考方案1】：

日志显示如下：

10 月 13 日 14:06:55 客户端 nrpe[4027]：服务器侦听 127.0.0.1 端口 5666.

如果服务器正在侦听 localhost IP 地址 (127.0.0.1)，它将只能接受来自同一服务器的端口 5666 上的连接。如果您尝试从不同的服务器连接，连接将失败。

【讨论】：

有一个正确的答案。您需要编辑远程 NRPE 配置 /etc/nagios/nrpe.cfg 并编辑 server_address。

【参考方案2】：

尝试在客户端和远程服务器中打开您的端口，这个问题与安全组有关，尝试在两个系统中 ping 命令并告诉我输出。