Announcement

Collapse
No announcement yet.

Probléme avec NSCA

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Probléme avec NSCA

    Bonjour, voila j'essaye d'installé NSCA mais sans succés.

    J'ai suivi plusieurs tuto mais sa ne fonctionne toujours pas, mon port 5667 n'est pas ouvert.

    Les fichiers de configuration sont comme ceci :

    nsca.cfg (placé dans /etc/nagios/) :

    ################################################## ##
    # Sample NSCA Daemon Config File
    # Written by: Ethan Galstad ([email protected])
    #
    # Last Modified: 04-03-2006
    ################################################## ##


    # PID FILE
    # The name of the file in which the NSCA daemon should write it's process ID
    # number. The file is only written if the NSCA daemon is started by the root
    # user as a single- or multi-process daemon.

    pid_file=/var/run/nsca.pid



    # PORT NUMBER
    # Port number we should wait for connections on.
    # This must be a non-priveledged port (i.e. > 1024).

    server_port=5667



    # SERVER ADDRESS
    # Address that NSCA has to bind to in case there are
    # more as one interface and we do not want NSCA to bind
    # (thus listen) on all interfaces.

    #server_address=192.168.1.1



    # NSCA USER
    # This determines the effective user that the NSCA daemon should run as.
    # You can either supply a username or a UID.
    #
    # NOTE: This option is ignored if NSCA is running under either inetd or xinetd

    nsca_user=nagios



    # NSCA GROUP
    # This determines the effective group that the NSCA daemon should run as.
    # You can either supply a group name or a GID.
    #
    # NOTE: This option is ignored if NSCA is running under either inetd or xinetd

    nsca_group=nagios



    # NSCA CHROOT
    # If specified, determines a directory into which the nsca daemon
    # will perform a chroot(2) operation before dropping its privileges.
    # for the security conscious this can add a layer of protection in
    # the event that the nagios daemon is compromised.
    #
    # NOTE: if you specify this option, the command file will be opened
    # relative to this directory.

    #nsca_chroot=/var/run/nagios/rw



    # DEBUGGING OPTION
    # This option determines whether or not debugging
    # messages are logged to the syslog facility.
    # Values: 0 = debugging off, 1 = debugging on

    debug=1



    # COMMAND FILE
    # This is the location of the Nagios command file that the daemon
    # should write all service check results that it receives.

    command_file=/usr/local/nagios/var/rw/nagios.cmd


    # ALTERNATE DUMP FILE
    # This is used to specify an alternate file the daemon should
    # write service check results to in the event the command file
    # does not exist. It is important to note that the command file
    # is implemented as a named pipe and only exists when Nagios is
    # running. You may want to modify the startup script for Nagios
    # to dump the contents of this file into the command file after
    # it starts Nagios. Or you may simply choose to ignore any
    # check results received while Nagios was not running...

    alternate_dump_file=/usr/local/nagios/var/rw/nsca.dump



    # AGGREGATED WRITES OPTION
    # This option determines whether or not the nsca daemon will
    # aggregate writes to the external command file for client
    # connections that contain multiple check results. If you
    # are queueing service check results on remote hosts and
    # sending them to the nsca daemon in bulk, you will probably
    # want to enable bulk writes, as this will be a bit more
    # efficient.
    # Values: 0 = do not aggregate writes, 1 = aggregate writes

    aggregate_writes=0



    # APPEND TO FILE OPTION
    # This option determines whether or not the nsca daemon will
    # will open the external command file for writing or appending.
    # This option should almost *always* be set to 0!
    # Values: 0 = open file for writing, 1 = open file for appending

    append_to_file=0



    # MAX PACKET AGE OPTION
    # This option is used by the nsca daemon to determine when client
    # data is too old to be valid. Keeping this value as small as
    # possible is recommended, as it helps prevent the possibility of
    # "replay" attacks. This value needs to be at least as long as
    # the time it takes your clients to send their data to the server.
    # Values are in seconds. The max packet age cannot exceed 15
    # minutes (900 seconds). If this variable is set to zero (0), no
    # packets will be rejected based on their age.

    max_packet_age=300



    # DECRYPTION PASSWORD
    # This is the password/passphrase that should be used to descrypt the
    # incoming packets. Note that all clients must encrypt the packets
    # they send using the same password!
    # IMPORTANT: You don't want all the users on this system to be able
    # to read the password you specify here, so make sure to set
    # restrictive permissions on this config file!

    password=test

    allowed_hosts=192.168.179.0



    # DECRYPTION METHOD
    # This option determines the method by which the nsca daemon will
    # decrypt the packets it receives from the clients. The decryption
    # method you choose will be a balance between security and performance,
    # as strong encryption methods consume more processor resources.
    # You should evaluate your security needs when choosing a decryption
    # method.
    #
    # Note: The decryption method you specify here must match the
    # encryption method the nsca clients use (as specified in
    # the send_nsca.cfg file)!!
    # Values:
    #
    # 0 = None (Do NOT use this option)
    # 1 = Simple XOR (No security, just obfuscation, but very fast)
    #
    # 2 = DES
    # 3 = 3DES (Triple DES)
    # 4 = CAST-128
    # 5 = CAST-256
    # 6 = xTEA
    # 7 = 3WAY
    # 8 = BLOWFISH
    # 9 = TWOFISH
    # 10 = LOKI97
    # 11 = RC2
    # 12 = ARCFOUR
    #
    # 14 = RIJNDAEL-128
    # 15 = RIJNDAEL-192
    # 16 = RIJNDAEL-256
    #
    # 19 = WAKE
    # 20 = SERPENT
    #
    # 22 = ENIGMA (Unix crypt)
    # 23 = GOST
    # 24 = SAFER64
    # 25 = SAFER128
    # 26 = SAFER+
    #

    decryption_method=3



    nsca.xineid (placé dans /etc/xinetd.d) :

    # default: on
    # description: NSCA (Nagios Service Check Acceptor)
    service nsca
    {
    flags = REUSE
    port =5667
    socket_type = stream
    wait = no
    user = nagios
    group = nagios
    server = /etc/nagios/nsca
    server_args = -c /etc/nagios/nsca.cfg --inetd
    log_on_failure += USERID
    disable = no
    only_from = 192.168.179.0
    }


    Merci pour votre aide.

  • #2
    Personne?

    Comment


    • #3
      Comment ca ton port n'est pas ouvert...? Quelles sont les erreurs ? Comment tu testes si ton démon est actif ?

      Comment


      • #4
        Pour testé si le deamon est actif je regarde les ports ouverts avec nmap

        nmap -p 5667 127.0.0.1

        ou avec netstat -tanpu

        Comment


        • #5
          xinetd donne-t-il des logs à son lancement ?

          Comment


          • #6
            Non il ne donne rien

            Comment


            • #7
              Si tu peux, coupe xinetd, et lance nsca en mode standalone (--daemon au lieu de --xinetd), et regarde si ton port est ouvert... Histoire de cerner d'où vient le bizness...?

              Comment


              • #8
                Quuand je veux le lancer j'obtient sa avec --deamon

                nsca: service non reconnu
                ./nsca: line 5: flags: command not found
                ./nsca: line 6: port: command not found
                ./nsca: line 7: socket_type: command not found
                ./nsca: line 8: wait: `=': not a pid or valid job spec
                ./nsca: line 8: wait: `no': not a pid or valid job spec
                ./nsca: line 9: user: command not found
                ./nsca: line 10: group: command not found
                ./nsca: line 11: server: command not found
                ./nsca: line 12: server_args: command not found
                ./nsca: line 13: log_on_failure: command not found
                ./nsca: line 14: disable: command not found
                ./nsca: line 15: only_from: command not found

                Donc probléme dans le fichier de config nan?

                Comment


                • #9
                  tu tapes bien la commande

                  /etc/nagios/nsca -c /etc/nagios/nsca.cfg --daemon

                  ???

                  Comment


                  • #10
                    Oups je mm'éttait trompé de commande en effet

                    Cependant sa fonctionne toujours pas, le port est toujour fermé

                    Comment


                    • #11
                      Vérifie l'option debug=1 dans le fichier nsca.cfg et dis moi si la commande

                      grep nsca /var/log/syslog

                      t'affiche quelque chose ??

                      Comment


                      • #12
                        debug=1 est bien la.

                        La commande que tu m'a indiqué ne me met rien (ce fichier n'est pas au même endroit sur ma fedora apparament, j'ai donc essayé tous les autres syslog)

                        Comment


                        • #13
                          Bon.

                          Edite ton fichier de configuration, et à la toute dernière ligne, remplace decryption_method=3 par decryption_method=1

                          Kill ensuite ton process nsca : killall nsca

                          Puis relance-le.

                          Question subsidiaire : as-tu la libmcrypt d'installée sur ton serveur ... ? Si tel n'est pas le cas alors tout s'explique !

                          Comment


                          • #14
                            Bon pour libcrypt je l'ai pas de soucis, par contre quand je fais killall nsca il me dit aucun processus tué donc je présume qu'il n'est pas démarrer mais pourquoi???

                            Pour le démarrer, je suis dans /etc/local/nagios

                            Dans ce dossier se trouve nsca et nsca.cfg

                            Je le lance donc en faisant ./nsca -c nsca.cfg --daemon

                            Ou est le problème?

                            Comment


                            • #15
                              Je ne comprends pas très bien tes chemins.

                              /etc/nagios ??

                              /etc/local/nagios ??


                              tape ta commande avec les chemins absolus au lieu des chemins relatifs, c'est toujours mieux.

                              Comment

                              Working...
                              X