Hi there -- Thanks for your reply. Regarding your questions:
>> Have you tried enabling the debugging on the nrpe client and see what >> the output is when you manually trigger the check ? I have enabled debugging on the client, and there were no error messages listed in /var/log/messages file. >> Have you tried running the check manually as the nagios user ? what >> output did you get ? I have run the check manually, and the output appears to be correct. >> what are the return codes that you implemented in the iptables test >> script , and what output is sent beside the return codes? I have not implemented any return codes in the test script. -----Original Message----- From: Assaf Flatto [mailto:nag...@flatto.net] Sent: Monday, January 17, 2011 1:02 PM To: Nagios Users List Subject: Re: [Nagios-users] CHECK_NRPE: No output returned with check_iptables.sh script Kaplan, Andrew H. wrote: > > Hi there -- > > I am running the check_iptables.sh script on one of our clients, and > while the script presents output whenever it is > manually run on the server with the firewall, this output is not being > transmitted to the Nagios server. The error message > > that I am encountering is the following: > > CHECK_NRPE: No output returned from daemon. > > The check_iptables.sh script is located in the > /usr/local/nagios/libxec directory, and has been added as a definition to > > the /usr/local/nagios/etc/commands.cfg file with the syntax shown below: > > # 'check_iptables.sh' command definition > define command{ > command_name check_iptables > command_line /usr/local/nagios/libexec/check_iptables.sh > } > > The definition for check on the Nagios server has been added to the > /usr/local/nagios/etc/objects/services.cfg file > with the following: > > # Service definition > define service{ > use generic-service ; Name > of service template to use > > host_name <hostame> > service_description Check IP Tables > is_volatile 0 > check_period workhours > max_check_attempts 4 > normal_check_interval 5 > retry_check_interval 1 > contact_groups linux-admins > notification_interval 960 > notification_period workhours > check_command check_nrpe!check_iptables > } > > The check_iptables.sh script has been added to the > /usr/local/nrpe/libexec directory on the client, and the definition > of the check shown below is included in the client's nrpe.cfg file: > > command[check_iptables]=/usr/local/nrpe/libexec/check_iptables.sh > > The client system is situated outside the company filewall in a DMZ, > and connections are made through the firewall > via an SSH connection. There are several other services that are > monitored by the Nagios server, and the output from > their respective chceks are getting through to the Nagios server. > > The NRPE client is version 2.6, while the Nagios server is running the > 3.1.2 release. I checked the nagios.log and > messages log files, but I did not see any errors relating to the > script. What other step(s) do I need to take in order > for the output that is generated on the client be transmitted to the > server? Thanks. > > Have you tried enabling the debugging on the nrpe client and see what the output is when you manually trigger the check ? Have you tried running the check manually as the nagios user ? what output did you get ? what are the return codes that you implemented in the iptables test script , and what output is sent beside the return codes? Assaf ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null The information in this e-mail is intended only for the person to whom it is addressed. If you believe this e-mail was sent to you in error and the e-mail contains patient information, please contact the Partners Compliance HelpLine at http://www.partners.org/complianceline . If the e-mail was sent to you in error but does not contain patient information, please contact the sender and properly dispose of the e-mail. ------------------------------------------------------------------------------ Protect Your Site and Customers from Malware Attacks Learn about various malware tactics and how to avoid them. Understand malware threats, the impact they can have on your business, and how you can protect your company and customers by using code signing. http://p.sf.net/sfu/oracle-sfdevnl _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null