dvl@
Developer
I am not really sure of why there was a problem or convinced that the solution was the correct one.
I recently upgraded a jail server to 8.0-stable. The jail userland was also updated. The jail runs the net-mgmt/nrpe port which Nagios communicates with to determine various system status.
The following command is run within the jail and connects to itself:
From the host system:
With the following added to /var/log/messages on the jail (10.55.0.20):
Here come the clue.
From another system, the same command fails:
Checking the logs this time:
Altering /usr/local/etc/nrpe.cfg to add the above host and restarting nrpe2 in the jail, we get:
So.. We can access the jail from another system, but not from the jail host system.
solution: recompile nrpe and start it. This solution worked on two jails on two diferent jail hosts.
I recently upgraded a jail server to 8.0-stable. The jail userland was also updated. The jail runs the net-mgmt/nrpe port which Nagios communicates with to determine various system status.
The following command is run within the jail and connects to itself:
Code:
[root@ducky /usr/local/libexec/nagios]# ./check_nrpe2 -H 10.55.0.20 -c check_disks
DISK OK - free space: / 54451 MB (42% inode=93%);| /=75156MB;140858;140868;0;140878
[root@ducky /usr/local/libexec/nagios]#
From the host system:
Code:
$ ./check_nrpe2 -H 10.55.0.20 -c check_disks
CHECK_NRPE: Socket timeout after 10 seconds.
With the following added to /var/log/messages on the jail (10.55.0.20):
Code:
Dec 5 23:19:22 ducky nrpe[540]: Could not read request from client, bailing out...
Here come the clue.
From another system, the same command fails:
Code:
$ ./check_nrpe2 -H 10.55.0.20 -c check_disks
CHECK_NRPE: Error - Could not complete SSL handshake.
Checking the logs this time:
Code:
Dec 5 23:25:52 ducky nrpe[8060]: Host 10.55.0.23 is not allowed to talk to us!
Altering /usr/local/etc/nrpe.cfg to add the above host and restarting nrpe2 in the jail, we get:
Code:
./check_nrpe2 -H 10.55.0.20 -c check_disks
DISK OK - free space: / 54451 MB (42% inode=93%);| /=75156MB;140858;140868;0;140878
So.. We can access the jail from another system, but not from the jail host system.
solution: recompile nrpe and start it. This solution worked on two jails on two diferent jail hosts.