NSClient.log has errors - Rejected connection from

[CBlasek]

Running Nagios XI NSClient 4.0.160

Rejcted connection from: ::ffff:192.168.2.184
2012-04-19 00:17:34: e:..\..\..\..\trunk\include\check_nt\server\server.cpp:100: 3232236216

I edited nsclient.ini to not use a password and also allowed 192.168.x.x

[mickem]

This was fixed in 163 (I have updated the RC folder to have that build which was previously in the nightly folder)...

Check that build and reopen if you still have this issue...

Michael Medin

[CBlasek]

Still happening:

2012-04-19 10:02:14: l:..\..\..\trunk\service\NSClient++.cpp:385: NSClient++ 0,4,0,163 2012-04-14 w32 booting...
2012-04-19 10:02:41: e:..\..\..\..\trunk\include\check_nt\server\server.cpp:100: 3232236216
2012-04-19 10:02:41: e:..\..\..\..\trunk\include\check_nt\server\server.cpp:102: Rejcted connection from: ::ffff:192.168.2.184

[mickem]

Could you paste or email the config?

Michael Medin

[CBlasek]

; Undocumented section


[/modules]

; CheckDisk - CheckDisk can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckDisk = 1

; Event log Checker. - Check for errors and warnings in the event log. This is only supported through NRPE so if you plan to use only NSClient this wont help you at all.
CheckEventLog = 1

; Check External Scripts - A simple wrapper to run external scripts and batch files.
CheckExternalScripts = 1

; Helper function - Various helper function to extend other checks. This is also only supported through NRPE.
CheckHelpers = 1

; Check NSCP - Checkes the state of the agent
CheckNSCP = 1

; CheckSystem - Various system related checks, such as CPU load, process state, service state memory usage and PDH counters.
CheckSystem = 1

; CheckTaskSched2 - CheckTaskSched2 can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckTaskSched2 = 1

; CheckWMI - CheckWMI can check various file and disk related things. The current version has commands to check Size of hard drives and directories.
CheckWMI = 1

; NRPE server - A simple server that listens for incoming NRPE connection and handles them. NRPE is preferred over NSClient as it is more flexible. You can of cource use both NSClient and NRPE.
NRPEServer = 1

; NSClient server - A simple server that listens for incoming NSClient (check_nt) connection and handles them. Although NRPE is the preferred method NSClient is fully supported and can be used for simplicity or for compatibility.
NSClientServer = 1


; Undocumented section
[/settings/default]

; ALLOWED HOSTS - A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. Parent element can be found under: /settings/default
;allowed hosts = 192.168.2.184

; CACHE ALLOWED HOSTS - If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. Parent element can be found under: /settings/default
cache allowed hosts = true

; SSL CERTIFICATE - Configure which SSL certificate to use (DH key) Parent element can be found under: /settings/default
;certificate = ${certificate-path}/nrpe_dh_512.pem

; PASSWORD - Password used to authenticate againast server Parent element can be found under: /settings/default
;password = 

; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. Parent element can be found under: /settings/default
timeout = 30

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled. Parent element can be found under: /settings/default
use ssl = false


; Section for NRPE (NRPEListener.dll) (check_nrpe) protocol options.
[/settings/NRPE/server]

; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = true

; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = true

; ALLOWED HOSTS - A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. Parent element can be found under: /settings/default
allowed hosts = 192.168.2.184

; CACHE ALLOWED HOSTS - If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. Parent element can be found under: /settings/default
;cache allowed hosts = true

; SSL CERTIFICATE - Configure which SSL certificate to use (DH key) Parent element can be found under: /settings/default
certificate = ${certificate-path}/nrpe_dh_512.pem

; PORT NUMBER - Port to use for NRPE.
port = 5666

; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. Parent element can be found under: /settings/default
timeout = 30

; ENABLE SSL ENCRYPTION - This option controls if SSL should be enabled. Parent element can be found under: /settings/default
use ssl = false


;CB Was True


; Section for NSClient (NSClientServer.dll) (check_nt) protocol options.
[/settings/NSClient/server]

; ALLOWED HOSTS - A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. Parent element can be found under: /settings/default/socket
allowed hosts = 127.0.0.1

; BIND TO ADDRESS - Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. Parent element can be found under: /settings/default/socket
bind to = 

; CACHE ALLOWED HOSTS - If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. Parent element can be found under: /settings/default/socket
cache allowed hosts = true

; PASSWORD - Password used to authenticate againast server Parent element can be found under: /settings/default
password = 

; PERFORMANCE DATA - Send performance data back to nagios (set this to 0 to remove all performance data).
performance data = true

; PORT NUMBER - Port to use for check_nt.
port = 12489

; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. Parent element can be found under: /settings/default/socket
timeout = 30


; Section for system checks and system settings
[/settings/check/system/windows]

; DEFAULT COUNTERS - Load the default counters: cpu, memory commit bytes, memory commit limit and uptime If not you need to specify these manually. 
default = true

; DEFAULT INTERVALL - Used to define the default intervall for range buffer checks (ie. CPU).
default buffer length = 1h


; Confiure which services has to be in which state
[/settings/check/system/windows/service mapping]


; Configure crash handling properties.
[/settings/crash]

; ARCHIVE CRASHREPORTS - Archive crash reports in the archive folder
archive = true

; folder - The archive folder for crash dunpes.
archive folder = ${shared-path}/crash-dumps

; RESTART - Submit crash reports to nsclient.org (or your configured submission server)
restart = true

; RESTART SERVICE NAME - The url to submit crash reports to
restart target = NSClientpp

; SUBMIT CRASHREPORTS - Submit crash reports to nsclient.org (or your configured submission server)
submit = false

; SUBMISSION URL - The url to submit crash reports to
submit url = http://crash.nsclient.org/submit


; Section for the EventLog Checker (CheckEventLog.dll).
[/settings/eventlog]

; BUFFER_SIZE - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
buffer size = 131072

; DEBUG - Log more information when filtering (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
debug = false

; LOOKUP NAMES - Lookup the names of eventlog files
lookup names = true

; SYNTAX - Set this to use a specific syntax string for all commands (that don't specify one).
syntax = 


; A set of options to configure the real time checks
[/settings/eventlog/real-time]

; ALIAS - The alias to use for this event (in NSCA this constitutes the service name).
alias = eventlog

; DEBUG - Log missed records (usefull to detect issues with filters) not usefull in production as it is a bit of a resource hog.
debug = true

; DESTINATION - The destination for intercepted messages
destination = NSCA

; ENABLE ACTIVE MONITORING - This will store all matches so you can use real-time filters from active monitoring (use CheckEventlogCache).
enable active = false

; REAL TIME CHECKING - Spawns a backgrounnd thread which detects issues and reports them back instantly.
enabled = false

; STARTUP AGE - The initial age to scan when starting NSClient++
filter = 

; MESSAGE LANGUAGE - The language to use for rendering message (mainly used fror testing)
language = 

; LOGS TO CHECK - Coma separated list of logs to check
log = application

; MAGIMUM AGE - How long before reporting "ok" (if this is set to off no ok will be reported only errors)
maximum age = 5m

; OK MESSAGE - This is the message sent periodically whenever no error is discovered.
ok message = eventlog found no records

; STARTUP AGE - The initial age to scan when starting NSClient++
startup age = 30m

; STARTUP AGE - The initial age to scan when starting NSClient++
syntax = %type% %source%: %message%


; A set of filters to use in real-time mode
[/settings/eventlog/real-time/filters]


; Section for external scripts configuration options (CheckExternalScripts).
[/settings/external scripts]

; COMMAND ARGUMENT PROCESSING - This option determines whether or not the we will allow clients to specify arguments to commands that are executed.
allow arguments = false

; COMMAND ALLOW NASTY META CHARS - This option determines whether or not the we will allow clients to specify nasty (as in |`&><'"\[]{}) characters in arguments.
allow nasty characters = false

; SCRIPT DIRECTORY - Load all scripts in a directory and use them as commands. Probably dangerous but useful if you have loads of scripts :)
script path = 

; COMMAND TIMEOUT - The maximum time in seconds that a command can execute. (if more then this execution will be aborted). NOTICE this only affects external commands not internal ones.
timeout = 60


; A list of aliases available. An alias is an internal command that has been "wrapped" (to add arguments). Be careful so you don't create loops (ie check_loop=check_a, check_a=check_loop)
[/settings/external scripts/alias]


; A list of scripts available to run from the CheckExternalScripts module. Syntax is: <command>=<script> <arguments>
[/settings/external scripts/scripts]


; A list of wrappped scripts (ie. using the template mechanism)
[/settings/external scripts/wrapped scripts]


; A list of templates for wrapped scripts
[/settings/external scripts/wrappings]

; BATCH FILE WRAPPING - 
bat = scripts\\%SCRIPT% %ARGS%

; POWERSHELL WRAPPING - 
ps1 = cmd /c echo scripts\\%SCRIPT% %ARGS%; exit($lastexitcode) | powershell.exe -command -

; VISUAL BASIC WRAPPING - 
vbs = cscript.exe //T:30 //NoLogo scripts\\lib\\wrapper.vbs %SCRIPT% %ARGS%


; Section for configuring the log handling.
[/settings/log]

; DATEMASK - The size of the buffer to use when getting messages this affects the speed and maximum size of messages you can recieve.
date format = %Y-%m-%d %H:%M:%S

; FILENAME - The file to write log data to. Set this to none to disable log to file.
file name = ${exe-path}/nsclient.log

; LOG LEVEL - Log level to use. Avalible levels are error,warning,info,debug,trace
level = info


; Configure log file properties.
[/settings/log/file]

; MAXIMUM FILE SIZE - When file size reaches this it will be truncated to 50% if set to 0 (default) truncation will be disabled
max size = 0


; Section for configuring the shared session.
[/settings/shared session]

; LOG LEVEL - Log level to use
enabled = false


; A list of avalible remote target systems
[/settings/targets]


; Section for system checks and system settings
[/settings/check/task schedule]

; SYNTAX - Set this to use a specific syntax string for all commands (that don't specify one)
default buffer length = %title% last run: %most-recent-run-time% (%exit-code%)


[/settings/default/socket]

; ALLOWED HOSTS - A comaseparated list of allowed hosts. You can use netmasks (/ syntax) or * to create ranges. Parent element can be found under: /settings/default/socket
allowed hosts = 127.0.0.1

; BIND TO ADDRESS - Allows you to bind server to a specific local address. This has to be a dotted ip address not a host name. Leaving this blank will bind to all available IP addresses. Parent element can be found under: /settings/default/socket
bind to = 

; CACHE ALLOWED HOSTS - If hostnames should be cached, improves speed and security somewhat but wont allow you to have dynamic IPs for your nagios server. Parent element can be found under: /settings/default/socket
cache allowed hosts = true

; TIMEOUT - Timeout when reading packets on incoming sockets. If the data has not arrived within this time we will bail out. Parent element can be found under: /settings/default/socket
timeout = 30

[CBlasek]

I tried specifying uncommenting the password field and specifying a password and didnt work.

[mickem]

First off the settings/default/socket section you can remove that was a bug in <0.6.0...

Then you have defined allowed hosts to NRPE server but not NSCLient server (which is what check_nt use).

I recomend using the default allowed_hots unless you need different ones for different servers...

Michael Medin