CentOS Question posted in
The official documentation can be found here.

Nagios & NRPE plugins Connection refused – CentOS

I am facing on connection problem when I run NRPE checks from Nagios Server.. “Connection refused”.

Environment :
– Nagios Server
– Linux Centos 7 Client

From Client side, seems working :

[root@client nagios]# systemctl status nrpe
? nrpe.service - Nagios Remote Program Executor
   Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2019-10-13 14:06:55 GMT; 26s ago
     Docs: http://www.nagios.org/documentation
  Process: 4024 ExecStopPost=/bin/rm -f /var/run/nrpe/nrpe.pid (code=exited, status=0/SUCCESS)
 Main PID: 4027 (nrpe)
   CGroup: /system.slice/nrpe.service
           +-4027 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f

Oct 13 14:06:55 client systemd[1]: Started Nagios Remote Program Executor.
Oct 13 14:06:55 client systemd[1]: Starting Nagios Remote Program Executor...
Oct 13 14:06:55 client nrpe[4027]: Starting up daemon
Oct 13 14:06:55 client nrpe[4027]: Server listening on 127.0.0.1 port 5666.
Oct 13 14:06:55 client nrpe[4027]: Warning: Daemon is configured to accept command arguments from clients!
Oct 13 14:06:55 client nrpe[4027]: Listening for connections on port 5666
Oct 13 14:06:55 client nrpe[4027]: Allowing connections from: 127.0.0.1,<SERVER IP>
[root@client nagios]#
[root@client nagios]# ps aux | grep nrpe
nrpe       4027  0.0  0.0  44824  2732 ?        Ss   14:06   0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f
root       4135  0.0  0.0 112648   948 pts/3    S+   14:07   0:00 grep --color=auto nrpe
[root@client nagios]#
[root@client nagios]# /usr/lib64/nagios/plugins/check_nrpe -H 127.0.0.1
NRPE v3.2.1
[root@client nagios]#
[root@client nagios]# netstat -tulpn |grep 5666
tcp        0      0 127.0.0.1:5666          0.0.0.0:*               LISTEN      4027/nrpe
[root@client nagios]#

From Server Side :

[root@server var]# systemctl is-active nagios
active
[root@server var]# /usr/lib64/nagios/plugins/check_nrpe -H <CLIENT IP> -p 5666
connect to address <CLIENT IP> port 5666: Connection refused
connect to host <CLIENT IP> port 5666: Connection refused[root@server var]#
[root@server var]# telnet <CLIENT IP> 5666
Trying <CLIENT IP>...
telnet: connect to address <CLIENT IP>: Connection refused
[root@server var]# tcptraceroute <CLIENT IP> 5666
traceroute to <CLIENT IP> (<CLIENT IP>), 30 hops max, 60 byte packets
 1  <CLIENT IP> (<CLIENT IP>) <rst,ack>  0.247 ms  0.248 ms  0.232 ms
[root@server var]# nmap <CLIENT IP> -Pn -p 5666

Starting Nmap 6.40 ( http://nmap.org ) at 2019-10-13 16:11 CEST
Nmap scan report for <CLIENT IP>
Host is up (0.00087s latency).
PORT     STATE  SERVICE
5666/tcp closed nrpe
MAC Address: 50:6B:8D:2C:70:90 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.41 seconds
[root@server var]#

NMAP command output is strange for me, why is it closed ?

I notice that Firewalld service are stopped for troubleshooting reasons..

It is probably more networks reasons, but I need help 🙂

Jeremy

Tags:

2

Answers


  1. 0

    The log shows the following:

    Oct 13 14:06:55 client nrpe[4027]: Server listening on 127.0.0.1 port
    5666.

    If the server is listening on the localhost IP address (127.0.0.1), it will only be able to accept connections on port 5666 which originate on the same server. If you try to connect from a different server, the connection will fail.

    Login or Signup to reply.
  2. 0

    try to open your ports in both client side and remote server , this problem related to security groups , try to ping command in both systems and tell me the output.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search