NRPEv2 not working well on embedded 2.1

MrEmbedded

Hi All,

I have an issue with the NRPE plugin. I am using embedded 2.1:

FreeBSD my.system.com 8.3-RELEASE-p11 FreeBSD 8.3-RELEASE-p11 #0: Wed Sep 11 19:13:36 EDT 2013    root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386  i386

I continually get

CHECK_NRPE: Socket timeout after 10 seconds.

when checking from my nagios server.

I have also seen the SSL handshake error occasionally but the majority of the time this is the error I see.

Most of the answers to this topic recommend to try and extend the timeout value of the check_nrpe request from the server side (tried this) or to hack up a new package with SSL included.  This doesn't seem to specifically be targeted at the embedded platform.

Any ideas in troubleshooting/debugging this would be greatly appreciated.

MrEmbedded

More information on this error.

From Nagios Server:

NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
Version: 2.13
Last Modified: 11-11-2011
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required

root@nagios:/usr/lib/nagios/plugins# /usr/lib/nagios/plugins/check_nrpe -H 192.168.40.254 -c check_load
CHECK_NRPE: Socket timeout after 10 seconds.

From pfSense:

NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
Version: 2.13
Last Modified: 11-11-2011
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required

[2.1-RELEASE][root@my.system.com]/(132): /usr/local/libexec/nagios/check_nrpe2 -H 192.168.40.254 -c check_load
OK - load average: 0.62, 0.23, 0.11|load1=0.622;15.000;30.000;0; load5=0.230;10.000;25.000;0; load15=0.113;5.000;20.000;0; 

I have tried with the -n switch with no effect.

Connectivity to the PFSense box is there from the Nagios host

root@nagios:/usr/lib/nagios/plugins# telnet 192.168.40.254 5666
Trying 192.168.40.254...
Connected to 192.168.40.254.
Escape character is '^]'.
^]
telnet> quit
Connection closed.

Tried with dont_blame_nrpe=1 as well.  Logs are not showing anything at all.

Im guessing this must be a bug with the embedded i386 package.

Any Ideas?

MrEmbedded

I can confirm that I am still having this issue with the latest embedded 2.2.1 image and NRPE v2 2.15_5 v2.2_4

muswellhillbilly

Have you tried increasing the socket timeout on the scanning system (just add '-t 20' to the end of the 'check_nrpe' command to increase to 20 seconds)? And is your scanning server's IP address added to the 'allowed_hosts' entry in your nrpe.cfg?

MrEmbedded

Yes I have tried to extend the timeout with the same result.  There is no visible latency between the nagios server and pfsense.

muswellhillbilly

And your 'allowed_hosts' entry?

MrEmbedded

I have tried with IP of nagios server and have added IP of pfsense to the list as well.

muswellhillbilly

Did a little digging and found out that nrpe2 isn't compatible with nrpe (you seem to be running an nrpe check against an nrpe2 host). The solution may be to test this by putting together a quick test system equipped with nrpe2 and see if that works. If so, update your Nagios system accordingly.
http://t36015.network-nagios-user.nagiostalk.info/nrpe-and-check-nrpe2-t36015.html

MrEmbedded

Thanks,  I was wondering about this exact thing.  I'll try to get nrpe2 installed on my server and go from there.