Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NRPEv2 not working well on embedded 2.1

    Scheduled Pinned Locked Moved pfSense Packages
    9 Posts 2 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MrEmbedded
      last edited by

      Hi All,

      I have an issue with the NRPE plugin. I am using embedded 2.1:

      FreeBSD my.system.com 8.3-RELEASE-p11 FreeBSD 8.3-RELEASE-p11 #0: Wed Sep 11 19:13:36 EDT 2013    root@snapshots-8_3-i386.builders.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_wrap.8.i386  i386

      I continually get

      CHECK_NRPE: Socket timeout after 10 seconds.

      when checking from my nagios server.

      I have also seen the SSL handshake error occasionally but the majority of the time this is the error I see.

      Most of the answers to this topic recommend to try and extend the timeout value of the check_nrpe request from the server side (tried this) or to hack up a new package with SSL included.  This doesn't seem to specifically be targeted at the embedded platform.

      Any ideas in troubleshooting/debugging this would be greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • M
        MrEmbedded
        last edited by

        More information on this error.

        From Nagios Server:

        
        NRPE Plugin for Nagios
        Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
        Version: 2.13
        Last Modified: 11-11-2011
        License: GPL v2 with exemptions (-l for more info)
        SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
        
        
        
        root@nagios:/usr/lib/nagios/plugins# /usr/lib/nagios/plugins/check_nrpe -H 192.168.40.254 -c check_load
        CHECK_NRPE: Socket timeout after 10 seconds.
        
        

        From pfSense:

        
        NRPE Plugin for Nagios
        Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
        Version: 2.13
        Last Modified: 11-11-2011
        License: GPL v2 with exemptions (-l for more info)
        SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
        
        
        
        [2.1-RELEASE][root@my.system.com]/(132): /usr/local/libexec/nagios/check_nrpe2 -H 192.168.40.254 -c check_load
        OK - load average: 0.62, 0.23, 0.11|load1=0.622;15.000;30.000;0; load5=0.230;10.000;25.000;0; load15=0.113;5.000;20.000;0; 
        
        

        I have tried with the -n switch with no effect.

        Connectivity to the PFSense box is there from the Nagios host

        
        root@nagios:/usr/lib/nagios/plugins# telnet 192.168.40.254 5666
        Trying 192.168.40.254...
        Connected to 192.168.40.254.
        Escape character is '^]'.
        ^]
        telnet> quit
        Connection closed.
        
        

        Tried with dont_blame_nrpe=1 as well.  Logs are not showing anything at all.

        Im guessing this must be a bug with the embedded i386 package.

        Any Ideas?

        1 Reply Last reply Reply Quote 0
        • M
          MrEmbedded
          last edited by

          I can confirm that I am still having this issue with the latest embedded 2.2.1 image and NRPE v2 2.15_5 v2.2_4

          1 Reply Last reply Reply Quote 0
          • M
            muswellhillbilly
            last edited by

            Have you tried increasing the socket timeout on the scanning system (just add '-t 20' to the end of the 'check_nrpe' command to increase to 20 seconds)? And is your scanning server's IP address added to the 'allowed_hosts' entry in your nrpe.cfg?

            1 Reply Last reply Reply Quote 0
            • M
              MrEmbedded
              last edited by

              Yes I have tried to extend the timeout with the same result.  There is no visible latency between the nagios server and pfsense.

              1 Reply Last reply Reply Quote 0
              • M
                muswellhillbilly
                last edited by

                And your 'allowed_hosts' entry?

                1 Reply Last reply Reply Quote 0
                • M
                  MrEmbedded
                  last edited by

                  I have tried with IP of nagios server and have added IP of pfsense to the list as well.

                  1 Reply Last reply Reply Quote 0
                  • M
                    muswellhillbilly
                    last edited by

                    Did a little digging and found out that nrpe2 isn't compatible with nrpe (you seem to be running an nrpe check against an nrpe2 host). The solution may be to test this by putting together a quick test system equipped with nrpe2 and see if that works. If so, update your Nagios system accordingly.
                    http://t36015.network-nagios-user.nagiostalk.info/nrpe-and-check-nrpe2-t36015.html

                    1 Reply Last reply Reply Quote 0
                    • M
                      MrEmbedded
                      last edited by

                      Thanks,  I was wondering about this exact thing.  I'll try to get nrpe2 installed on my server and go from there.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.