Monitoring service status

rct

You can add the following to your file according you have setup a command named "check_squid_svc" in the NRPE package.

define service {
        use                            generic-service
        host_name                      pfsense22
        service_description            Squid service
        check_command                  check_nrpe!check_squid_svc
}

rocaembole

thanks!

it shows me an UNKNOWN state

details:

Current Status:	
  UNKNOWN  
 (for 0d 0h 25m 45s)
Status Information:	(No output returned from plugin)
NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad (nagios@nagios.org)
Version: 2.15
Last Modified: 09-06-2013
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required
\nUsage: check_nrpe -H <host>[ -b <bindaddr>] [-4] [-6] [-n] [-u] [-p <port>] [-t <timeout>] [-c <command></command>] [-a <arglist...>]
\nOptions:
-h = Print this short help.
-l = Print licensing information.
-n = Do no use SSL
-u = Make socket timeouts return an UNKNOWN state instead of CRITICAL
 <host>= The address of the host running the NRPE daemon
 <bindaddr>= bind to local address
-4 = user ipv4 only
-6 = user ipv6 only
[port] = The port on which the daemon is running (default=5666)
[timeout] = Number of seconds before connection times out (default=10)
[command] = The name of the command that the remote daemon should run
[arglist] = Optional arguments that should be passed to the command. Multiple
arguments should be separated by a space. If provided, this must be
the last option supplied on the command line.
\nNote:
This plugin requires that you have the NRPE daemon running on the remote host.
You must also have configured the daemon to associate a specific plugin command
with the [command] option you are specifying here. Upon receipt of the
[command] argument, the NRPE daemon will run the appropriate plugin command and
send the plugin output and return code back to *this* plugin. This allows you
to execute plugins on remote hosts and 'fake' the results to make Nagios think
the plugin is being run locally.
\n
Performance Data:	
Current Attempt:	4/4  (HARD state)
Last Check Time:	2015-06-18 12:50:08
Check Type:	ACTIVE
Check Latency / Duration:	0.085 / 0.005 seconds
Next Scheduled Check:  	2015-06-18 12:55:08
Last State Change:	2015-06-18 12:27:08
Last Notification:	2015-06-18 12:30:13 (notification 1)
Is This Service Flapping?	
  NO  
 (5.72% state change)
In Scheduled Downtime?	
  NO  
Last Update:	2015-06-18 12:52:53  ( 0d 0h 0m 0s ago)
Active Checks:	
  ENABLED  
Passive Checks:	
  ENABLED  
Obsessing:	
  ENABLED  
Notifications:	
  ENABLED  
Event Handler:	
  ENABLED  
Flap Detection:	
  ENABLED</bindaddr></host></arglist...></timeout></port></bindaddr></host> 

rocaembole

NOW IS WORKING

TY V M

I'll nat some ports from some clients now.

Thanks for all, again

rct

Ok glad it works for you  :)

ymolinet

Hi,

I'm trying to use your script on my pfsense 2.2.6.
In shell, it's working.
in nrpe, my remote server give me : Could not read output.
Another check on the pfsense using nrpe (check_load, …) are working as fine.

Any suggestions to fix this issue ?

Thanks,
Yannick

rct

No sorry I've had the same problem when I have upgraded my pfSense and I haven't found a way to resolve this issue. :(

ymolinet

a short test with a bash script works as fine.
so it seems that the nagios account use by nrpe don't have rights to execute the php interpreter (/usr/local/bin/php).

rct

I agree it seems to be a security constraint somewhere but I don't know Freebsd and I haven't found why…

If you try to launch
su -m nagios -c "/usr/pbi/nrpe-amd64/libexec/nagios/check_pfsvc squid"
it will work.

But if you launch it throught the nrpe daemon it won't work.
If edit the file to write dumb content (echo 'ok'; exit(0);) it will work.

From my tests it's the call to '/usr/local/sbin/pfSsh.php' that is blocked.

I've tried to launch /usr/local/sbin/pfSsh.php via a shell script configured as a nrpe command and it returns the error code 127 (http://tldp.org/LDP/abs/html/exitcodes.html ?).

I don't know how to debug further...

ymolinet

Yes, I have rewrite the script in shell and I have an error about "/usr/local/sbin/pfSsh.php not found".
so the user nagios has no sufficent right to invoke this command.

rct

If you call your script
sudo -m nagios -c "/path/to/your/script"
I think it will work so it's more like if the nrpe service has not access to this file (may be it is jailed or there something else).

ymolinet

I think nagios account is jailed.