Nagios & NRPE插件连接被拒绝

Question

当我从Nagios Server运行NRPE检查时，我面临连接问题。“连接被拒绝”。

环境：- Nagios Server - Linux Centos 7客户端

从客户端看，似乎是有用的：

[root@client nagios]# systemctl status nrpe
? nrpe.service - Nagios Remote Program Executor
   Loaded: loaded (/usr/lib/systemd/system/nrpe.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2019-10-13 14:06:55 GMT; 26s ago
     Docs: http://www.nagios.org/documentation
  Process: 4024 ExecStopPost=/bin/rm -f /var/run/nrpe/nrpe.pid (code=exited, status=0/SUCCESS)
 Main PID: 4027 (nrpe)
   CGroup: /system.slice/nrpe.service
           +-4027 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f

Oct 13 14:06:55 client systemd[1]: Started Nagios Remote Program Executor.
Oct 13 14:06:55 client systemd[1]: Starting Nagios Remote Program Executor...
Oct 13 14:06:55 client nrpe[4027]: Starting up daemon
Oct 13 14:06:55 client nrpe[4027]: Server listening on 127.0.0.1 port 5666.
Oct 13 14:06:55 client nrpe[4027]: Warning: Daemon is configured to accept command arguments from clients!
Oct 13 14:06:55 client nrpe[4027]: Listening for connections on port 5666
Oct 13 14:06:55 client nrpe[4027]: Allowing connections from: 127.0.0.1,<SERVER IP>
[root@client nagios]#
[root@client nagios]# ps aux | grep nrpe
nrpe       4027  0.0  0.0  44824  2732 ?        Ss   14:06   0:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -f
root       4135  0.0  0.0 112648   948 pts/3    S+   14:07   0:00 grep --color=auto nrpe
[root@client nagios]#
[root@client nagios]# /usr/lib64/nagios/plugins/check_nrpe -H 127.0.0.1
NRPE v3.2.1
[root@client nagios]#
[root@client nagios]# netstat -tulpn |grep 5666
tcp        0      0 127.0.0.1:5666          0.0.0.0:*               LISTEN      4027/nrpe
[root@client nagios]#

来自服务器端：

[root@server var]# systemctl is-active nagios
active
[root@server var]# /usr/lib64/nagios/plugins/check_nrpe -H <CLIENT IP> -p 5666
connect to address <CLIENT IP> port 5666: Connection refused
connect to host <CLIENT IP> port 5666: Connection refused[root@server var]#
[root@server var]# telnet <CLIENT IP> 5666
Trying <CLIENT IP>...
telnet: connect to address <CLIENT IP>: Connection refused
[root@server var]# tcptraceroute <CLIENT IP> 5666
traceroute to <CLIENT IP> (<CLIENT IP>), 30 hops max, 60 byte packets
 1  <CLIENT IP> (<CLIENT IP>) <rst,ack>  0.247 ms  0.248 ms  0.232 ms
[root@server var]# nmap <CLIENT IP> -Pn -p 5666

Starting Nmap 6.40 ( http://nmap.org ) at 2019-10-13 16:11 CEST
Nmap scan report for <CLIENT IP>
Host is up (0.00087s latency).
PORT     STATE  SERVICE
5666/tcp closed nrpe
MAC Address: 50:6B:8D:2C:70:90 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.41 seconds
[root@server var]#

NMAP命令输出对我来说很奇怪，为什么会关闭？

我注意到Firewalld服务因故障排除原因而停止。

这可能是更多的网络原因，但我需要帮助:)

杰里米

Answer 1

日志显示了以下内容：

10月13日14:06:55客户机nrpe4027:服务器监听127.0.0.1端口5666。

如果服务器正在侦听本地主机IP地址(127.0.0.1)，则只能接受来自同一服务器的端口5666上的连接。如果尝试从另一台服务器连接，则连接将失败。

Answer 2

尝试打开客户端和远程服务器中的端口，这个问题与安全组有关，请尝试在两个系统中使用ping命令，并告诉我输出结果。