Re: [Nagios-users] NSCA 2.7.2 errors

radius.god@gmail.com wrote:
> Running on CentOS5, x86-64.
>
> When attempting to run send_nsca to get data back to one of our
> central Nagios systems, I'm getting these two messages as output:
>
> Error: Server closed connection before init packet was received
> Error: Could not read init packet from server
>
> Some searching lead me to these being errors in the source code, but
> I'm no developer and have no idea what's _really_ going on.
>

It isn't necessarily. The fact that it closes the connection prior to receiving even the init packet seems to indicate that the receiving end decides to disallow the connection after having accepted it.

Since nsca doesn't run as root, and since raw socket manipulation only in order to get the sending host's IP address, it's common practice to accept a connection in order to determine who the other end is, and disconnect them if it's not in some whitelist of known accepted connectors.

> I ran tcpdump and compared to when another working machine sends it's
> data. The only thing that appears to be different is that the TCP
> session never gets to a point to pass the HTTP paylod to the NSCA
> daemon.
>

I'm not sure where you got the idea that send_nsca sends HTTP, but it doesn't. Anyways, if the exchange goes something like this, it's pretty obvious that what I wrote above is correct;

3way handshake:
 send_nsca sends SYN
 nsca sends SYN+ACK
 send_nsca sends ACK

immediately followed by EITHER

 nsca sends FIN
 send_nsca sends ACK+FIN
 nsca sends ACK

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.sourceforge.net Links amavis-user cacti-user nagios-users nagiosplug-help snort-announce snort-cvsinfo snort-sigs snort-users Request more information about Pantek

OR

 send_nsca sends RST

>
> As a side note, which *could* be the entire cause of the issue, the
> other machines I have this working on are all CentOS 4.4. Maybe
> something odd with CentOS 5?
>

Different versions of the encryption library, where one end tries to forcibly negotiate a cipher the other end knows nothing about usually causes connection termination.

-- 
Andreas Ericsson                   andreas.ericsson@op5.se
OP5 AB                             www.op5.se
Tel: +46 8-230225                  Fax: +46 8-230231

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >>  
http://get.splunk.com/
_______________________________________________
Nagios-users mailing list
Nagios-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null