CHECK_NRPE gives me the following error:
[root#localhost libexec]# ./check_nrpe -H 172.30.85.218
CHECK_NRPE: Error - Could not connect to 172.30.85.218: Connection reset by peer
I dont see what is the problem here. I tried the installation several times. Firewall is off, but that shouldn't be the problem. Haven't found the error anywhere else. What am I missing? Thanks
vi /usr/local/nagios/etc/nrpe.cfg
allowed_hosts=127.0.0.1,172.30.85.218,172.30.85.210
server_address=172.30.85.218/23
/etc/xinetd.d/nrpe
service nrpe
{
disable = no
flags = REUSE
type = UNLISTED
port = 5666
socket_type = stream
wait = no
user = nagios
group = nagios
server = /usr/sbin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
only_from = 127.0.0.1, 172.30.85.218
}
[root#localhost libexec]# netstat -at | egrep "nrpe|5666"
tcp 0 0 0.0.0.0:nrpe 0.0.0.0:* LISTEN
tcp6 0 0 [::]:nrpe [::]:* LISTEN
Related
I am learning routing with tuntap interfaces... and I had created a tun0 interface and configured Ip address with ifconfig command on different subnet and adding the gateway with ip route command and I have also used masquerading rule ...
my doubt is can i ping with tuntap interface or they are only used to route the traffic or something I don't know about these interface or may be misconfiguration..
May be this question sounds me new bie and I am but give please give me correct direction..
Ok Gerhardh,
Edit: I had created tun dev like this:
int tun_dev_alloc()
{
struct ifreq ifr;
int tun_dev_fd , ioctl_err;
if((tun_dev_fd = open("/dev/net/tun",O_RDWR)) < 0)
{
perror("Can't open /dev/net/tun");
return tun_dev_fd;
}
memset(&ifr,0,sizeof(ifr));
ifr.ifr_flags = IFF_TUN | IFF_NO_PI;
strncpy(ifr.ifr_name,TUN_DEV,IFNAMSIZ);
if((ioctl_err = ioctl(tun_dev_fd, TUNSETIFF, (void*) &ifr)) < 0)
{
perror("ioctl[TUNSETIFF]");
close(tun_dev_fd);
return ioctl_err;
}
return tun_dev_fd;
}
configuration of this tun0 device:
$sudo ifconfig tun0 10.0.3.4/24 mtu 1500 up
$sudo ip route add default gateway via 10.0.3.10 dev tun0
$sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
and ping response now:
ping 8.8.8.8 -I tun0
ping: Warning: source address might be selected on device other than tun0.
PING 8.8.8.8 (8.8.8.8) from 10.0.2.15 tun0: 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
20 packets transmitted, 0 received, 100% packet loss, time 1028ms
Any help would be appreciated...
Standard network interfaces have a piece of hardware behind them (a network card).
Tuntap don't:
https://www.kernel.org/doc/Documentation/networking/tuntap.txt
tl;dr: packets sent to a tuntap interface are handed over to a user-space program for processing. This program takes on the role of the network card in some way (example: openvpn). Unless there is a program taking packets out of the device and doing something meaningful with them, they will vanish into the void (like a network card with a disconnected cable).
I try to debug a react application using VSCode's debugging "capabilities", so far with a quick web search I found many resources claiming on how to do that using VSCode's debugger for Crome such as:
https://hackernoon.com/debugging-react-like-a-champ-with-vscode-66281760037
https://medium.com/#auchenberg/live-edit-and-debug-your-react-apps-directly-from-vs-code-without-leaving-the-editor-3da489ed905f
But I cannot find a way to do that with firefox. So far I installed "Debugger for firefox" on the VSCode and I put the following debugging options:
{
"version": "0.2.0",
"configurations": [
{
"name": "Debug app",
"type": "firefox",
"request": "attach"
}
]
}
And I run as per documentation states:
firefox -start-debugger-server -no-remote
And I try to intitialize the debug process over the VSCode, when I do that I get the error:
connect ECONNREFUSED 127.0.0.1:6000
Tha thew error can be confirmed over my GNU/Linux machine running the following command
netstat -ntlp
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:37893 0.0.0.0:* LISTEN 9368/node
tcp 0 0 0.0.0.0:27017 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:139 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:9333 0.0.0.0:* LISTEN 10924/code
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN -
tcp 0 0 10.42.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 6732/node
tcp 0 0 127.0.0.1:3001 0.0.0.0:* LISTEN 6784/mongod
tcp 0 0 0.0.0.0:3002 0.0.0.0:* LISTEN 11168/node
tcp 0 0 0.0.0.0:445 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:20256 0.0.0.0:* LISTEN 9368/node
tcp6 0 0 :::9090 :::* LISTEN 11340/node
tcp6 0 0 :::139 :::* LISTEN -
tcp6 0 0 ::1:631 :::* LISTEN -
tcp6 0 0 :::445 :::* LISTEN -
So I am asking on how can I use the VSCode's debugging capabilities on a React app created with react-create-app and running via npm start commands using firefox?
Edit 1
For some reason over the currently running firefox instance I get the error:
[Parent 13358, Gecko_IOThread] WARNING: pipe error (173): Η σύνδεση έκλεισε από το ταίρι: file /build/firefox-JSAO4L/firefox-57.0.3+build1/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 353
Do you haqve any idea why firefgox closes the debugger?
The mentioned plugin has the following github prepository:
https://github.com/hbenl/vscode-firefox-debug
Also if you look over the documentation better it states to do apply the following configuration over firefox in order to enable the debugging:
The changes above can get applied via typing about:config to your browser's address bar.
Afterwards in order to debug just use the configuration on vscode:
{
"version": "0.2.0",
"configurations": [
{
"name": "Debug app",
"type": "firefox",
"request": "attach"
}
]
}
Now each time you want to debug an application just run over the terminal:
firefox -start-debugger-server -no-remote
Select over the VSCode the "Debug" option and select the options as the image shows:
In my case it helped increasing the timeout to 30000 (otherwise Firefox simply does not have not enough time to start... ):
"configurations": [
{
..............,
"timeout": 30000
},
I am trying to receive a trap generated by a cisco router on my VM- Ubuntu 14.04. I can do a snmwalk so I guess snmp is working fine but I am not able to receive the traps generated by router on my VM.
a#ubuntu:~$ sudo /etc/init.d/snmpd restart
* Restarting network management services:
a#ubuntu:~$ sudo /etc/init.d/snmpd status
* snmpd is running
* snmptrapd is running
Here is what I have inside files-
/etc/default/snmpd-
export MIBS=
SNMPDRUN=yes
SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'
TRAPDRUN=yes
# snmptrapd options (use syslog).
TRAPDOPTS='-n -On -t -Lsd -p /var/run/snmptrapd.pid'
/etc/snmp/-
snmpd.conf-
rocommunity public
snmptrapd.conf-
disableAuthorization yes
snmp.conf-
mibs:
The command I am running for viewing the traps on VM-
a#ubuntu:/etc/snmp$ sudo snmptrapd -f -Lo -c snmptrapd.conf
couldn't open udp:162 -- errno 98 ("Address already in use")
I am confused since the port is being used by snmptrap itself-
a#ubuntu:~$ cat /etc/services|grep 162
snmp-trap 162/tcp snmptrap # Traps for SNMP
snmp-trap 162/udp snmptrap
a#ubuntu:~$ sudo netstat -lnp| grep 162
udp 0 0 0.0.0.0:162 0.0.0.0:* 6216/snmptrapd
a#ubuntu:~$ ps -ef | grep snmptrapd
root 6216 2076 0 10:43 ? 00:00:00 /usr/sbin/snmptrapd -Lsd -p /var/run/snmptrapd.pid
a 6493 2667 0 11:47 pts/8 00:00:00 grep --color=auto snmptrapd
Generating a trap from windows using SnmpTrapGen.exe leads to the same error.
Is there any way of solving this issue? I have googled a lot and stuck on this for days, any help will be very much appreciated.
Thanks a lot in advance!!
Port 162 can listen only with an application. If you get this error , you have an app already running which listens port 162 , those can be snmptrapd service or your own application for snmp traps. You should close one of the applications.
I'm trying to run my tests using Selenium docker,
I have a local grunt server running on port 9000, I' launched the following selenium docker:
docker run -d -p 4444:4444 -p 5900:5900 selenium/standalone-chrome-debug
Then I've launched my tests (using Capybara) and opened VNC to watch the tests, but all I get is chrome messgae "This site can’t be reached".
cabybara.rb:
isWindows = (/cygwin|mswin|mingw|bccwin|wince|emx/ =~ RUBY_PLATFORM) != nil
require 'capybara/rspec'
require 'capybara'
require 'capybara/dsl'
require_relative 'sinatra_proxy'
require 'selenium/webdriver'
require 'selenium/webdriver/remote/http/curb' if !isWindows
Capybara.register_driver :selenium_chrome do |app|
http_client = isWindows ? nil : Selenium::WebDriver::Remote::Http::Curb.new
options = {
http_client: http_client,
browser: :chrome,
# service_log_path: 'chromedriver.out', # Enable Selenium logs
switches: ["--disable-web-security", '--user-agent="Chrome under Selenium for Capybara"']
}
options[:url] = "http://172.17.0.2:4444/wd/hub"
Capybara::Selenium::Driver.new app, options
end
Capybara.default_driver = :selenium_chrome
Capybara.app = SinatraProxy.new
Capybara.app_host = "http://127.0.0.1:9000"
Capybara.server_host = '0.0.0.0'
ip addr show docker0
ip addr show docker0
6: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:22:ec:65:9e:f1 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe40::42:ecdd:fe73:9ef4/64 scope link
valid_lft forever preferred_lft forever
Needed to be the IP of docker host, used:
ip route show | grep docker0 | awk '{print $9}'
for Capybara.app_host (DOCKER_HOST_IP:PORT) and Capybara.server_host (DOCKER_HOST_IP)
Use:
Capybara.app_host = "http://yourhostip:9000"
not localhost. For docker container localhost is itself.
Also I recommend not calling docker by its internal ip just use:
options[:url] = "http://localhost:4444/wd/hub"
But first solve the former problem
Regards
I'm trying to diagnose a problem with the OpenSIPS ( a SIP proxy ) application.
When sending two different UDP packets to the same IP and port, one call fails with -1 EPERM (Operation not permitted) whilst the other is fine.
Both of the calls are made from the same process ( at least the same PID ).
The code in question is on github.
Here's the strace output:
strace -e sendto
sendto(7, "SIP/2.0 100 Giving a try\r\nVia: S"..., 315, 0, {sa_family=AF_INET, sin_port=htons(5060), sin_addr=inet_addr("yyy.yyy.yyy.yyy")}, 16) = 315
sendto(7, "INVITE sip:myHomeDesktop#xxx"..., 1253, 0, {sa_family=AF_INET, sin_port=htons(5060), sin_addr=inet_addr("xxx.xxx.xxx.xxx")}, 16) = 1253
sendto(7, "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP"..., 707, 0, {sa_family=AF_INET, sin_port=htons(5060), sin_addr=inet_addr("yyy.yyy.yyy.yyy")}, 16) = -1 EPERM (Operation not permitted)
It turns out that the kernel conntrack modules were dropping the packet, leading to the syscall getting the EPERM error and not sending the packets.
I found this after looking at the syslog and finding:
May 26 10:59:45 localhost kernel: nf_ct_sip: dropping packet: cannot add expectation for voice
I was completely unaware that I was using the sip conntrack module, and it's not dynamically loaded on my system (lsmod shows blank).
I circumvented the problem by turning off connection tracking for my SIP traffic with:
iptables -I OUTPUT -t raw -p udp --sport 5060 -j CT --notrack
iptables -I PREROUTING -t raw -p udp --dport 5060 -j CT --notrack