From: Morris, P. <pat...@hp...> - 2010-01-28 17:20:41
|
Jerry Joy wrote: > I'm trying to find out all the ports used by Nagios infrastructure > components in a distributed architecture. The idea is to identify the > firewall changes required for the implementation. As per documentation > and information on web I notice the following ports. Please let me > know if I missed anything > > > Port 80 for Console Access on Primary Nagios server (including web server) > Port 5667 for NSCA on Primary Nagios server > Port 12489 on Windows clients for NSClient++ > Port 5666 on Linux clients for NRPE daemon > > Is there any other port on the Primary Nagios server which is > listening for reports from clients? > Also, is there any port opening required for any port on the > distributed Nagios server which sends reports to the Primary Nagios server Strictly speaking, Nagios does not open *any* network ports. If your setup includes NSCA, NRPE, and NSCLient++ then yes, you need to make sure their ports are open, but that's dependent on your implementation and whether you've installed those add-ons. The same goes for any other services external to Nagios itself (like the front-end web-server, and other network-enabled external components) you may use in your particular setup. I've noted you haven't mentioned any access from the Nagios server to other hosts, which will be necessary if you actually want the Nagios server to be able to check anything on other hosts, but again, that's dependent on your configuration and maybe outbound access from the Nagios machine isn't an issue in your environment. In any case, what ports you need opened to your Nagios server is completely defined by your configuration. There are multiple ways to do a distributed setup, and the ports you'll need will be defined by how you choose to do that. |