Strange the way I was continuously blocked by my server for port scanning. Never realized that a tiny little extension of nagios attached to Google Chrome could be this much heart throbbing. Little did I realize that the settings to check for updates set to 1 mins could kick me off from the shell permanently. CSF that keeps a check on intruders found the owner himself to catch this time.
It was really crazy day-by-day and started recreating the issue by hopping into logs, figuring that the request coming back to a specific port on my desktop has been the route cause.
Hey listen, I don’t download things with torrent so often. Then what else that could be bothering so much? The google search points to a harmless creative entertainer on my desktop ‘banshee’s daap plugin and there I go, disabled and even removed the extensions connecting to external world.
No go at all! Here it blocks again. Lets block the incoming port on my desktop. UFW -uff yeah , never used to turn it on before but no go. Put a red signal and say – never come back again. It was just about to scream out louder. Realized that the name that I use to connect no more pings back to my server. It goes on to the cloud and lives for ever on cloud. – Yes, the tiny little change that was made to my domain. CloudFlare has taken over my DNS and I no more control the way my names work.
All that I had to do is to provide the ip instead of random dns name to get off the hook of CSF and continue browsing.
- Finding it funny and not clear – I was in the same condition when I started fixing this issue. You might figure it out little later. Keep reading.
Monitoring servers with RAID controllers is made easy through Nagios and other monitoring systems. Today its quite easy to get an app installed on your mobile and configure it to display critical errors from Nagios to quickly act on. When you’re an in-charge of Infrastructure, monitoring RAID becomes very very critical. While digging around simple ways to monitor Adaptec raid cards, a tiny little piece of script found on Nagios exchange - check-aacraid.py by Anchor Systems.
This script works with the Storage Manager – arcconf installed to manage RAID Cards.
Here is an excerpt from Nagios Exchange on check-aacraid script configuration for your quick reference :-
Check the health of an Adaptec raid controller using /usr/StorMan/arcconf Checks the following: Logical device status, Controller status, Failed & Degraded drives. If the battery is present: Charging status, Est of charge time left, Charge left %. And removes the log file “UcliEvt.log” that is dropped into the CWD when /usr/StorMan/arcconf is run.
Check the health of an Adaptec raid controller using /usr/StorMan/arcconf
Checks the following:
Logical device status
Failed & Degraded drives
If battery present:
Est of charge time left
Charge left %
And removes the log file “UcliEvt.log” that is dropped into the CWD when /usr/StorMan/arcconf is run.
Add this to your “/etc/sudoers” file using visudo "nagios ALL=(root) NOPASSWD: /usr/StorMan/arcconf GETCONFIG 1 *"
## On RHEL & possibly others ##
Disable “Defaults requiretty” in /etc/sudoers otherwise the command will not run via NRPE.
After setting up Nagios server and Client you might find to see some funny status messages. One of which is, “Host not reachable” and you will see all the Nagios clients showing up in RED status though other services are fine in status page.
This can happen due to multiple reasons. First one is obviously related to firewall issue. The other one is bit tricky but related to ping binary which is used by Nagios to ping the ip for check-host-alive status.
Nagios executes the system binaries using nagios user configured during the installation. Hence, such user must have enough privileges to execute the binary. In the above scenario, ping must be executable by the user nagios.
To resolve the issue, I added an execute bit on ping binary as follows:
chmod u+s /bin/ping
Restart or wait for Nagios to check the status of the hosts once again. Now I can see that Nagios shows the correct status of the hosts.