Welcome to Pandora FMS Community!

Find answers, ask questions, and connect with our community around the world.

  • TCP SEND & TCP RECIVE

    Posted by ricardo on octubre 10, 2008 at 04:53

    Hola,

    Tengo instalada la versión 2.0 de Pandora FMS, pero no consigo que me funcione ningún modulo de tcp_proc, con datos en TCP SEND y TCP RECIVE.

    El que lleva de ejemplo de check_http, no me funciona con ningún servidor web, tanto apache, como el de un router linksys. He probado copiando la respuesta exacta, al ver que no funcionaba, le he añadido los ^M al final de cada linea.

    Vengo del mundo Nagios, por lo que puede ser que haya algo por ahí que no veo, o que no entiendo, para hacer que funcione como quisiera.

    ricardo replied 16 years, 2 months ago 2 Members · 6 Replies
  • 6 Replies
  • Sancho

    Administrator
    octubre 10, 2008 at 10:22
    2229 Karma points
    Community awards: bulb Bright ideas
    Community rank: tentacle_master_icon Tentacle Master
    Like it
    Up
    0
    Down
    Drop it
    ::

    Pon un ejemplo concreto y te ayudamos a hacer el modulo

  • ricardo

    Member
    octubre 10, 2008 at 10:48
    0 Karma points
    Community rank: tentacle-noob-1 Tentacle noob
    Like it
    Up
    0
    Down
    Drop it
    ::

    Por ejemplo el servidor web de un router linksys

    Yo mando :
    GET / HTTP/1.0

    Y recibo:
    HTTP/1.0 200 OK
    Date: Tue, 30 Nov 1999 00:00:20 GMT
    Server: Embedded HTTP Server.
    Connection: close
    Content-Type: text/html; charset=”ISO-8859-1″

    Connection closed by foreign host.

    Pero si en TCP SEND pongo -> GET / HTTP/1.0^M^M
    Y en el recibe lo mismo que se supone que manda, tanto con los ^M al final de las lineas, como sin ellas.

    Un saludo

  • Sancho

    Administrator
    octubre 10, 2008 at 11:51
    2229 Karma points
    Community awards: bulb Bright ideas
    Community rank: tentacle_master_icon Tentacle Master
    Like it
    Up
    0
    Down
    Drop it
    ::

    En el receive pon simplemente:

    200 OK

    Deberia funcionar.

    Has probado que el servidor de pandora tenga conectividad con el puerto 80 de esa ip ?

  • ricardo

    Member
    octubre 10, 2008 at 12:58
    0 Karma points
    Community rank: tentacle-noob-1 Tentacle noob
    Like it
    Up
    0
    Down
    Drop it
    ::

    Si ha funcionado, muchas gracias 🙂
    ¿Entonces el tcp receive solo lee 1 linea?
    Para poder convertir un par de modulos del nagios a modulo de pandora 🙂

  • Sancho

    Administrator
    octubre 13, 2008 at 09:40
    2229 Karma points
    Community awards: bulb Bright ideas
    Community rank: tentacle_master_icon Tentacle Master
    Like it
    Up
    0
    Down
    Drop it
    ::

    No, funciona con varias lineas, separando envios y respuesta por el caracter |

    Te corto pego de la ayuda que acabo de descubrir que faltaba (la voy a meter ahora mismo):

    TCP Check

    This module just send character strings to destination IP / port, wait for response and optionally match it’s response with a predefined response. If TCP SEND / TCP RCV. fields are emply just check for an open port in destination.

    You can use ^M string to send a carriage return, and also can use a multi request / multi response conversation. Several request and responses are separated with | character.

    Example #1. Checking WEB service

    Just imagine that you want to check that http://www.yahoo.com reply correctly to a HTTP request. Put this in TCP Send:

    GET / HTTP/1.0^M^M

    And this on TCP receive:

    200 OK

    This should give OK if a correct HTTP request is possible.
    Example #2. Checking SSH service

    If you make a telnet to port 22 of a standard service you will see that after connecting they present you a banner like

    SSH-2.0xxxxxxxxxx

    If you type something, like “none” and press enter, they reply you the following string and close socket:

    Protocol mismatch

    So to “code” this conversation in a Pandora FMS TCP module, you need to put in TCP Send:

    |none^M

    And put in TCP Receive:

    SSH-2.0|Protocol mismatch
    Example #3. Checking a SMTP service

    This is sample SMTP conversation:

    R: 220 mail.supersmtp.com Blah blah blah
    S: HELO myhostname.com
    R: 250 myhostname.com
    S: MAIL FROM:
    R: 250 OK
    S: RCPT TO:
    R: 250 OK
    S: DATA
    R: 354 Start mail input; end with .
    S: …….your mail here……..
    S: .
    R: 250 OK
    S: QUIT
    R: 221 mail.supersmtp.com Service closing blah blah blah

    So if you want to check the first steps of conversation, the fields will be:

    TCP SEND : HELO myhostname.com^M|MAIL FROM: ^M| RCPT TO: ^M

    TCP SEND : 250|250|250

    If the first three steps of connections are “OK” then the SMTP seems to be ok, don’t need to send a real mail (could be done, whatever!). This is a powerful TCP service checker that could be used to verify any TCP plain text service.

  • ricardo

    Member
    octubre 13, 2008 at 12:00
    0 Karma points
    Community rank: tentacle-noob-1 Tentacle noob
    Like it
    Up
    0
    Down
    Drop it
    ::

    Muchas gracias otra vez 🙂